diff --git a/CHANGELOG.md b/CHANGELOG.md
index eb2231b..a2f7bf8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+## [4.1.0] - 2023-08-07
+
+### Changed
+* Update module dependencies
+* Update PDK to 3.0.0
+
+### Fixed
+* Fix GitHub Actions
+
## [4.0.1] - 2023-07-11
### Changed
@@ -159,7 +168,8 @@ This new major release is an effort to modernize the module. It fixes some long-
## [1.0.0] - 2917-04-16
Initial release (fork of bzed-letsencrypt).
-[Unreleased]: https://github.com/fraenki/puppet-acme/compare/4.0.1...HEAD
+[Unreleased]: https://github.com/fraenki/puppet-acme/compare/4.1.0...HEAD
+[4.1.0]: https://github.com/fraenki/puppet-acme/compare/4.0.1...4.1.0
[4.0.1]: https://github.com/fraenki/puppet-acme/compare/4.0.0...4.0.1
[4.0.0]: https://github.com/fraenki/puppet-acme/compare/3.0.0...4.0.0
[3.0.0]: https://github.com/fraenki/puppet-acme/compare/2.3.0...3.0.0
diff --git a/REFERENCE.md b/REFERENCE.md
index 7624f27..38cab01 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -20,7 +20,7 @@
#### Public Defined types
-* [`acme::certificate`](#acmecertificate): Request a certificate.
+* [`acme::certificate`](#acme--certificate): Request a certificate.
#### Private Defined types
@@ -37,48 +37,85 @@
## Classes
-### `acme`
+### `acme`
Install and configure acme.sh to manage SSL certificates
#### Parameters
-The following parameters are available in the `acme` class.
-
-##### `accounts`
+The following parameters are available in the `acme` class:
+
+* [`accounts`](#-acme--accounts)
+* [`acct_dir`](#-acme--acct_dir)
+* [`acme_dir`](#-acme--acme_dir)
+* [`acme_git_url`](#-acme--acme_git_url)
+* [`acme_git_force`](#-acme--acme_git_force)
+* [`acme_host`](#-acme--acme_host)
+* [`acme_install_dir`](#-acme--acme_install_dir)
+* [`acme_revision`](#-acme--acme_revision)
+* [`acmecmd`](#-acme--acmecmd)
+* [`acmelog`](#-acme--acmelog)
+* [`base_dir`](#-acme--base_dir)
+* [`ca_whitelist`](#-acme--ca_whitelist)
+* [`certificates`](#-acme--certificates)
+* [`cfg_dir`](#-acme--cfg_dir)
+* [`crt_dir`](#-acme--crt_dir)
+* [`csr_dir`](#-acme--csr_dir)
+* [`date_expression`](#-acme--date_expression)
+* [`default_ca`](#-acme--default_ca)
+* [`dh_param_size`](#-acme--dh_param_size)
+* [`dnssleep`](#-acme--dnssleep)
+* [`exec_timeout`](#-acme--exec_timeout)
+* [`group`](#-acme--group)
+* [`key_dir`](#-acme--key_dir)
+* [`log_dir`](#-acme--log_dir)
+* [`manage_packages`](#-acme--manage_packages)
+* [`ocsp_must_staple`](#-acme--ocsp_must_staple)
+* [`ocsp_request`](#-acme--ocsp_request)
+* [`path`](#-acme--path)
+* [`posthook_cmd`](#-acme--posthook_cmd)
+* [`profiles`](#-acme--profiles)
+* [`proxy`](#-acme--proxy)
+* [`renew_days`](#-acme--renew_days)
+* [`results_dir`](#-acme--results_dir)
+* [`shell`](#-acme--shell)
+* [`stat_expression`](#-acme--stat_expression)
+* [`user`](#-acme--user)
+
+##### `accounts`
Data type: `Array`
An array of e-mail addresses that acme.sh may use during the ACME
account registration. Should only be defined on $acme_host.
-##### `acct_dir`
+##### `acct_dir`
Data type: `Stdlib::Absolutepath`
The directory for acme.sh accounts.
-##### `acme_dir`
+##### `acme_dir`
Data type: `Stdlib::Absolutepath`
The working directory for acme.sh.
-##### `acme_git_url`
+##### `acme_git_url`
Data type: `String`
URL to the acme.sh GIT repository. Defaults to the official GitHub project.
Feel free to use a local mirror or fork.
-##### `acme_git_force`
+##### `acme_git_force`
Data type: `Boolean`
Force repository creation, destroying any files on the path in the process.
