diff options
-rw-r--r-- | modules/certbot/files/generate-pfx | 6 | ||||
-rw-r--r-- | modules/certbot/manifests/init.pp | 8 |
2 files changed, 13 insertions, 1 deletions
diff --git a/modules/certbot/files/generate-pfx b/modules/certbot/files/generate-pfx new file mode 100644 index 0000000..62d2258 --- /dev/null +++ b/modules/certbot/files/generate-pfx @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +cd "$RENEWED_LINEAGE" +openssl pkcs12 -export -out identity.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem diff --git a/modules/certbot/manifests/init.pp b/modules/certbot/manifests/init.pp index 39102ff..917e8a6 100644 --- a/modules/certbot/manifests/init.pp +++ b/modules/certbot/manifests/init.pp @@ -31,10 +31,16 @@ class certbot($config_dir=undef) { "${_config_dir}/renewal-hooks/deploy": ensure => directory, require => File["${_config_dir}/renewal-hooks"]; - "${_config_dir}/renewal-hooks/deploy/reload-cert": + "${_config_dir}/renewal-hooks/deploy/00-generate-pfx": + source => 'puppet:///modules/certbot/generate-pfx', + mode => '0755', + require => File["${_config_dir}/renewal-hooks/deploy"]; + "${_config_dir}/renewal-hooks/deploy/10-reload-cert": source => 'puppet:///modules/certbot/reload-cert', mode => '0755', require => File["${_config_dir}/renewal-hooks/deploy"]; + "${_config_dir}/renewal-hooks/deploy/reload-cert": + ensure => absent; "/usr/local/bin/bootstrap-certbot": source => 'puppet:///modules/certbot/bootstrap-certbot', mode => '0755'; |