Merge branch 'test' into 'production'

Test See merge request !12

Merge branch 'test' into 'production'
d4fc7b81 · Nils Olof Paulsson · b1d46681 · b57d2c8f · d4fc7b81 · d4fc7b81
Commit d4fc7b81 authored 1 year ago by Nils Olof Paulsson
--- a/manifests/nginx.pp
+++ b/manifests/nginx.pp
@@ -15,10 +15,12 @@ class egg::nginx () {
    notify => Service['nginx'],
  }
  file { '/etc/nginx/conf.d/egg.conf':
-    ensure  => 'present',
+    ensure   => 'present',
-    source  => "puppet:///modules/${module_name}/egg.conf",
+    content  => epp("${module_name}/egg.conf.epp", {
-    notify  => Service['nginx'],
+      cert_name => $hostname,
-    require => Package['nginx'],
+    }),
+    notify   => Service['nginx'],
+    require  => Package['nginx'],
  }
  # Housekeeping
@@ -31,9 +33,19 @@ class egg::nginx () {
    zone    => 'liu',
    service => 'http',
  }
+  firewalld_service { 'Allow https from liu Zone':
+    ensure  => present,
+    zone    => 'liu',
+    service => 'https',
+  }
  firewalld_service { 'Allow http in the public Zone':
    ensure  => present,
    zone    => 'public',
    service => 'http',
  }
+  firewalld_service { 'Allow https from public Zone':
+    ensure  => present,
+    zone    => 'public',
+    service => 'https',
+  }
 }
--- a/files/egg.conf
+++ b/files/egg.conf
+<%- | String[1] $cert_name,
+| -%>
 server {
        server_name  teman.it.liu.se;
        root         /var/www/teman;
@@ -34,8 +36,8 @@ server {
        listen 443 ssl ;
        server_name egg.it.liu.se;
-        ssl_certificate /etc/pki/tls/certs/letsencrypt-cert_chain-egg.devel.it.liu.se.pem  ;
+        ssl_certificate /etc/pki/tls/certs/letsencrypt-cert_chain-<%= $cert_name %>.pem  ;
-        ssl_certificate_key /etc/pki/tls/private/letsencrypt-egg.devel.it.liu.se.key ;
+        ssl_certificate_key /etc/pki/tls/private/letsencrypt-<%= $cert_name %>.key ;
        client_max_body_size 0;