add new parameters $acme::default_account, $acme::default_profile, cl…

…oses #38

CHANGELOG.md

@@ -6,8 +6,13 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Added
+* New parameters: `$acme::default_account`, `$acme::default_profile` ([#38])
+
 ### Changed
 * Change default for `$ca` in `acme::certificate` to `$acme::default_ca` ([#37])
+* Change default for `$use_account` in `acme::certificate` to `$acme::default_account` ([#38])
+* Change default for `$use_profile` in `acme::certificate` to `$acme::default_profile` ([#38])
 
 ### Fixed
 * Fix secret leakage in debug `notify` ([#50])
@@ -193,6 +198,7 @@ Initial release (fork of bzed-letsencrypt).
 [#50]: https://github.com/fraenki/puppet-acme/pull/50
 [#44]: https://github.com/fraenki/puppet-acme/pull/44
 [#40]: https://github.com/fraenki/puppet-acme/pull/40
+[#38]: https://github.com/fraenki/puppet-acme/pull/38
 [#37]: https://github.com/fraenki/puppet-acme/pull/37
 [#33]: https://github.com/fraenki/puppet-acme/pull/33
 [#32]: https://github.com/fraenki/puppet-acme/pull/32

REFERENCE.md

@@ -62,7 +62,9 @@ The following parameters are available in the `acme` class:
 * [`crt_dir`](#-acme--crt_dir)
 * [`csr_dir`](#-acme--csr_dir)
 * [`date_expression`](#-acme--date_expression)
+* [`default_account`](#-acme--default_account)
 * [`default_ca`](#-acme--default_ca)
+* [`default_profile`](#-acme--default_profile)
 * [`dh_param_size`](#-acme--dh_param_size)
 * [`dnssleep`](#-acme--dnssleep)
 * [`exec_timeout`](#-acme--exec_timeout)
@@ -194,15 +196,35 @@ Data type: `String`
 
 The command used to calculate renewal dates for existing certificates.
 
+##### <a name="-acme--default_account"></a>`default_account`
+
+Data type: `Optional[String]`
+
+The default account that should be used to new certificate requests.
+The account must already be defined in `$accounts`.
+May be overriden by specifying `$use_account` for the certificate.
+
+Default value: `undef`
+
 ##### <a name="-acme--default_ca"></a>`default_ca`
 
 Data type: `Enum['buypass', 'buypass_test', 'letsencrypt', 'letsencrypt_test', 'sslcom', 'zerossl']`
 
-The default ACME CA you want to use. May be overriden by specifying a
-different value for `$ca` for the certificate.
+The default ACME CA that should be used to new certificate requests.
+May be overriden by specifying `$ca` for the certificate.
 Previous versions of acme.sh used to have Let's Encrypt as their default CA,
 hence this is the default value for this Puppet module.
 
+##### <a name="-acme--default_profile"></a>`default_profile`
+
+Data type: `Optional[String]`
+
+The default profile that should be used to new certificate requests.
+The profile must already be defined in `$profile`.
+May be overriden by specifying `$use_profile` for the certificate.
+
+Default value: `undef`
+
 ##### <a name="-acme--dh_param_size"></a>`dh_param_size`
 
 Data type: `Integer`
@@ -359,13 +381,13 @@ Data type: `Optional[Enum['buypass', 'buypass_test', 'letsencrypt', 'letsencrypt
 The ACME CA that should be used. Used to overwrite the default
 CA that is configured on `$acme_host`.
 
-Default value: `undef`
+Default value: `$acme::default_ca`
 
 ##### <a name="-acme--certificate--dh_param_size"></a>`dh_param_size`
 
 Data type: `Integer`
 
-dh parameter size, defaults to $::acme::dh_param_size
+dh parameter size, defaults to $acme::dh_param_size
 
 Default value: `$acme::dh_param_size`
 
@@ -386,7 +408,7 @@ Default value: `undef`
 
 Data type: `Boolean`
 
-request certificate with OCSP Must-Staple exctension, defaults to $::acme::ocsp_must_staple
+request certificate with OCSP Must-Staple exctension, defaults to $acme::ocsp_must_staple
 
 Default value: `$acme::ocsp_must_staple`
 
@@ -413,13 +435,17 @@ Data type: `String`
 The ACME account that should be used (or registered).
 This account must exist in `$accounts` on your `$acme_host`.
 
+Default value: `$acme::default_account`
+
 ##### <a name="-acme--certificate--use_profile"></a>`use_profile`
 
 Data type: `String`
 
 Specify the profile that should be used to sign the certificate.
 This profile must exist in `$profiles` on your `$acme_host`.
 
+Default value: `$acme::default_profile`
+
 ## Functions
 
 ### <a name="file_or_empty_string"></a>`file_or_empty_string`

manifests/certificate.pp

@@ -37,8 +37,8 @@
 #   This profile must exist in `$profiles` on your `$acme_host`.
 #
 define acme::certificate (
-  String $use_account,
-  String $use_profile,
+  String $use_account = $acme::default_account,
+  String $use_profile = $acme::default_profile,
   Variant[String, Array[String], Undef] $domain = undef,
   String $acme_host = $acme::acme_host,
   Integer $dh_param_size = $acme::dh_param_size,

manifests/init.pp

@@ -61,12 +61,22 @@
 # @param date_expression
 #   The command used to calculate renewal dates for existing certificates.
 #
+# @param default_account
+#   The default account that should be used to new certificate requests.
+#   The account must already be defined in `$accounts`.
+#   May be overriden by specifying `$use_account` for the certificate.
+#
 # @param default_ca
-#   The default ACME CA you want to use. May be overriden by specifying a
-#   different value for `$ca` for the certificate.
+#   The default ACME CA that should be used to new certificate requests.
+#   May be overriden by specifying `$ca` for the certificate.
 #   Previous versions of acme.sh used to have Let's Encrypt as their default CA,
 #   hence this is the default value for this Puppet module.
 #
+# @param default_profile
+#   The default profile that should be used to new certificate requests.
+#   The profile must already be defined in `$profile`.
+#   May be overriden by specifying `$use_profile` for the certificate.
+#
 # @param dh_param_size
 #   Specifies the DH parameter size, defaults to `2048`.
 #
@@ -165,6 +175,8 @@
   String $stat_expression,
   String $user,
   # optional parameters
+  Optional[String] $default_account = undef,
+  Optional[String] $default_profile = undef,
   Optional[String] $proxy = undef,
   Optional[Hash] $profiles = undef
 ) {