## <summary>SSL certificate requesting tool certbot AKA letsencrypt.</summary>

########################################
## <summary>
##      Execute certbot/letsencrypt in the certbot
##      domain.
## </summary>
## <param name="domain">
##      <summary>
##      Domain allowed to transition.
##      </summary>
## </param>
#
interface(`certbot_domtrans',`
	gen_require(`
		type certbot_t, certbot_exec_t;
	')

	domtrans_pattern($1, certbot_exec_t, certbot_t)
')

########################################
## <summary>
##      Execute certbot/letsencrypt in the certbot
##      domain, and allow the specified role
##      the firstboot domain.
## </summary>
## <param name="domain">
##      <summary>
##      Domain allowed to transition.
##      </summary>
## </param>
## <param name="role">
##      <summary>
##      Role allowed access.
##      </summary>
## </param>
#
interface(`certbot_run',`
	gen_require(`
		type certbot_t;
	')

	certbot_domtrans($1)
	role $2 types certbot_t;
')