cd_certbot | Release Notes

[s2If current_user_can(access_s2member_level1)]

Synopsis

certbot is a way of automatically providing web server certificates via lets' encrypt.

This fully parameterized module installs certbot automatically to allow automated certificate requests via other puppet modules.

WARNING

**__!!! Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previuos configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production!!! __**

Git Repo

https://gitlab.puppetsoft.com/12WW1160/cd_certbot

Features

  • installation:
    • via git
    • via yum (CentOS 7 only)

Repo Structure

Repostructure has been moved to REPOSTRUCTURE.md.

Dependencies

All dependencies must be included in the catalogue.

Deployment

native Puppet deployment

via site.pp or nodes.pp

node 'example.example.net' {
  include cd_puppetdb
}

through Foreman:

In order to apply parameters through Foreman, cd_certbot::params must be added to the host or hostgroup in question.

See more details about class deployment on Confdroid.com.

Parameters

The following parameters are editable via params.pp or through ENC (recommended). Values changed will take immediate effect at next puppet run. Services will be restarted where neccessary.

SELINUX

All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.

Known Problems

Support

  • OS: CentOS 6, 7

Tests

  • Puppet Lint
    • excluded tests:
    • --no-class_inherits_from_params_class-check:relavant only to non-supported outdated puppet versions
    • --no-variable_scope-check: not applicable as we are inheriting parameters from params class. the lint check does not distinguish between facts and inherited parameters.
    • --no-80chars-check: it is not always possible to stay within 80 characters, although typically only occurring on the parameter vault params.pp.
    • --no-arrow_alignment-check: this check leads to actually not having am easily readable arrow alignment, as this checks per block, not per class.
  • Puppet Parser
  • ERB Template Parser

Contact Us

contact Us

Disclaimer

ConfDroid as entity is entirely independent from Puppet. We provide custom configuration modules, written for specific purposes and specific environments. The modules are tested and supported only as documented, and require testing in designated environments (i.e. lab or development environments) for parameter tuning etc. before deploying into production environments.

[/s2If]

[s2If !current_user_can(access_s2member_level1)]

Synopsis

certbot is a way of automatically providing web server certificates via lets' encrypt.

This fully parameterized module installs certbot automatically to allow automated certificate requests via other puppet modules.

WARNING

**__!!! Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previuos configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production!!! __**

Git Repo

https://gitlab.puppetsoft.com/12WW1160/cd_certbot

Features

  • installation:
    • via git
    • via yum (CentOS 7 only)

Repo Structure

Repostructure has been moved to REPOSTRUCTURE.md.

Dependencies

All dependencies must be included in the catalogue.

Deployment

native Puppet deployment

via site.pp or nodes.pp

node 'example.example.net' {
  include cd_puppetdb
}

through Foreman:

In order to apply parameters through Foreman, cd_certbot::params must be added to the host or hostgroup in question.

See more details about class deployment on Confdroid.com.

Parameters

The following parameters are editable via params.pp or through ENC (recommended). Values changed will take immediate effect at next puppet run. Services will be restarted where neccessary.

SELINUX

All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.

Known Problems

Support

  • OS: CentOS 6, 7

Tests

  • Puppet Lint
    • excluded tests:
    • --no-class_inherits_from_params_class-check:relavant only to non-supported outdated puppet versions
    • --no-variable_scope-check: not applicable as we are inheriting parameters from params class. the lint check does not distinguish between facts and inherited parameters.
    • --no-80chars-check: it is not always possible to stay within 80 characters, although typically only occurring on the parameter vault params.pp.
    • --no-arrow_alignment-check: this check leads to actually not having am easily readable arrow alignment, as this checks per block, not per class.
  • Puppet Parser
  • ERB Template Parser

Contact Us

contact Us

Disclaimer

ConfDroid as entity is entirely independent from Puppet. We provide custom configuration modules, written for specific purposes and specific environments. The modules are tested and supported only as documented, and require testing in designated environments (i.e. lab or development environments) for parameter tuning etc. before deploying into production environments.

[/s2If]

Leave a Reply