From c00c7b81b8d9858703377a900baf64e28aca692a Mon Sep 17 00:00:00 2001
From: Henrik Henriksson <hx@hx.ax>
Date: Tue, 7 May 2019 19:45:27 +0200
Subject: [PATCH] Automatically update ssl-certificates

---
 modules/insidan/manifests/certificates.pp   |  8 +++++---
 modules/insidan/manifests/openproject.pp    |  3 +--
 modules/wordpress/manifests/certificates.pp | 19 +++++++++++++++++++
 modules/wordpress/manifests/init.pp         | 18 ++++--------------
 4 files changed, 29 insertions(+), 19 deletions(-)
 create mode 100644 modules/wordpress/manifests/certificates.pp

diff --git a/modules/insidan/manifests/certificates.pp b/modules/insidan/manifests/certificates.pp
index 06ddbf2..37e4664 100644
--- a/modules/insidan/manifests/certificates.pp
+++ b/modules/insidan/manifests/certificates.pp
@@ -6,10 +6,12 @@ class insidan::certificates {
   letsencrypt::certonly { 'insidan.holgerspexet.se':
     domains => [ 'insidan.holgerspexet.se',
                  'holgerspexet.lysator.liu.se',
-                 'holgerspexet.se',
-                 'www.holgerspexet.se',
                ],
+    manage_cron => true,
     suppress_cron_output => true,
-    cron_success_command => '/bin/systemctl restart nginx',
+    cron_hour  => '4',
+    cron_minute => '13',
+    pre_hook_commands => ['/bin/systemctl stop nginx',],
+    post_hook_commands => ['/bin/systemctl restart nginx',],
   }
 }
diff --git a/modules/insidan/manifests/openproject.pp b/modules/insidan/manifests/openproject.pp
index c441a34..0497382 100644
--- a/modules/insidan/manifests/openproject.pp
+++ b/modules/insidan/manifests/openproject.pp
@@ -41,10 +41,9 @@ class insidan::openproject {
   
 
 
-
-
   # Setup Nginx
   nginx::resource::server { 'insidan.holgerspexet.se':
+    require => [ Class['::insidan::certificates'], ],
     server_name => ['insidan.holgerspexet.se'],
     proxy => 'http://localhost:6000',
 
diff --git a/modules/wordpress/manifests/certificates.pp b/modules/wordpress/manifests/certificates.pp
new file mode 100644
index 0000000..b31f7ca
--- /dev/null
+++ b/modules/wordpress/manifests/certificates.pp
@@ -0,0 +1,19 @@
+class wordpress::certificates {
+    class { '::letsencrypt':
+    email => 'hx@hx.ax', # Putting in my personal email for now
+  }
+
+  letsencrypt::certonly { 'holgerspexet.se':
+    domains => [ 'holgerspexet.se',
+                 'holgerspexet-public.lysator.liu.se',
+                 'www.holgerspexet.se',
+               ],
+    manage_cron => true,
+    suppress_cron_output => true,
+    cron_hour  => '4',
+    cron_minute => '17',
+    pre_hook_commands => ['/bin/systemctl stop apache',],
+    post_hook_commands => ['/bin/systemctl restart apache || true',],
+    # '||true' for initial bootstrap. pls fix
+  }
+}
diff --git a/modules/wordpress/manifests/init.pp b/modules/wordpress/manifests/init.pp
index 7a1735c..128ede5 100644
--- a/modules/wordpress/manifests/init.pp
+++ b/modules/wordpress/manifests/init.pp
@@ -7,9 +7,12 @@ class wordpress {
     ensure => directory,
   }
 
+  include wordpress::certificates;
+
   class { 'apache':
     default_vhost => false,
     mpm_module    => 'prefork',
+    require => [ Class['::wordpress::certificates'], ],
   }
 
   include apache::mod::rewrite
@@ -66,18 +69,5 @@ class wordpress {
     redirect_status => 'permanent',
     redirect_dest => 'https://dev.holgerspexet.se',
   }
-
-
-  class { '::letsencrypt':
-    email => 'hx@hx.ax', # Putting in my personal email for now
-  }
-
-  letsencrypt::certonly { 'holgerspexet.se':
-    domains => [ 'holgerspexet.se',
-                 'holgerspexet-public.lysator.liu.se',
-                 'www.holgerspexet.se',
-               ],
-    suppress_cron_output => true,
-    cron_success_command => '/bin/systemctl restart nginx',
-  }
 }
+
-- 
GitLab