diff options
| -rw-r--r-- | personal_infra/puppet/modules/proxmox/README.md | 2 | ||||
| -rw-r--r-- | personal_infra/puppet/modules/proxmox/manifests/proxy.pp | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/personal_infra/puppet/modules/proxmox/README.md b/personal_infra/puppet/modules/proxmox/README.md index 42bf724c..5e5f8bc6 100644 --- a/personal_infra/puppet/modules/proxmox/README.md +++ b/personal_infra/puppet/modules/proxmox/README.md @@ -32,3 +32,5 @@ This uses the Apache HTTP Server and mod_md to obtain certificates. Your hostname must be publicly accessible, because http challenges are used. You receive mails to restart your server when required. + +The `base_hostname` certificate is injected daily to pveproxy. diff --git a/personal_infra/puppet/modules/proxmox/manifests/proxy.pp b/personal_infra/puppet/modules/proxmox/manifests/proxy.pp index 423d5cfa..08101b6a 100644 --- a/personal_infra/puppet/modules/proxmox/manifests/proxy.pp +++ b/personal_infra/puppet/modules/proxmox/manifests/proxy.pp @@ -44,4 +44,10 @@ class proxmox::proxy ($mail, $base_hostname) { , mode => '0755', } + + cron {'pve-certs': + command => "/usr/bin/pvenode cert set /etc/apache2/md/domains/$base_hostname/pubcert.pem /etc/apache2/md/domains/$base_hostname/privkey.pem --force 1 --restart 1", + user => 'root', + special => 'daily', + } } |