Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • production
  • test
  • uat
4 results
Massimiliano Adamo's avatar
typo fix
Max Adamo authored
6789f9ad
History
Massimiliano Adamo's avatar 6789f9ad
History
Name Last commit Last update
.vscode
files
lib/facter
manifests
templates
README.md
README.md

Class: geant_acme::server

server side

the server configuration is defined in hiera as following:

le_certificates_hash:
  test-service.geant.org:           # certificate name
    multi_domain:
      - 'test-service.geant.org'    # SAN
      - 'test-service02.geant.org'  # SAN
    clients:
      - 'test-vm01.geant.org'       # this is the server allowed to download the certificate
    verbose: 'yes'
  cert_2.geant.org:
    multi_domain:
      - cert_3.geant.org
      - cert_4.geant.org
    clients:
      - 'test-nas01.geant.org'
      - 'test-jump01.geant.org'

client side

the client runs a resource as following:

  geant_acme::client { 'postgres.geant.org':
    provider   => 'sectigo_ov',  # defaults to letsencrypt
    cert_owner => 'postgres',
    cert_group => 'postgres',
    notify     => Service['postgresql-9.6'];
  }