X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/141871be7be50fe092cef6c84cfc84f2393c3545..3a54ecf08f7466a7223ffe8860d1578800027e36:/cookbooks/ssl/resources/certificate.rb diff --git a/cookbooks/ssl/resources/certificate.rb b/cookbooks/ssl/resources/certificate.rb index 116c2bd4d..f2fb4784c 100644 --- a/cookbooks/ssl/resources/certificate.rb +++ b/cookbooks/ssl/resources/certificate.rb @@ -17,6 +17,8 @@ # limitations under the License. # +unified_mode true + default_action :create property :certificate, String, :name_property => true @@ -24,7 +26,7 @@ property :domains, [String, Array], :required => [:create] action :create do node.default[:letsencrypt][:certificates][new_resource.certificate] = { - :domains => Array(new_resource.domains) + :domains => domains } if letsencrypt @@ -53,7 +55,7 @@ action :create do force_unlink true end else - alt_names = new_resource.domains.collect { |domain| "DNS:#{domain}" } + alt_names = domains.collect { |domain| "DNS:#{domain}" } openssl_x509_certificate "/etc/ssl/certs/#{new_resource.certificate}.pem" do key_file "/etc/ssl/private/#{new_resource.certificate}.key" @@ -62,7 +64,7 @@ action :create do mode "640" org "OpenStreetMap" email "operations@osmfoundation.org" - common_name new_resource.domains.first + common_name domains.first subject_alt_name alt_names extensions "keyUsage" => { "values" => %w[digitalSignature keyEncipherment], "critical" => true }, "extendedKeyUsage" => { "values" => %w[serverAuth clientAuth], "critical" => true } @@ -84,4 +86,8 @@ action_class do def letsencrypt @letsencrypt ||= search(:letsencrypt, "id:#{new_resource.certificate}").first end + + def domains + Array(new_resource.domains) + end end