Useful when the repo URL has changed.
-##### `acme_host`
+##### `acme_host`
Data type: `String`
@@ -86,38 +123,38 @@ The host you want to run acme.sh on.
For now it needs to be a puppetmaster, as it needs direct access
to the certificates using functions in Puppet.
-##### `acme_install_dir`
+##### `acme_install_dir`
Data type: `Stdlib::Absolutepath`
The installation directory for acme.sh.
-##### `acme_revision`
+##### `acme_revision`
Data type: `String`
The GIT revision of the acme.sh repository. Defaults to `master` which should
contain a stable version of acme.sh.
-##### `acmecmd`
+##### `acmecmd`
Data type: `String`
The binary path to acme.sh.
-##### `acmelog`
+##### `acmelog`
Data type: `Stdlib::Absolutepath`
The log file.
-##### `base_dir`
+##### `base_dir`
Data type: `Stdlib::Absolutepath`
The configuration base directory for acme.sh.
-##### `ca_whitelist`
+##### `ca_whitelist`
Data type: `Array`
@@ -125,7 +162,7 @@ Specifies the CAs that may be used on `$acme_host`. The module will register
any account specified in `$accounts` with all specified CAs. This ensure that
these accounts are ready for use.
-##### `certificates`
+##### `certificates`
Data type: `Hash`
@@ -133,31 +170,31 @@ Array of full qualified domain names you want to request a certificate for.
For SAN certificates you need to pass space seperated strings,
for example ['foo.example.com fuzz.example.com', 'blub.example.com']
-##### `cfg_dir`
+##### `cfg_dir`
Data type: `Stdlib::Absolutepath`
The directory for acme.sh configs.
-##### `crt_dir`
+##### `crt_dir`
Data type: `Stdlib::Absolutepath`
The directory for acme.sh certificates.
-##### `csr_dir`
+##### `csr_dir`
Data type: `Stdlib::Absolutepath`
The directory for acme.sh CSRs.
-##### `date_expression`
+##### `date_expression`
Data type: `String`
The command used to calculate renewal dates for existing certificates.
-##### `default_ca`
+##### `default_ca`
Data type: `Enum['buypass', 'buypass_test', 'letsencrypt', 'letsencrypt_test', 'sslcom', 'zerossl']`
@@ -166,13 +203,13 @@ different value for `$ca` for the certificate.
Previous versions of acme.sh used to have Let's Encrypt as their default CA,
hence this is the default value for this Puppet module.
-##### `dh_param_size`
+##### `dh_param_size`
Data type: `Integer`
Specifies the DH parameter size, defaults to `2048`.
-##### `dnssleep`
+##### `dnssleep`
Data type: `Integer`
@@ -180,7 +217,7 @@ The time in seconds acme.sh should wait for all DNS changes to take effect.
Settings this to `0` disables the sleep mechanism and lets acme.sh poll DNS
status automatically by using DNS over HTTPS.
-##### `exec_timeout`
+##### `exec_timeout`
Data type: `Integer`
@@ -188,56 +225,56 @@ Specifies the time in seconds that any acme.sh operation can take before
it is aborted by Puppet. This should usually be set to a higher value
than `$dnssleep`.
-##### `group`
+##### `group`
Data type: `String`
The group for acme.sh.
-##### `key_dir`
+##### `key_dir`
Data type: `Stdlib::Absolutepath`
The directory for acme.sh keys.
-##### `log_dir`
+##### `log_dir`
Data type: `Stdlib::Absolutepath`
The log directory for acme.sh.
-##### `manage_packages`
+##### `manage_packages`
Data type: `Boolean`
Whether the module should install necessary packages, mainly git.
Set to `false` to disable package management.
-##### `ocsp_must_staple`
+##### `ocsp_must_staple`
Data type: `Boolean`
Whether to request certificates with OCSP Must-Staple extension, defaults to `true`.
-##### `ocsp_request`
+##### `ocsp_request`
Data type: `Stdlib::Absolutepath`
The script used by acme.sh to get OCSP data.
-##### `path`
+##### `path`
Data type: `String`
The content of the PATH env variable when running Exec resources.
-##### `posthook_cmd`
+##### `posthook_cmd`
Data type: `String`
Specifies a optional command to run after a certificate has been changed.
-##### `profiles`
+##### `profiles`
Data type: `Optional[Hash]`
@@ -246,41 +283,41 @@ certificates. A profile defines not only the challenge type, but also all
required parameters and credentials used by acme.sh to sign the certificate.
