bundlewrap/bundles/letsencrypt/items.py

49 lines
1.3 KiB
Python
Raw Normal View History

2020-06-01 08:26:37 +00:00
assert node.has_bundle('nginx'), 'letsencrypt needs nginx'
pkg_apt = {
'dehydrated': {},
}
actions = {
'letsencrypt_update_certificates': {
'command': 'dehydrated --cron --accept-terms --challenge http-01',
2020-06-01 08:26:37 +00:00
'triggered': True,
'needs': {
'svc_systemd:nginx',
},
2020-06-01 08:26:37 +00:00
},
}
for domain, _ in node.metadata.get('letsencrypt/domains').items():
actions['letsencrypt_ensure-some-certificate_{}'.format(domain)] = {
'command': '/etc/dehydrated/letsencrypt-ensure-some-certificate {}'.format(domain),
'unless': '/etc/dehydrated/letsencrypt-ensure-some-certificate {} true'.format(domain),
'needs': {
'file:/etc/dehydrated/letsencrypt-ensure-some-certificate',
},
'needed_by': {
'svc_systemd:nginx',
},
}
2020-06-01 08:26:37 +00:00
files = {
'/etc/dehydrated/domains.txt': {
'content_type': 'mako',
'triggers': {
'action:letsencrypt_update_certificates',
},
},
'/etc/dehydrated/config': {
'triggers': {
'action:letsencrypt_update_certificates',
},
},
'/etc/dehydrated/hook.sh': {
'content_type': 'mako',
'mode': '0755',
},
'/etc/dehydrated/letsencrypt-ensure-some-certificate': {
'mode': '0755',
},
2020-06-01 08:26:37 +00:00
}