🎉 Add certbot-dns-ovh plugin support

aellert · aellert · commit accaa4be99eb · 2019-08-08T04:21:33.000+02:00
diff --git a/manifests/certonly.pp b/manifests/certonly.pp
@@ -118,6 +118,17 @@
       ]
     }
 
+    'dns-ovh': {
+      require letsencrypt::plugin::dns_ovh
+      $_domains = join($domains, '\' -d \'')
+      $plugin_args = [
+        "--cert-name '${title}' -d",
+        "'${_domains}'",
+        "--dns-ovh-credentials ${letsencrypt::plugin::dns_ovh::config_dir}/dns-ovh.ini",
+        "--dns-ovh-propagation-seconds ${letsencrypt::plugin::dns_ovh::propagation_seconds}",
+      ]
+    }
+
     default: {
       if $ensure == 'present' {
         $_domains = join($domains, '\' -d \'')
diff --git a/manifests/params.pp b/manifests/params.pp
@@ -22,40 +22,47 @@
     $package_command = 'certbot'
     $config_dir = '/etc/letsencrypt'
     $dns_rfc2136_package_name = 'python3-certbot-dns-rfc2136'
+    $dns_ovh_package_name = 'python3-certbot-dns-ovh'
   } elsif $facts['osfamily'] == 'RedHat' {
     $install_method = 'package'
     $package_name = 'certbot'
     $package_command = 'certbot'
     $config_dir = '/etc/letsencrypt'
     if $facts['operatingsystemmajrelease'] == '7' {
       $dns_rfc2136_package_name = 'python2-certbot-dns-rfc2136'
+      $dns_ovh_package_name = 'python2-certbot-dns-ovh'
     } else {
       $dns_rfc2136_package_name = 'python3-certbot-dns-rfc2136'
+      $dns_ovh_package_name = 'python3-certbot-dns-ovh'
     }
   } elsif $facts['osfamily'] == 'Gentoo' {
     $install_method = 'package'
     $package_name = 'app-crypt/certbot'
     $package_command = 'certbot'
     $config_dir = '/etc/letsencrypt'
     $dns_rfc2136_package_name = undef
+    $dns_ovh_package_name = undef
   } elsif $facts['osfamily'] == 'OpenBSD' {
     $install_method = 'package'
     $package_name = 'certbot'
     $package_command = 'certbot'
     $config_dir = '/etc/letsencrypt'
     $dns_rfc2136_package_name = undef
+    $dns_ovh_package_name = undef
   } elsif $facts['osfamily'] == 'FreeBSD' {
     $install_method = 'package'
     $package_name = 'py27-certbot'
     $package_command = 'certbot'
     $config_dir = '/usr/local/etc/letsencrypt'
     $dns_rfc2136_package_name = undef
+    $dns_ovh_package_name = undef
   } else {
     $install_method = 'vcs'
     $package_name = 'letsencrypt'
     $package_command = 'letsencrypt'
     $config_dir = '/etc/letsencrypt'
     $dns_rfc2136_package_name = undef
+    $dns_ovh_package_name = undef
   }
 
   $config_file = "${config_dir}/cli.ini"
@@ -82,4 +89,7 @@
   $dns_rfc2136_algorithm           = 'HMAC-SHA512'
   $dns_rfc2136_propagation_seconds = 10
 
+  $dns_ovh_manage_package      = true
+  $dns_ovh_propagation_seconds = 30
+
 }
diff --git a/manifests/plugin/dns_ovh.pp b/manifests/plugin/dns_ovh.pp
@@ -0,0 +1,59 @@
+# == Class: letsencrypt::plugin::dns_ovh
+#
+#   This class installs and configures the Let's Encrypt dns-ovh plugin.
+#   https://certbot-dns-ovh.readthedocs.io
+#
+# === Parameters:
+#
+# [*endpoint*]
+#   Target OVH DNS endpoint.
+# [*application_key*]
+#   OVH application key.
+# [*application_secret*]
+#   DNS OVH application secret.
+# [*consumer_key*]
+#   DNS OVH consumer key.
+# [*manage_package*]
+#   Manage the plugin package.
+# [*package_name*]
+#   The name of the package to install when $manage_package is true.
+# [*config_dir*]
+#   The path to the configuration directory.
+#
+class letsencrypt::plugin::dns_ovh (
+  Enum['ovh-eu', 'ovh-ca'] $endpoint,
+  String[1] $application_key,
+  String[1] $application_secret,
+  String[1] $consumer_key,
+  Integer $propagation_seconds     = $letsencrypt::dns_ovh_propagation_seconds,
+  Stdlib::Absolutepath $config_dir = $letsencrypt::config_dir,
+  Boolean $manage_package          = $letsencrypt::dns_ovh_manage_package,
+  String $package_name             = $letsencrypt::dns_ovh_package_name,
+) {
+
+  if $manage_package {
+    package { $package_name:
+      ensure => installed,
+    }
+  }
+
+  $ini_vars = {
+    dns_ovh_endpoint            => $endpoint,
+    dns_ovh_application_key     => $application_key,
+    dns_ovh_application_secret  => $application_secret,
+    dns_ovh_consumer_key        => $consumer_key,
+    dns_ovh_propagation_seconds => $propagation_seconds,
+  }
+
+  file { "${config_dir}/dns-ovh.ini":
+    ensure  => file,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0400',
+    content => epp('letsencrypt/ini.epp', {
+      vars => { '' => $ini_vars },
+    }),
+    require => Class['letsencrypt'],
+  }
+
+}
diff --git a/types/plugin.pp b/types/plugin.pp
@@ -1 +1 @@
-type Letsencrypt::Plugin = Enum['apache', 'standalone', 'webroot', 'nginx', 'dns-route53', 'dns-google', 'dns-cloudflare', 'dns-rfc2136']
+type Letsencrypt::Plugin = Enum['apache', 'standalone', 'webroot', 'nginx', 'dns-route53', 'dns-google', 'dns-cloudflare', 'dns-rfc2136', 'dns-ovh']

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-type Letsencrypt::Plugin = Enum['apache', 'standalone', 'webroot', 'nginx', 'dns-route53', 'dns-google', 'dns-cloudflare', 'dns-rfc2136']`
	`1`	`+type Letsencrypt::Plugin = Enum['apache', 'standalone', 'webroot', 'nginx', 'dns-route53', 'dns-google', 'dns-cloudflare', 'dns-rfc2136', 'dns-ovh']`