X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/9a3a70287bba2b16c824de326971bb84fbb86c24..22bfa5e6f8152e492f21ae2c972a164474cfdd61:/cookbooks/letsencrypt/recipes/default.rb?ds=sidebyside diff --git a/cookbooks/letsencrypt/recipes/default.rb b/cookbooks/letsencrypt/recipes/default.rb index 61a120057..a1df68190 100644 --- a/cookbooks/letsencrypt/recipes/default.rb +++ b/cookbooks/letsencrypt/recipes/default.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: letsencrypt +# Cookbook:: letsencrypt # Recipe:: default # -# Copyright 2017, OpenStreetMap Foundation +# Copyright:: 2017, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,6 +17,7 @@ # limitations under the License. # +include_recipe "accounts" include_recipe "apache" keys = data_bag_item("chef", "keys") @@ -147,6 +148,22 @@ certificates.each do |name, details| user "letsencrypt" group "letsencrypt" subscribes :run, "template[/srv/acme.openstreetmap.org/requests/#{name}]" + not_if { ENV["TEST_KITCHEN"] } + end +end + +Dir.glob("*", :base => "/srv/acme.openstreetmap.org/requests") do |name| + next if certificates.include?(name) + + file "/srv/acme.openstreetmap.org/requests/#{name}" do + action :delete + end + + execute "certbot-delete-#{name}" do + command "/usr/bin/certbot delete --config-dir /srv/acme.openstreetmap.org/config --work-dir /srv/acme.openstreetmap.org/work --logs-dir /srv/acme.openstreetmap.org/logs --cert-name #{name}" + cwd "/srv/acme.openstreetmap.org" + user "letsencrypt" + group "letsencrypt" end end