# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# limitations under the License.
#
-include_recipe "apache::ssl"
+include_recipe "apache"
keys = data_bag_item("chef", "keys")
-package "certbot"
-package "ruby"
+package %w[
+ certbot
+ ruby
+]
directory "/etc/letsencrypt" do
owner "letsencrypt"
end
certificates = search(:node, "letsencrypt:certificates").each_with_object({}) do |n, c|
- c.merge!(n[:letsencrypt][:certificates])
+ n[:letsencrypt][:certificates].each do |name, details|
+ c[name] ||= details.merge(:nodes => [])
+
+ c[name][:nodes] << { :name => n[:fqdn], :address => n[:ipaddress] }
+ end
end
certificates.each do |name, details|
end
end
+template "/srv/acme.openstreetmap.org/bin/check-certificates" do
+ source "check-certificates.erb"
+ owner "root"
+ group "root"
+ mode 0o755
+ variables :certificates => certificates
+end
+
template "/etc/cron.d/letsencrypt" do
source "cron.erb"
owner "root"