A Puppet module to simplify SSL certificate management using Let's Encrypt. This module provides convenient defined types and classes for managing SSL certificates, private keys, certificate chains, and bundles. Opinionated by default, but very flexible with parameters.
The serts module adds abstraction over the puppet/letsencrypt module to simplify the placement of generated certificates in various
formats, without compromising flexibility.
- Puppet 7.0 or higher
- puppetlabs/stdlib (>= 9.0.0)
- puppet/letsencrypt (>= 12.0.0)
- puppetlabs/inifile (>= 2.5.0)
- puppet/epel (>= 3.0.1)
- puppet/concat (>= 6.0.0)
Install the module from the Puppet Forge (not currently available):
puppet module install skyejonke-sertsOr add it to your Puppetfile:
mod 'skyejonke-serts'mod 'serts',
:git => '[email protected]:skyethepinkcat/puppet-serts.git',
:ref => 'production'
Basic certificate management:
include serts
serts::certpair { 'example.com':
alt_names => ['www.example.com', 'api.example.com'],
}This will provision a Let's Encrypt certificate for example.com with the specified alternative names and place the certificate and private key in the appropriate system directories.
Detailed documentation for all classes, defined types, and parameters is available in the REFERENCE.md file, which is automatically generated from the code comments using Puppet Strings.
This module is developed and maintained on GitHub. Contributions are welcome through pull requests.
Run the test suite:
pdk test unitCheck code style:
pdk validateThis module is licensed under the MIT License. See the LICENSE file for details.
Development was supported by GitHub copilot in places, and tests + README were intially generated using it. All code was manually reviewed by a human.