|
12345678910111213141516171819202122232425262728293031 |
- {%- from "linux/map.jinja" import system with context %}
- {%- from "salt/map.jinja" import api with context %}
-
- rest_cherrypy:
- port: {{ api.bind.port }}
- host: {{ api.bind.address }}
- {%- if api.get('ssl', {}).get('enabled', False) %}
- {%- if api.ssl.engine == 'letsencrypt' %}
- ssl_crt: /etc/letsencrypt/live/{{ api.ssl.name }}/cert.pem
- ssl_key: /etc/letsencrypt/live/{{ api.ssl.name }}/privkey.pem
- {%- elif api.ssl.engine == 'salt' %}
- ssl_crt: /etc/ssl/certs/{{ api.ssl.get('name', grains.id) }}.crt
- ssl_key: /etc/ssl/private/{{ api.ssl.get('name', grains.id) }}.key
- {%- if api.ssl.authority is defined %}
- ssl_chain: /etc/ssl/certs/{{ api.ssl.get('name', grains.id) }}-chain.crt
- {%- endif %}
- {%- else %}
- ssl_crt: {{ api.ssl.get('cert_file')|default("/etc/ssl/certs/"+grains.get('fqdn')+".crt") }}
- ssl_key: {{ api.ssl.get('key_file')|default("/etc/ssl/private/"+grains.get('fqdn')+".key") }}
- {%- endif %}
- {%- else %}
- disable_ssl: True
- {%- endif %}
- expire_responses: {{ api.get('expire_responses', False) }}
- {%- if api.get('debug', False) %}
- debug: True
- {%- endif %}
- {#-
- vim: syntax=jinja
- -#}
-
|