+ class { 'apache::mod::headers': }
+ apache::vhost { $web_host:
+ port => '443',
+ docroot => false,
+ manage_docroot => false,
+ proxy_dest => "http://localhost:18000",
+ request_headers => 'set X-Forwarded-Proto "https"',
+ ssl => true,
+ ssl_cert => "/etc/letsencrypt/live/$web_host/cert.pem",
+ ssl_key => "/etc/letsencrypt/live/$web_host/privkey.pem",
+ ssl_chain => "/etc/letsencrypt/live/$web_host/chain.pem",
+ require => Letsencrypt::Certonly[$web_host],
+ proxy_preserve_host => true;
+ default: * => $::profile::apache::apache_vhost_default;
+ }
+
+ @profile::monitoring::external_service { "Etherpad service is running on $web_host":
+ type => "web",
+ master => {
+ check_command => "check_https!$web_host!/!<title>Etherpad"
+ }
+ }
+ @profile::monitoring::external_service { "$web_host ssl certificate is up to date":
+ type => "web",
+ master => {
+ check_command => "check_https_certificate!$web_host"
+ }
+ }