summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/Apache.hs
diff options
context:
space:
mode:
authorJoey Hess2016-02-07 19:53:12 -0400
committerJoey Hess2016-02-07 19:53:12 -0400
commite2bd3ece23976240c56dd522f04b5e6f4211828e (patch)
tree72183f333a2dc6dfd8de79f342b72664acc6c380 /src/Propellor/Property/Apache.hs
parentafa929e11c0f715da90288beac586b1ff93bf542 (diff)
propellor spin
Diffstat (limited to 'src/Propellor/Property/Apache.hs')
-rw-r--r--src/Propellor/Property/Apache.hs21
1 files changed, 12 insertions, 9 deletions
diff --git a/src/Propellor/Property/Apache.hs b/src/Propellor/Property/Apache.hs
index 38d47b94..c2c32a3b 100644
--- a/src/Propellor/Property/Apache.hs
+++ b/src/Propellor/Property/Apache.hs
@@ -179,20 +179,23 @@ httpsVirtualHost' domain docroot letos addedcfg = setup
-- Everything else redirects to https
, "RewriteRule ^/(.*) https://" ++ domain ++ "/$1 [L,R,NE]"
]
- certinstaller _domain certfile privkeyfile chainfile _fullchainfile =
+ certinstaller :: LetsEncrypt.CertInstaller
+ certinstaller newcert _domain certfile privkeyfile chainfile _fullchainfile =
combineProperties (domain ++ " ssl cert installed")
[ File.dirExists (takeDirectory cf)
- , File.hasContent cf $ vhost (Port 443)
- [ "SSLEngine on"
- , "SSLCertificateFile " ++ certfile
- , "SSLCertificateKeyFile " ++ privkeyfile
- , "SSLCertificateChainFile " ++ chainfile
- ]
- -- always reload; the cert has changed
- , reloaded
+ , File.hasContent cf sslvhost
+ `onChange` reloaded
+ -- always reload when the cert has changed
+ , check (return newcert :: IO Bool) reloaded
]
where
cf = sslconffile "letsencrypt"
+ sslvhost = vhost (Port 443)
+ [ "SSLEngine on"
+ , "SSLCertificateFile " ++ certfile
+ , "SSLCertificateKeyFile " ++ privkeyfile
+ , "SSLCertificateChainFile " ++ chainfile
+ ]
sslconffile s = "/etc/apache2/sites-available/ssl/" ++ domain ++ "/" ++ s ++ ".conf"
vhost (Port p) ls =
[ "<VirtualHost *:"++show p++">"