Parcourir la source
Merge pull request #260 from myii/bug/241-dhparam
fix(certificates.sls): prepare `certificates_path` dir separatelytags/v2.3.2
Éric Veiras Galisson
il y a 5 ans
2 fichiers modifiés avec 11 ajouts et 3 suppressions
+ 8
- 3
nginx/certificates.sls
Voir le fichier
| @@ -4,6 +4,10 @@ include: | |||
| - nginx.service | |||
| {% set certificates_path = salt['pillar.get']('nginx:certificates_path', '/etc/nginx/ssl') %} | |||
| prepare_certificates_path_dir: | |||
| file.directory: | |||
| - name: {{ certificates_path }} | |||
| - makedirs: True | |||
| {%- for dh_param, value in salt['pillar.get']('nginx:dh_param', {}).items() %} | |||
| {%- if value is string %} | |||
| @@ -12,19 +16,20 @@ create_nginx_dhparam_{{ dh_param }}_key: | |||
| - name: {{ certificates_path }}/{{ dh_param }} | |||
| - contents_pillar: nginx:dh_param:{{ dh_param }} | |||
| - makedirs: True | |||
| - require: | |||
| - file: prepare_certificates_path_dir | |||
| - watch_in: | |||
| - service: nginx_service | |||
| {%- else %} | |||
| generate_nginx_dhparam_{{ dh_param }}_key: | |||
| pkg.installed: | |||
| - name: {{ nginx.lookup.openssl_package }} | |||
| file.directory: | |||
| - name: {{ certificates_path }} | |||
| - makedirs: True | |||
| cmd.run: | |||
| - name: openssl dhparam -out {{ dh_param }} {{ value.get('keysize', 2048) }} | |||
| - cwd: {{ certificates_path }} | |||
| - creates: {{ certificates_path }}/{{ dh_param }} | |||
| - require: | |||
| - file: prepare_certificates_path_dir | |||
| - watch_in: | |||
| - service: nginx_service | |||
| {%- endif %} | |||
+ 3
- 0
test/salt/default/pillar/nginx.sls
Voir le fichier
| @@ -37,3 +37,6 @@ nginx: | |||
| - location ~ .htm: | |||
| - try_files: '$uri $uri/ =404' | |||
| - include: 'snippets/letsencrypt.conf' | |||
| dh_param: | |||
| 'mydhparam2.pem': | |||
| keysize: 2048 | |||
Chargement…