#
-# Cookbook Name:: letsencrypt
+# Cookbook:: letsencrypt
# Recipe:: default
#
-# Copyright 2017, OpenStreetMap Foundation
+# Copyright:: 2017, OpenStreetMap Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
n[:letsencrypt][:certificates].each do |name, details|
c[name] ||= details.merge(:nodes => [])
- c[name][:nodes] << { :name => n[:fqdn], :address => n[:ipaddress] }
+ c[name][:nodes] << {
+ :name => n[:fqdn],
+ :address => n.external_ipaddress || n.internal_ipaddress
+ }
end
end
end
end
+Dir.each_child("/srv/acme.openstreetmap.org/requests") do |name|
+ next if certificates.include?(name)
+
+ file "/srv/acme.openstreetmap.org/requests/#{name}" do
+ action :delete
+ end
+
+ execute "certbot-delete-#{name}" do
+ command "/usr/bin/certbot delete --config-dir /srv/acme.openstreetmap.org/config --work-dir /srv/acme.openstreetmap.org/work --logs-dir /srv/acme.openstreetmap.org/logs --cert-name #{name}"
+ cwd "/srv/acme.openstreetmap.org"
+ user "letsencrypt"
+ group "letsencrypt"
+ end
+end
+
template "/srv/acme.openstreetmap.org/bin/check-certificates" do
source "check-certificates.erb"
owner "root"