aboutsummaryrefslogtreecommitdiff
path: root/personal_infra/puppet/modules
diff options
context:
space:
mode:
Diffstat (limited to 'personal_infra/puppet/modules')
-rw-r--r--personal_infra/puppet/modules/proxmox/README.md2
-rw-r--r--personal_infra/puppet/modules/proxmox/manifests/proxy.pp6
2 files changed, 8 insertions, 0 deletions
diff --git a/personal_infra/puppet/modules/proxmox/README.md b/personal_infra/puppet/modules/proxmox/README.md
index 42bf724c..5e5f8bc6 100644
--- a/personal_infra/puppet/modules/proxmox/README.md
+++ b/personal_infra/puppet/modules/proxmox/README.md
@@ -32,3 +32,5 @@ This uses the Apache HTTP Server and mod_md to obtain certificates.
Your hostname must be publicly accessible, because http challenges are used.
You receive mails to restart your server when required.
+
+The `base_hostname` certificate is injected daily to pveproxy.
diff --git a/personal_infra/puppet/modules/proxmox/manifests/proxy.pp b/personal_infra/puppet/modules/proxmox/manifests/proxy.pp
index 423d5cfa..08101b6a 100644
--- a/personal_infra/puppet/modules/proxmox/manifests/proxy.pp
+++ b/personal_infra/puppet/modules/proxmox/manifests/proxy.pp
@@ -44,4 +44,10 @@ class proxmox::proxy ($mail, $base_hostname) {
,
mode => '0755',
}
+
+ cron {'pve-certs':
+ command => "/usr/bin/pvenode cert set /etc/apache2/md/domains/$base_hostname/pubcert.pem /etc/apache2/md/domains/$base_hostname/privkey.pem --force 1 --restart 1",
+ user => 'root',
+ special => 'daily',
+ }
}
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-02 14:38:45 +0000