Compare commits

..

3 Commits

Author SHA1 Message Date
250d97dd3b
apache-httpd: manage snippets
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
- add apache-httpd profile with snippets configuration
- add TLS snippet to apache-httpd role pillar

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-19 13:43:10 +01:00
2bf2996f07
themis: add BookStack configuration
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-19 13:43:10 +01:00
0ddf88225b
themis: add BookStack httpd configuration
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-19 13:43:10 +01:00
4 changed files with 43 additions and 1 deletions

View File

@ -28,6 +28,7 @@ apache:
ServerAdmin: False
ServerAlias: False
Formula_Append: |
Include /etc/apache2/snippets.d/ssl_themis.conf
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
SetOutputFilter DEFLATE
<FilesMatch '\.php$'>

View File

@ -1,3 +1,13 @@
{%- set host = grains['host'] -%}
{%- set fqdn = grains['fqdn'] -%}
apache:
global:
ServerAdmin: system@lysergic.dev
profile:
apache-httpd:
snippets:
ssl_{{ host }}:
- 'SSLCertificateFile "/etc/ssl/{{ host }}/{{ fqdn }}.crt"'
- 'SSLCertificateKeyFile "/etc/ssl/{{ host }}/{{ fqdn }}.key"'

View File

@ -0,0 +1,31 @@
{%- set snippetsdir = '/etc/apache2/snippets.d' -%}
{%- set mypillar = salt['pillar.get']('profile:apache-httpd', {}) -%}
{{ snippetsdir }}:
file.directory:
- makedirs: True
{%- if 'snippets' in mypillar %}
{%- for snippet, config in mypillar['snippets'].items() %}
{{ snippetsdir }}/{{ snippet }}.conf:
file.managed:
- contents:
{%- for line in config %}
- {{ line }}
{%- endfor %}
- require:
- file: {{ snippetsdir }}
{#- formula dependencies #}
- require_in:
- module: apache-service-running-restart
- service: apache-service-running
- watch_in:
- module: apache-service-running-reload
{%- endfor %}
{%- endif %}
include:
- apache.config

View File

@ -1,2 +1,2 @@
include:
- apache.config
- profile.apache-httpd