Puppet Class: letsencrypt::plugin::dns_rfc2136

Defined in:

manifests/plugin/dns_rfc2136.pp

Summary

Installs and configures the dns-rfc2136 plugin

Overview

This class installs and configures the Let’s Encrypt dns-rfc2136 plugin. certbot-dns-rfc2136.readthedocs.io

Parameters:

• server (Stdlib::Host) —

  Target DNS server.

• key_name (String[1]) —

  TSIG key name.

• key_secret (String[1]) —

  TSIG key secret.

• key_algorithm (String[1]) (defaults to: 'HMAC-SHA512') —

  TSIG key algorithm.

• port (Stdlib::Port) (defaults to: 53) —

  Target DNS port.

• propagation_seconds (Integer) (defaults to: 10) —

  Number of seconds to wait for the DNS server to propagate the DNS-01 challenge. (the plugin defaults to 60)

• manage_package (Boolean) (defaults to: true) —

  Manage the plugin package.

• package_name (String[1]) —

  The name of the package to install when $manage_package is true.

• config_dir (Stdlib::Absolutepath) (defaults to: $letsencrypt::config_dir) —

  The path to the configuration directory.

# File 'manifests/plugin/dns_rfc2136.pp', line 16

class letsencrypt::plugin::dns_rfc2136 (
  Stdlib::Host $server,
  String[1] $key_name,
  String[1] $key_secret,
  String[1] $package_name,
  String[1] $key_algorithm         = 'HMAC-SHA512',
  Stdlib::Port $port               = 53,
  Integer $propagation_seconds     = 10,
  Stdlib::Absolutepath $config_dir = $letsencrypt::config_dir,
  Boolean $manage_package          = true,
) {
  require letsencrypt

  if $manage_package {
    package { $package_name:
      ensure => installed,
    }
  }

  $ini_vars = {
    dns_rfc2136_server    => $server,
    dns_rfc2136_port      => $port,
    dns_rfc2136_name      => $key_name,
    dns_rfc2136_secret    => $key_secret,
    dns_rfc2136_algorithm => $key_algorithm,
  }

  file { "${config_dir}/dns-rfc2136.ini":
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0400',
    content => epp('letsencrypt/ini.epp', {
        vars => { '' => $ini_vars },
    }),
  }
}