{%- from "linux/map.jinja" import system with context %}
{%- from "salt/map.jinja" import api with context %}

rest_cherrypy:
  port: {{ api.bind.port }}
  host: {{ api.bind.address }}
  {%- if api.get('ssl', {}).get('enabled', False) %}
  {%- if api.ssl.engine == 'letsencrypt' %}
  ssl_crt: /etc/letsencrypt/live/{{ api.ssl.name }}/cert.pem
  ssl_key: /etc/letsencrypt/live/{{ api.ssl.name }}/privkey.pem
  {%- elif api.ssl.engine == 'salt' %}
  ssl_crt: /etc/ssl/certs/{{ api.ssl.get('name', grains.id) }}.crt
  ssl_key: /etc/ssl/private/{{ api.ssl.get('name', grains.id) }}.key
  {%- if api.ssl.authority is defined %}
  ssl_chain: /etc/ssl/certs/{{ api.ssl.get('name', grains.id) }}-chain.crt
  {%- endif %}
  {%- else %}
  ssl_crt: {{ api.ssl.get('cert_file')|default("/etc/ssl/certs/"+grains.get('fqdn')+".crt") }}
  ssl_key: {{ api.ssl.get('key_file')|default("/etc/ssl/private/"+grains.get('fqdn')+".key") }}
  {%- endif %}
  {%- else %}
  disable_ssl: True
  {%- endif %}
  expire_responses: {{ api.get('expire_responses', False) }}
  {%- if api.get('debug', False) %}
  debug: True
  {%- endif %}
{#-
  vim: syntax=jinja
-#}