-
Notifications
You must be signed in to change notification settings - Fork 136
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for certbot-dns-linode (#363)
* Add support for certbot-dns-linode * Update manifests/plugin/dns_linode.pp Co-authored-by: Kenyon Ralph <[email protected]> * Make api_key required and increase propogation seconds to recommended amount * Regenerate docs * parameter ordering * propogation seconds --------- Co-authored-by: Kenyon Ralph <[email protected]>
- Loading branch information
Showing
12 changed files
with
237 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
# @summary Installs and configures the dns-linode plugin | ||
# | ||
# This class installs and configures the Let's Encrypt dns-linode plugin. | ||
# https://certbot-dns-linode.readthedocs.io | ||
# | ||
# @param package_name The name of the package to install when $manage_package is true. | ||
# @param api_key | ||
# Optional string, linode api key value for authentication. | ||
# @param version | ||
# string, linode api version. | ||
# @param config_path The path to the configuration directory. | ||
# @param manage_package Manage the plugin package. | ||
# @param propagation_seconds Number of seconds to wait for the DNS server to propagate the DNS-01 challenge. | ||
# | ||
class letsencrypt::plugin::dns_linode ( | ||
String[1] $api_key, | ||
Optional[String[1]] $package_name = undef, | ||
String[1] $version = '4', | ||
Stdlib::Absolutepath $config_path = "${letsencrypt::config_dir}/dns-linode.ini", | ||
Boolean $manage_package = true, | ||
Integer $propagation_seconds = 120, | ||
) { | ||
include letsencrypt | ||
|
||
if $manage_package { | ||
if ! $package_name { | ||
fail('No package name provided for certbot dns linode plugin.') | ||
} | ||
|
||
$requirement = if $letsencrypt::configure_epel { | ||
Class['epel'] | ||
} else { | ||
undef | ||
} | ||
|
||
package { $package_name: | ||
ensure => $letsencrypt::package_ensure, | ||
require => $requirement, | ||
} | ||
} | ||
|
||
$ini_vars = { | ||
dns_linode_key => $api_key, | ||
dns_linode_version => $version, | ||
} | ||
|
||
file { $config_path: | ||
ensure => file, | ||
owner => 'root', | ||
group => 0, | ||
mode => '0400', | ||
content => epp('letsencrypt/ini.epp', { | ||
vars => { '' => $ini_vars }, | ||
}, | ||
), | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# frozen_string_literal: true | ||
|
||
require 'spec_helper_acceptance' | ||
|
||
describe 'letsencrypt::plugin::dns_linode' do | ||
it_behaves_like 'an idempotent resource' do | ||
let(:manifest) do | ||
<<-PUPPET | ||
include letsencrypt | ||
class { 'letsencrypt::plugin::dns_linode': | ||
api_key => 'dummy-linode-api-key', | ||
} | ||
PUPPET | ||
end | ||
end | ||
|
||
describe file('/etc/letsencrypt/dns-linode.ini') do | ||
it { is_expected.to be_file } | ||
it { is_expected.to be_owned_by 'root' } | ||
it { is_expected.to be_grouped_into 'root' } | ||
it { is_expected.to be_mode 400 } | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
# frozen_string_literal: true | ||
|
||
require 'spec_helper' | ||
|
||
describe 'letsencrypt::plugin::dns_linode' do | ||
on_supported_os.each do |os, os_facts| | ||
context "on #{os} based operating systems" do | ||
let(:facts) { os_facts } | ||
let(:params) { { 'api_key' => 'dummy-linode-api-token' } } | ||
let(:pre_condition) do | ||
<<-PUPPET | ||
class { 'letsencrypt': | ||
email => '[email protected]', | ||
} | ||
PUPPET | ||
end | ||
let(:package_name) do | ||
if %w[Debian RedHat].include?(facts['os']['family']) | ||
'python3-certbot-dns-linode' | ||
elsif %w[FreeBSD].include?(facts['os']['family']) | ||
'py311-certbot-dns-linode' | ||
end | ||
end | ||
|
||
context 'with required parameters' do | ||
it do | ||
if package_name.nil? | ||
is_expected.not_to compile | ||
else | ||
is_expected.to compile.with_all_deps | ||
end | ||
end | ||
|
||
describe 'with manage_package => true' do | ||
let(:params) { super().merge(manage_package: true) } | ||
|
||
it do | ||
if package_name.nil? | ||
is_expected.not_to compile | ||
else | ||
is_expected.to contain_class('letsencrypt::plugin::dns_linode').with_package_name(package_name) | ||
is_expected.to contain_package(package_name).with_ensure('installed') | ||
end | ||
end | ||
end | ||
|
||
describe 'with manage_package => false' do | ||
let(:params) { super().merge(manage_package: false, package_name: 'dns-linode-package') } | ||
|
||
it { is_expected.not_to contain_package('dns-linode-package') } | ||
end | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -206,6 +206,27 @@ class { 'letsencrypt::plugin::dns_cloudflare': | |
it { is_expected.to contain_exec('letsencrypt certonly foo.example.com').with_command "letsencrypt --text --agree-tos --non-interactive certonly --rsa-key-size 4096 -a dns-cloudflare --cert-name 'foo.example.com' -d 'foo.example.com' --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/dns-cloudflare.ini --dns-cloudflare-propagation-seconds 10" } | ||
end | ||
|
||
context 'with dns-linode plugin' do | ||
let(:title) { 'foo.example.com' } | ||
let(:params) { { plugin: 'dns-linode', letsencrypt_command: 'letsencrypt' } } | ||
let(:pre_condition) do | ||
<<-PUPPET | ||
class { 'letsencrypt': | ||
email => '[email protected]', | ||
config_dir => '/etc/letsencrypt', | ||
} | ||
class { 'letsencrypt::plugin::dns_linode': | ||
package_name => 'irrelevant', | ||
api_key => 'dummy-linode-api-key', | ||
} | ||
PUPPET | ||
end | ||
|
||
it { is_expected.to compile.with_all_deps } | ||
it { is_expected.to contain_class('letsencrypt::plugin::dns_linode') } | ||
it { is_expected.to contain_exec('letsencrypt certonly foo.example.com').with_command "letsencrypt --text --agree-tos --non-interactive certonly --rsa-key-size 4096 -a dns-linode --cert-name 'foo.example.com' -d 'foo.example.com' --dns-linode --dns-linode-credentials /etc/letsencrypt/dns-linode.ini --dns-linode-propagation-seconds 120" } | ||
end | ||
|
||
context 'with custom plugin' do | ||
let(:title) { 'foo.example.com' } | ||
let(:params) { { plugin: 'apache' } } | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,6 +8,7 @@ | |
'dns-route53', | ||
'dns-google', | ||
'dns-cloudflare', | ||
'dns-linode', | ||
'dns-rfc2136', | ||
'manual', | ||
] |