sunet-cdn/cdn-ops
2
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Install certificate files

Browse source
This commit is contained in:
Patrik Lundin 2024-10-11 11:38:58 +02:00
parent 3df9990cdc
commit 88e3771f6e
Signed by: patlu
GPG key ID: A0A812BA2249F294
2 changed files with 29 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
global/overlay/etc/puppet/modules/cdn/manifests/cache.pp
View file

@ -70,6 +70,34 @@ class cdn::cache(
mode => '0750', mode => '0750',
} }
file { "/opt/sunet-cdn/customers/$customer/certs-private":
ensure => directory,
owner => $customer_uid,
group => $customer_uid,
mode => '0750',
}
$combined_pem = "/opt/sunet-cdn/customers/$customer/certs-private/combined.pem"
concat { $combined_pem:
ensure => present,
owner => $customer_uid,
group => $customer_uid,
mode => '0640'.
}
concat::fragment { "$customer-fullchain-${$cache_secrets['customers'][$customer]['host']}":
target => $combined_pem,
source => "/etc/letsencrypt/live/$cache_secrets['customers'][$customer]['host']/fullchain.pem",
order => '01'
}
concat::fragment { "$customer-privkey-${$cache_secrets['customers'][$customer]['host']}":
target => $combined_pem,
source => "/etc/letsencrypt/live/$cache_secrets['customers'][$customer]['host']/privkey.pem",
order => '02'
}
file { "/opt/sunet-cdn/customers/$customer/conf/haproxy.cfg": file { "/opt/sunet-cdn/customers/$customer/conf/haproxy.cfg":
ensure => file, ensure => file,
owner => $customer_uid, owner => $customer_uid,

2
global/overlay/etc/puppet/modules/cdn/templates/cache/haproxy.cfg.erb vendored
View file

@ -29,7 +29,7 @@ defaults
frontend customer frontend customer
bind <%= @customer_ip %>:80 bind <%= @customer_ip %>:80
bind <%= @customer_ip %>:443 ssl crt /certs-private/customer.pem bind <%= @customer_ip %>:443 ssl crt /certs-private/combined.pem
default_backend varnish default_backend varnish
backend varnish backend varnish