diff options
| author | elijah <elijah@riseup.net> | 2017-05-26 16:41:51 -0700 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2017-05-30 17:21:52 -0400 |
| commit | 1e463c6638a05a237d660f458f5a147353be3fc1 (patch) | |
| tree | 66eb49ffa0c44882d8a380795bbaa36003907911 /puppet | |
| parent | 2533f6f978bd3f0ee8187ee8827eb94b7e696377 (diff) | |
static - support for renewing certs with let's encrypt for static sites
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/modules/site_static/manifests/domain.pp | 13 | ||||
| -rw-r--r-- | puppet/modules/site_static/templates/apache.conf.erb | 10 |
2 files changed, 17 insertions, 6 deletions
diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp index 6cf2c653..e456c94e 100644 --- a/puppet/modules/site_static/manifests/domain.pp +++ b/puppet/modules/site_static/manifests/domain.pp @@ -1,25 +1,30 @@ # configure static service for domain define site_static::domain ( - $ca_cert, + $ca_cert=undef, $key, $cert, $tls_only=true, $use_hidden_service=false, $locations=undef, $aliases=undef, - $apache_config=undef) { + $apache_config=undef, + $www_alias=false) { $domain = $name $base_dir = '/srv/static' - $cafile = "${cert}\n${ca_cert}" + if ($ca_cert) { + $certfile = "${cert}\n${ca_cert}" + } else { + $certfile = $cert + } if is_hash($locations) { create_resources(site_static::location, $locations) } x509::cert { $domain: - content => $cafile, + content => $certfile, notify => Service[apache] } x509::key { $domain: diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb index dd04ca43..eb21e4c9 100644 --- a/puppet/modules/site_static/templates/apache.conf.erb +++ b/puppet/modules/site_static/templates/apache.conf.erb @@ -80,7 +80,9 @@ ## <VirtualHost 127.0.0.1:80> ServerName <%= @tor_domain %> +<%- if @www_alias -%> ServerAlias www.<%= @tor_domain %> +<%- end -%> <IfModule mod_headers.c> Header set X-Frame-Options "deny" @@ -102,7 +104,9 @@ ## <VirtualHost *:80> ServerName <%= @domain %> - ServerAlias www.<%= @domain %> +<%- if @www_alias -%> + ServerAlias www.<%= @tor_domain %> +<%- end -%> <%- @aliases && @aliases.each do |domain_alias| -%> ServerAlias <%= domain_alias %> <%- end -%> @@ -122,7 +126,9 @@ ## <VirtualHost *:443> ServerName <%= @domain %> - ServerAlias www.<%= @domain %> +<%- if @www_alias -%> + ServerAlias www.<%= @tor_domain %> +<%- end -%> <%- @aliases && @aliases.each do |domain_alias| -%> ServerAlias <%= domain_alias %> <%- end -%> |