2023-02-12 17:14:41 +01:00
3 changed files with 17 additions and 0 deletions
--- a/pillar/cluster/denc/web-proxy.sls
+++ b/pillar/cluster/denc/web-proxy.sls
@ -209,3 +209,10 @@ firewalld:
      services:
        - http
        - https
 profile:
  apparmor:
    local:
      usr.sbin.nginx:
        - '{{ trustcrt }} r,'
        - '/srv/www/{libsso.net,sso.casa,sso.syscid.com}/{index.html,stuff/tacit-css-1.5.2.min.css} r,'
--- a/salt/profile/apparmor/local.sls
+++ b/salt/profile/apparmor/local.sls
@ -0,0 +1,9 @@
 {%- set aapillar = salt['pillar.get']('profile:apparmor') %}
 {%- if 'local' in aapillar %}
 {%- for profile, lines in aapillar['local'].items() %}
 /etc/apparmor.d/local/{{ profile }}:
  file.managed:
    - contents: {{ lines }}
 {%- endfor %}
 {%- endif %}
--- a/salt/role/web-proxy.sls
+++ b/salt/role/web-proxy.sls
@ -1,5 +1,6 @@
 include:
  - nginx.pkg
  - profile.apparmor.local
  - nginx.config
  - nginx.snippets
  - nginx.servers