X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/6ceead753013521ceffc22bea1cd1bcf5b5ec8d6..828106968b104d9a74f87dfabd724ad7e8e1cf5b:/cookbooks/letsencrypt/recipes/default.rb

diff --git a/cookbooks/letsencrypt/recipes/default.rb b/cookbooks/letsencrypt/recipes/default.rb
index ad738a94e..3e492f6af 100644
--- a/cookbooks/letsencrypt/recipes/default.rb
+++ b/cookbooks/letsencrypt/recipes/default.rb
@@ -20,13 +20,11 @@
 include_recipe "accounts"
 include_recipe "apache"
 include_recipe "chef::knife"
+include_recipe "ruby"
 
 keys = data_bag_item("chef", "keys")
 
-package %w[
-  certbot
-  ruby
-]
+package "certbot"
 
 directory "/etc/letsencrypt" do
   owner "letsencrypt"
@@ -116,6 +114,13 @@ remote_directory "/srv/acme.openstreetmap.org/bin" do
   files_mode "755"
 end
 
+template "/srv/acme.openstreetmap.org/bin/upload" do
+  source "upload.erb"
+  owner "root"
+  group "root"
+  mode "755"
+end
+
 directory "/srv/acme.openstreetmap.org/requests" do
   owner "root"
   group "root"
@@ -168,6 +173,13 @@ Dir.glob("*", :base => "/srv/acme.openstreetmap.org/requests") do |name|
   end
 end
 
+template "/srv/acme.openstreetmap.org/bin/check-certificate" do
+  source "check-certificate.erb"
+  owner "root"
+  group "root"
+  mode "755"
+end
+
 template "/srv/acme.openstreetmap.org/bin/check-certificates" do
   source "check-certificates.erb"
   owner "root"
@@ -183,6 +195,7 @@ systemd_service "letsencrypt-renew" do
   sandbox :enable_network => true
   read_write_paths [
     "/srv/acme.openstreetmap.org/config",
+    "/srv/acme.openstreetmap.org/html",
     "/srv/acme.openstreetmap.org/logs",
     "/srv/acme.openstreetmap.org/work"
   ]