1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
class proxmox::proxy ($mail, $base_hostname) {
package {'apache2':}
->
service {'apache2':
enable => true,
ensure => running,
}
$apache_dep = {
require => Package['apache2'],
notify => Service['apache2'],
}
['md', 'ssl', 'proxy_http', 'proxy'].each |$mod| {
exec {"/usr/sbin/a2enmod $mod":
creates => "/etc/apache2/mods-enabled/$mod.load",
* => $apache_dep,
}
}
file {'/etc/apache2/sites-enabled/test.conf':
content => @("EOT")
MDomain $base_hostname auto
MDCertificateAgreement accepted
MDContactEmail $mail
<VirtualHost *:443>
ServerName $base_hostname
SSLEngine on
</VirtualHost>
| EOT
,
* => $apache_dep
}
file {'/etc/cron.daily/renew_md_certificates':
content => @("EOT"/$)
#!/bin/sh
pvenode cert set /etc/apache2/md/domains/$base_hostname/pubcert.pem /etc/apache2/md/domains/$base_hostname/privkey.pem --force 1 --restart 1 >/dev/null
for hook in /usr/local/bin/notify_md_renewal_hook_* ; do
\$hook
done
| EOT
,
mode => '0755',
}
service {'nagios':}
package {'nagios':
ensure => absent,
}
nagios_service {"$base_hostname-proxmox-cert":
use => 'generic-service',
service_description => "$base_hostname-proxmox-cert",
host_name => $base_hostname,
check_command => "check_$base_hostname-proxmox-cert",
require => Package['nagios'],
notify => Service['nagios'],
owner => 'nagios',
}
nagios_command {"check_$base_hostname-proxmox-cert":
command_name => "check_$base_hostname-proxmox-cert",
command_line => "/usr/lib64/nagios/plugins/check_http -H $base_hostname -C 10,5 -p 8006",
require => Package['nagios'],
notify => Service['nagios'],
owner => 'nagios',
}
}
|
