Saltstack Official Apache Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

mod_ssl.sls 2.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
  1. {% from "apache/map.jinja" import apache with context %}
  2. {% if grains['os_family']=="Debian" %}
  3. include:
  4. - apache
  5. a2enmod mod_ssl:
  6. cmd.run:
  7. - name: a2enmod ssl
  8. - unless: ls /etc/apache2/mods-enabled/ssl.load
  9. - order: 225
  10. - require:
  11. - pkg: apache
  12. - watch_in:
  13. - module: apache-restart
  14. - require_in:
  15. - module: apache-restart
  16. - module: apache-reload
  17. - service: apache
  18. /etc/apache2/mods-available/ssl.conf:
  19. file.managed:
  20. - source: salt://apache/files/{{ salt['grains.get']('os_family') }}/ssl.conf.jinja
  21. - template: jinja
  22. - mode: 644
  23. - watch_in:
  24. - module: apache-restart
  25. {% elif grains['os_family']=="RedHat" %}
  26. mod_ssl:
  27. pkg.installed:
  28. - name: {{ apache.mod_ssl }}
  29. - require:
  30. - pkg: apache
  31. - watch_in:
  32. - module: apache-restart
  33. - require_in:
  34. - module: apache-restart
  35. - module: apache-reload
  36. - service: apache
  37. {{ apache.confdir }}/ssl.conf:
  38. file.absent:
  39. - require:
  40. - pkg: apache
  41. - watch_in:
  42. - module: apache-restart
  43. - require_in:
  44. - module: apache-restart
  45. - module: apache-reload
  46. - service: apache
  47. {% elif grains['os_family']=="FreeBSD" %}
  48. include:
  49. - apache
  50. - apache.mod_socache_shmcb
  51. {{ apache.modulesdir }}/010_mod_ssl.conf:
  52. file.managed:
  53. - source: salt://apache/files/{{ salt['grains.get']('os_family') }}/mod_ssl.conf.jinja
  54. - mode: 644
  55. - template: jinja
  56. - require:
  57. - pkg: apache
  58. - watch_in:
  59. - module: apache-restart
  60. - require_in:
  61. - module: apache-restart
  62. - module: apache-reload
  63. - service: apache
  64. {% endif %}
  65. {{ apache.confdir }}/tls-defaults.conf:
  66. {% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) %}
  67. file.managed:
  68. - source: salt://apache/files/tls-defaults.conf.jinja
  69. - mode: 644
  70. - template: jinja
  71. {% else %}
  72. file.absent:
  73. {% endif %}
  74. - require:
  75. - pkg: apache
  76. - watch_in:
  77. - module: apache-restart
  78. - require_in:
  79. - module: apache-restart
  80. - module: apache-reload
  81. - service: apache
  82. {% if grains['os_family']=="Debian" %}
  83. a2endisconf tls-defaults:
  84. cmd.run:
  85. {% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) %}
  86. - name: a2enconf tls-defaults
  87. - unless: test -L /etc/apache2/conf-enabled/tls-defaults.conf
  88. {% else %}
  89. - name: a2disconf tls-defaults
  90. - onlyif: test -L /etc/apache2/conf-enabled/tls-defaults.conf
  91. {% endif %}
  92. - order: 225
  93. - require:
  94. - pkg: apache
  95. - file: {{ apache.confdir }}/tls-defaults.conf
  96. - watch_in:
  97. - module: apache-restart
  98. - require_in:
  99. - module: apache-restart
  100. - module: apache-reload
  101. - service: apache
  102. {% endif %}