From 4653655010c16d8f1f128480b55d4cd2e9f5a9e7 Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Sun, 19 Feb 2023 13:40:47 +0100 Subject: [PATCH] profile.apache-httpd: manage snippets - add apache-httpd profile with snippets configuration - add TLS snippet to apache-httpd role pillar Signed-off-by: Georg Pfuetzenreuter --- pillar/role/web/apache-httpd.sls | 10 ++++++++++ salt/profile/apache-httpd/init.sls | 31 ++++++++++++++++++++++++++++++ salt/role/web/apache-httpd.sls | 2 +- 3 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 salt/profile/apache-httpd/init.sls diff --git a/pillar/role/web/apache-httpd.sls b/pillar/role/web/apache-httpd.sls index 5b4b64b..bd77162 100644 --- a/pillar/role/web/apache-httpd.sls +++ b/pillar/role/web/apache-httpd.sls @@ -1,3 +1,13 @@ +{%- set host = grains['host'] -%} +{%- set fqdn = grains['fqdn'] -%} + apache: global: ServerAdmin: system@lysergic.dev + +profile: + apache-httpd: + snippets: + ssl_{{ host }}: + - 'SSLCertificateFile "/etc/ssl/{{ host }}/{{ fqdn }}.crt"' + - 'SSLCertificateKeyFile "/etc/ssl/{{ host }}/{{ fqdn }}.key"' diff --git a/salt/profile/apache-httpd/init.sls b/salt/profile/apache-httpd/init.sls new file mode 100644 index 0000000..db5b6f9 --- /dev/null +++ b/salt/profile/apache-httpd/init.sls @@ -0,0 +1,31 @@ +{%- set snippetsdir = '/etc/apache2/snippets.d' -%} +{%- set mypillar = salt['pillar.get']('profile:apache-httpd', {}) -%} + +{{ snippetsdir }}: + file.directory: + - makedirs: True + +{%- if 'snippets' in mypillar %} +{%- for snippet, config in mypillar['snippets'].items() %} +{{ snippetsdir }}/{{ snippet }}.conf: + file.managed: + - contents: + {%- for line in config %} + - {{ line }} + {%- endfor %} + - require: + - file: {{ snippetsdir }} + {#- formula dependencies #} + - require_in: + - module: apache-service-running-restart + - service: apache-service-running + - watch_in: + - module: apache-service-running-reload +{%- endfor %} +{%- endif %} + +include: + - apache.config + + + diff --git a/salt/role/web/apache-httpd.sls b/salt/role/web/apache-httpd.sls index 7c2002f..559d860 100644 --- a/salt/role/web/apache-httpd.sls +++ b/salt/role/web/apache-httpd.sls @@ -1,2 +1,2 @@ include: - - apache.config + - profile.apache-httpd