|
- {% from "apache/map.jinja" import apache with context %}
-
- {% if grains['os_family']=="Debian" %}
-
- include:
- - apache
-
- a2enmod mod_ssl:
- cmd.run:
- - name: a2enmod ssl
- - unless: ls /etc/apache2/mods-enabled/ssl.load
- - order: 225
- - require:
- - pkg: apache
- - watch_in:
- - module: apache-restart
- - require_in:
- - module: apache-restart
- - module: apache-reload
- - service: apache
-
- /etc/apache2/mods-available/ssl.conf:
- file.managed:
- - source: salt://apache/files/{{ salt['grains.get']('os_family') }}/ssl.conf.jinja
- - template: jinja
- - mode: 644
- - watch_in:
- - module: apache-restart
-
- {% elif grains['os_family']=="RedHat" %}
-
- mod_ssl:
- pkg.installed:
- - name: {{ apache.mod_ssl_pkg }}
- - require:
- - pkg: apache
- - watch_in:
- - module: apache-restart
- - require_in:
- - module: apache-restart
- - module: apache-reload
- - service: apache
-
- {{ apache.confdir }}/ssl.conf:
- file.absent:
- - require:
- - pkg: apache
- - watch_in:
- - module: apache-restart
- - require_in:
- - module: apache-restart
- - module: apache-reload
- - service: apache
-
- {% elif grains['os_family']=="FreeBSD" %}
-
- include:
- - apache
- - apache.mod_socache_shmcb
-
- {{ apache.modulesdir }}/010_mod_ssl.conf:
- file.managed:
- - source: salt://apache/files/{{ salt['grains.get']('os_family') }}/mod_ssl.conf.jinja
- - mode: 644
- - template: jinja
- - require:
- - pkg: apache
- - watch_in:
- - module: apache-restart
- - require_in:
- - module: apache-restart
- - module: apache-reload
- - service: apache
-
- {% endif %}
-
- {{ apache.confdir }}/tls-defaults.conf:
- {% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) %}
- file.managed:
- - source: salt://apache/files/tls-defaults.conf.jinja
- - mode: 644
- - template: jinja
- {% else %}
- file.absent:
- {% endif %}
- - require:
- - pkg: apache
- - watch_in:
- - module: apache-restart
- - require_in:
- - module: apache-restart
- - module: apache-reload
- - service: apache
-
- {% if grains['os_family']=="Debian" %}
- a2endisconf tls-defaults:
- cmd.run:
- {% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) %}
- - name: a2enconf tls-defaults
- - unless: test -L /etc/apache2/conf-enabled/tls-defaults.conf
- {% else %}
- - name: a2disconf tls-defaults
- - onlyif: test -L /etc/apache2/conf-enabled/tls-defaults.conf
- {% endif %}
- - order: 225
- - require:
- - pkg: apache
- - file: {{ apache.confdir }}/tls-defaults.conf
- - watch_in:
- - module: apache-restart
- - require_in:
- - module: apache-restart
- - module: apache-reload
- - service: apache
- {% endif %}
|