| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- include:
- - nginx
- /etc/nginx/ssl.d:
- file.directory:
- - mode: 700
- - require:
- - file: nginx_conf
- /etc/nginx/ssl.d/dummy-cert.pem:
- file.managed:
- - mode: 400
- - contents_pillar: env:certs:dummy-cert.pem
- - require:
- - file: /etc/nginx/ssl.d
- /etc/nginx/ssl.d/dummy-key.pem:
- file.managed:
- - mode: 400
- - contents_pillar: env:certs:dummy-key.pem
- - require:
- - file: /etc/nginx/ssl.d
- # NOTE: naming the subdirectory 'files-ssl' instead of ssl-files causes it to be
- # picked up by the file.recurse in the nginx_conf state, which is only supposed
- # to copy the 'files' subdirectory. This causes the empty directories
- # /etc/nginx/../files-ssl/conf.d/, /etc/nginx/../files-ssl/include/, etc., to
- # be created on the minion (not sure why the contents aren't copied as well).
- # This is not a problem of multiple file.recurse states pointing at the same
- # destination directory. It also happens if we multiple 'file.managed' states
- # here for each individual file.
- nginx_conf_ssl:
- file.recurse:
- - name: /etc/nginx
- - source: salt://nginx/ssl-files
- - include_empty: True
- - require:
- - file: /etc/nginx/ssl.d
- - watch:
- - file: /etc/nginx/ssl.d/dummy-cert.pem
- - file: /etc/nginx/ssl.d/dummy-key.pem
- - watch_in:
- - service: nginx
|
