X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/77cd975164d60c089b6a42b2e9bd128c0e037025..3944d4a4eb4d96ca5e747739f4967f590672d4e4:/cookbooks/ssl/resources/certificate.rb

diff --git a/cookbooks/ssl/resources/certificate.rb b/cookbooks/ssl/resources/certificate.rb
index 92dbcc323..c133491ed 100644
--- a/cookbooks/ssl/resources/certificate.rb
+++ b/cookbooks/ssl/resources/certificate.rb
@@ -20,12 +20,11 @@
 default_action :create
 
 property :name, String
-property :domains, Array, :required => true
-property :fallback_certificate, String
+property :domains, [String, Array], :required => true
 
 action :create do
   node.default[:letsencrypt][:certificates][name] = {
-    :domains => domains
+    :domains => Array(domains)
   }
 
   if letsencrypt
@@ -40,6 +39,8 @@ action :create do
       mode 0o444
       content certificate
       backup false
+      manage_symlink_source false
+      force_unlink true
     end
 
     file "/etc/ssl/private/#{name}.key" do
@@ -48,14 +49,8 @@ action :create do
       mode 0o440
       content key
       backup false
-    end
-  elsif fallback_certificate
-    link "/etc/ssl/certs/#{name}.pem" do
-      to "#{fallback_certificate}.pem"
-    end
-
-    link "/etc/ssl/private/#{name}.key" do
-      to "#{fallback_certificate}.key"
+      manage_symlink_source false
+      force_unlink true
     end
   else
     template "/tmp/#{name}.ssl.cnf" do
@@ -64,7 +59,7 @@ action :create do
       owner "root"
       group "root"
       mode 0o644
-      variables :domains => new_resource.domains
+      variables :domains => Array(new_resource.domains)
       not_if do
         ::File.exist?("/etc/ssl/certs/#{new_resource.name}.pem") && ::File.exist?("/etc/ssl/private/#{new_resource.name}.key")
       end