From 8db53dcf334af1bd9077c6b2e5f99c7b8f2f2985 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Fri, 21 Jul 2017 16:24:35 +0100 Subject: [PATCH] re-ordering --- manifests/certbot/config.pp | 110 +++++++++++++++++++----------------- 1 file changed, 59 insertions(+), 51 deletions(-) diff --git a/manifests/certbot/config.pp b/manifests/certbot/config.pp index 0963470..3027474 100644 --- a/manifests/certbot/config.pp +++ b/manifests/certbot/config.pp @@ -25,62 +25,70 @@ class cd_nagios::certbot::config ( ) inherits cd_nagios::params { if $::fqdn == $ng_nagios_server { - if $ng_enable_certbot == true { + if $ng_use_https == true { + if $ng_enable_certbot == true { - require cd_certbot + require cd_certbot - # ensure there is no forward vhost file + # ensure there is no forward vhost file - exec { 'remove forward vhost': - command => "rm -Rf ${ng_forward_conf}", - creates => '/etc/httpd/conf.d/.cert_created', + exec { 'remove_forward_vhost': + command => "rm -Rf ${ng_forward_conf}", + creates => '/etc/httpd/conf.d/.cert_created', + } + + # create temp vhost file + + exec { 'create_temp_vhost': + command => template('cd_nagios/certbot/create_tempfile.erb'), + cwd => '/tmp', + path => ['/bin','/usr/bin'], + provider => 'shell', + creates => '/etc/httpd/conf.d/.created', + notify => Service['httpd'], + require => Exec['remove_forward_vhost'], + } + + # create cert + + exec { 'create_cert': + command => template($ng_get_cert_erb), + cwd => '/tmp', + path => ['/bin','/usr/bin'], + provider => 'shell', + unless => template('cd_nagios/certbot/unless_get_cert.erb'), + notify => Service['httpd'], + creates => '/etc/httpd/conf.d/.cert_created', + require => Exec['create_temp_vhost'], + } + + # remove temp_vhost + + exec { 'remove_temp_vhost': + command => "rm -Rf ${ng_certbot_temp_file}", + cwd => '/tmp', + path => ['/bin','/usr/bin'], + provider => 'shell', + notify => Service['httpd'], + require => Exec['create_cert'], + creates => "/etc/letsencrypt/live/${ng_nagios_server}/cert.pem", + } + + # renew certs + + exec { 'renew_cert': + command => 'certbot renew', + cwd => '/tmp', + path => ['/bin','/usr/bin','/opt/'], + provider => 'shell', + notify => Service['httpd'], + unless => template($ng_unless_renew_erb), + } } + } - # create temp vhost file - - exec { 'create_temp_vhost': - command => template('cd_nagios/certbot/create_tempfile.erb'), - cwd => '/tmp', - path => ['/bin','/usr/bin'], - provider => 'shell', - creates => '/etc/httpd/conf.d/.created', - notify => Service['httpd'], - } - - # create cert - - exec { 'create_cert': - command => template($ng_get_cert_erb), - cwd => '/tmp', - path => ['/bin','/usr/bin'], - provider => 'shell', - unless => template('cd_nagios/certbot/unless_get_cert.erb'), - notify => Service['httpd'], - creates => '/etc/httpd/conf.d/.cert_created', - } - - # remove temp_vhost - - exec { 'remove_temp_vhost': - command => "rm -Rf ${ng_certbot_temp_file}", - cwd => '/tmp', - path => ['/bin','/usr/bin'], - provider => 'shell', - notify => Service['httpd'], - require => Exec['create_cert'], - creates => "/etc/letsencrypt/live/${ng_nagios_server}/cert.pem", - } - - # renew certs - - exec { 'renew_cert': - command => 'certbot renew', - cwd => '/tmp', - path => ['/bin','/usr/bin','/opt/'], - provider => 'shell', - notify => Service['httpd'], - unless => template($ng_unless_renew_erb), - } + else { + # do nothing as we are not using https and certbot is not required then } } }