Should only be defined on $acme_host.
-Default value: ``undef``
+Default value: `undef`
-##### `proxy`
+##### `proxy`
Data type: `Optional[String]`
Proxy server to use to connect to the ACME CA, for example `proxy.example.com:3128`
-Default value: ``undef``
+Default value: `undef`
-##### `renew_days`
+##### `renew_days`
Data type: `Integer`
Specifies the interval at which certs should be renewed automatically. Defaults to `60`.
-##### `results_dir`
+##### `results_dir`
Data type: `Stdlib::Absolutepath`
The output directory for acme.sh.
-##### `shell`
+##### `shell`
Data type: `String`
The shell for the acme.sh user account.
-##### `stat_expression`
+##### `stat_expression`
Data type: `String`
The command used to get the modification time of a file.
-##### `user`
+##### `user`
Data type: `String`
@@ -288,15 +325,25 @@ The user for acme.sh.
## Defined types
-### `acme::certificate`
+### `acme::certificate`
Request a certificate.
#### Parameters
-The following parameters are available in the `acme::certificate` defined type.
+The following parameters are available in the `acme::certificate` defined type:
+
+* [`acme_host`](#-acme--certificate--acme_host)
+* [`ca`](#-acme--certificate--ca)
+* [`dh_param_size`](#-acme--certificate--dh_param_size)
+* [`domain`](#-acme--certificate--domain)
+* [`ocsp_must_staple`](#-acme--certificate--ocsp_must_staple)
+* [`posthook_cmd`](#-acme--certificate--posthook_cmd)
+* [`renew_days`](#-acme--certificate--renew_days)
+* [`use_account`](#-acme--certificate--use_account)
+* [`use_profile`](#-acme--certificate--use_profile)
-##### `acme_host`
+##### `acme_host`
Data type: `String`
@@ -305,16 +352,16 @@ Defaults to `$acme::acme_host`.
Default value: `$acme::acme_host`
-##### `ca`
+##### `ca`
Data type: `Optional[Enum['buypass', 'buypass_test', 'letsencrypt', 'letsencrypt_test', 'sslcom', 'zerossl']]`
The ACME CA that should be used. Used to overwrite the default
CA that is configured on `$acme_host`.
-Default value: ``undef``
+Default value: `undef`
-##### `dh_param_size`
+##### `dh_param_size`
Data type: `Integer`
@@ -322,7 +369,7 @@ dh parameter size, defaults to $::acme::dh_param_size
Default value: `$acme::dh_param_size`
-##### `domain`
+##### `domain`
Data type: `Variant[String, Array[String], Undef]`
@@ -333,9 +380,9 @@ for example 'foo.example.com fuzz.example.com', or an array of names.
If no domain is specified, the resource name will be parsed as a
list of domains, and the first domain will be used as certificate name.
-Default value: ``undef``
+Default value: `undef`
-##### `ocsp_must_staple`
+##### `ocsp_must_staple`
Data type: `Boolean`
@@ -343,7 +390,7 @@ request certificate with OCSP Must-Staple exctension, defaults to $::acme::ocsp_
Default value: `$acme::ocsp_must_staple`
-##### `posthook_cmd`
+##### `posthook_cmd`
Data type: `String`
@@ -351,7 +398,7 @@ Specifies a optional command to run after a certificate has been changed.
Default value: `$acme::posthook_cmd`
-##### `renew_days`
+##### `renew_days`
Data type: `Integer`
@@ -359,14 +406,14 @@ Specifies the interval at which certs should be renewed automatically. Defaults
Default value: `$acme::renew_days`
-##### `use_account`
+##### `use_account`
Data type: `String`
The ACME account that should be used (or registered).
This account must exist in `$accounts` on your `$acme_host`.
-##### `use_profile`
+##### `use_profile`
Data type: `String`
@@ -375,7 +422,7 @@ This profile must exist in `$profiles` on your `$acme_host`.
## Functions
-### `file_or_empty_string`
+### `file_or_empty_string`
Type: Ruby 3.x API
diff --git a/metadata.json b/metadata.json
index 972398e..73e98ed 100644
--- a/metadata.json
+++ b/metadata.json
@@ -1,6 +1,6 @@
{
"name": "markt-acme",
- "version": "4.0.1",
+ "version": "4.1.0",
"author": "markt.de",
"summary": "Centralized SSL certificate management using Let's Encrypt and the lightweight acme.sh",
"license": "Apache-2.0",