salt
/
galera-formula
forkeado de ExternalMirrors/galera-formula
Seguir 1
Destacar 0
Fork 0
Código Lanzamientos 7 Actividad
Saltstack Official Galera Formula
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
136 Commits
12 Ramas
Árbol: ea868115e6
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'ea868115e6'
${ noResults }
galera-formula/galera/ssl.sls

84 líneas
2.0KB
Original Blame Histórico 

  1. {%- from "galera/map.jinja" import master, slave with context %}

  2. 

  3. {%- set service = master if pillar.galera.master is defined else slave %}

  4. {%- set role = 'master' if pillar.galera.master is defined else 'slave' %}

  5. 

  6. {%- if service.get('ssl', {}).get('enabled', False) %}

  7. {%- if service.ssl.cacert_chain is defined %}

  8. mysql_cacertificate:

  9.   file.managed:

  10.     - name: {{ service.ssl.ca_file }}

  11.     - contents_pillar: galera:{{ role }}:ssl:cacert_chain

  12.     - mode: 0444

  13.     - makedirs: true

  14.     - require_in:

  15.       - service: galera_service

  16. {%- else %}

  17. mysql_cacertificate_exists:

  18.   file.exists:

  19.   - name: {{ service.ssl.ca_file }}

  20. mysql_cacertificate:

  21.   file.managed:

  22.   - name: {{ service.ssl.ca_file }}

  23.   - mode: 644

  24.   - create: False

  25.   - require:

  26.     - file: mysql_cacertificate_exists

  27.   - require_in:

  28.     - service: galera_service

  29. {%- endif %}

  30. 

  31. {%- if service.ssl.cert is defined %}

  32. mysql_certificate:

  33.   file.managed:

  34.     - name: {{ service.ssl.cert_file }}

  35.     - contents_pillar: galera:{{ role }}:ssl:cert

  36.     - mode: 0444

  37.     - makedirs: true

  38.     - require_in:

  39.       - service: galera_service

  40. {%- else %}

  41. mysql_certificate_exists:

  42.   file.exists:

  43.   - name: {{ service.ssl.cert_file }}

  44. mysql_certificate:

  45.   file.managed:

  46.     - name: {{ service.ssl.cert_file }}

  47.     - mode: 644

  48.     - create: False

  49.     - require:

  50.       - file: mysql_certificate_exists

  51.     - require_in:

  52.       - service: galera_service

  53. {%- endif %}

  54. 

  55. {%- if service.ssl.key is defined %}

  56. mysql_server_key:

  57.   file.managed:

  58.     - name: {{ service.ssl.key_file }}

  59.     - contents_pillar: galera:{{ role }}:ssl:key

  60.     - user: root

  61.     - group: mysql

  62.     - mode: 0440

  63.     - makedirs: true

  64.     - require_in:

  65.       - service: galera_service

  66. {%- else %}

  67. mysql_server_key_exists:

  68.   file.exists:

  69.     - name: {{ service.ssl.key_file }}

  70. mysql_server_key:

  71.   file.managed:

  72.     - name: {{ service.ssl.key_file }}

  73.     - user: root

  74.     - group: mysql

  75.     - mode: 0440

  76.     - create: False

  77.     - require:

  78.       - file: mysql_server_key_exists

  79.     - require_in:

  80.        - service: galera_service

  81. {%- endif %}

  82. 

  83. {%- endif %}