Skip to content
Snippets Groups Projects
Commit a9a5a117 authored by Hugo Hörnquist's avatar Hugo Hörnquist
Browse files

Setup certbot.

parent fd1ee3ba
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 24 additions and 0 deletions
manifests/setup.pp
+ 24
0
View file @ a9a5a117
...@@ -76,6 +76,30 @@ class irc_bouncer::setup { ...@@ -76,6 +76,30 @@ class irc_bouncer::setup {
args => ['saslauthd'], args => ['saslauthd'],
} }
class { '::letsencrypt::plugin::dns2136':
server => 'ns-master.lysator.liu.se',
keyname => 'verdigris.lysator.liu.se',
key_algorithm => 'HMAC-SHA256',
key_secret => 'YHR7/5gOkdPF64GwWRu6Ge8jcjz8siqCWIy/G8FsVzw=',
propagation_seconds => 10,
manage_package => true,
}
-> letsencrypt::certonly { $servername:
ensure => 'present',
domains => [ $servername, ],
plugin => 'dns-rfc2136'
}
# Allow world to read our certificates so znc can access them.
# In theory slightly unsafe, but noone else should have filesystem
# access.
file { ['/etc/letsencrypt/live',
'/etc/letsencrypt/archive', ]:
ensure => directory,
mode => '0755',
}
# exec { 'znc make pem': # exec { 'znc make pem':
# command => 'znc --datadir=/var/lib/znc --makepem', # command => 'znc --datadir=/var/lib/znc --makepem',
# path => '/usr/bin:/bin', # path => '/usr/bin:/bin',
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment