salt
/
galera-formula
forkato da ExternalMirrors/galera-formula
Segui 1
Vota 0
Forka 0
Codice Rilasci 7 Attività
Saltstack Official Galera Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
149 Commit
12 Rami (Branch)
Albero (Tree): c0a5071814
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'c0a5071814'
${ noResults }
galera-formula/galera/_ssl.sls

95 lines
2.3KB
Originale Blame Cronologia 

  1. {%- from "galera/map.jinja" import master, slave with context %}

  2. {%- if master.get('enabled', False) %}

  3.   {%- set service, role = master, 'master' %}

  4. {%-  elif slave.get('enabled', False) %}

  5.   {%- set service, role = slave, 'slave' %}

  6. {%- endif %}

  7. 

  8. {%- if service.get('ssl', {}).get('enabled', False) %}

  9. {%- if service.ssl.cacert_chain is defined %}

  10. mysql_cacertificate:

  11.   file.managed:

  12.     - name: {{ service.ssl.ca_file }}

  13.     - contents_pillar: galera:{{ role }}:ssl:cacert_chain

  14.     - mode: 0444

  15.     - makedirs: true

  16.     - require_in:

  17.       - service: galera_service

  18.       - file: galera_config

  19. {%- else %}

  20. mysql_cacertificate_exists:

  21.   file.exists:

  22.   - name: {{ service.ssl.ca_file }}

  23. mysql_cacertificate:

  24.   file.managed:

  25.   - name: {{ service.ssl.ca_file }}

  26.   - mode: 644

  27.   - create: False

  28.   - require:

  29.     - file: mysql_cacertificate_exists

  30.   - require_in:

  31.     - service: galera_service

  32.     - file: galera_config

  33. {%- endif %}

  34. 

  35. {%- if service.ssl.cert is defined %}

  36. mysql_certificate:

  37.   file.managed:

  38.     - name: {{ service.ssl.cert_file }}

  39.     - contents_pillar: galera:{{ role }}:ssl:cert

  40.     - mode: 0444

  41.     - makedirs: true

  42.     - require_in:

  43.       - service: galera_service

  44.       - file: galera_config

  45. {%- else %}

  46. mysql_certificate_exists:

  47.   file.exists:

  48.   - name: {{ service.ssl.cert_file }}

  49. mysql_certificate:

  50.   file.managed:

  51.     - name: {{ service.ssl.cert_file }}

  52.     - mode: 644

  53.     - create: False

  54.     - require:

  55.       - file: mysql_certificate_exists

  56.     - require_in:

  57.       - service: galera_service

  58.       - file: galera_config

  59. {%- endif %}

  60. 

  61. {%- if service.ssl.key is defined %}

  62. mysql_server_key:

  63.   file.managed:

  64.     - name: {{ service.ssl.key_file }}

  65.     - contents_pillar: galera:{{ role }}:ssl:key

  66.     - user: root

  67.     - group: mysql

  68.     - mode: 0440

  69.     - makedirs: true

  70.     - require:

  71.       - pkg: galera_packages

  72.     - require_in:

  73.       - service: galera_service

  74.       - file: galera_config

  75. {%- else %}

  76. mysql_server_key_exists:

  77.   file.exists:

  78.     - name: {{ service.ssl.key_file }}

  79. mysql_server_key:

  80.   file.managed:

  81.     - name: {{ service.ssl.key_file }}

  82.     - user: root

  83.     - group: mysql

  84.     - mode: 0440

  85.     - create: False

  86.     - require:

  87.       - file: mysql_server_key_exists

  88.       - pkg: galera_packages

  89.     - require_in:

  90.        - service: galera_service

  91.        - file: galera_config

  92. {%- endif %}

  93. 

  94. {%- endif %}