2016-09-27 00:56:52 +02:00
|
|
|
{% from "apache/map.jinja" import apache with context %}
|
|
|
|
|
2016-04-07 11:58:42 +02:00
|
|
|
{% if grains['os_family']=="Debian" %}
|
|
|
|
|
|
|
|
include:
|
|
|
|
- apache
|
|
|
|
|
|
|
|
a2enmod mod_ssl:
|
|
|
|
cmd.run:
|
|
|
|
- name: a2enmod ssl
|
|
|
|
- unless: ls /etc/apache2/mods-enabled/ssl.load
|
|
|
|
- order: 225
|
|
|
|
- require:
|
|
|
|
- pkg: apache
|
|
|
|
- watch_in:
|
|
|
|
- module: apache-restart
|
2018-11-09 00:25:52 +01:00
|
|
|
- require_in:
|
|
|
|
- module: apache-restart
|
|
|
|
- module: apache-reload
|
|
|
|
- service: apache
|
2016-04-07 11:58:42 +02:00
|
|
|
|
2018-08-17 19:41:40 +02:00
|
|
|
/etc/apache2/mods-available/ssl.conf:
|
|
|
|
file.managed:
|
|
|
|
- source: salt://apache/files/{{ salt['grains.get']('os_family') }}/ssl.conf.jinja
|
|
|
|
- template: jinja
|
|
|
|
- mode: 644
|
|
|
|
- watch_in:
|
|
|
|
- module: apache-restart
|
|
|
|
|
2016-05-18 10:07:24 +02:00
|
|
|
{% elif grains['os_family']=="RedHat" %}
|
|
|
|
|
|
|
|
mod_ssl:
|
|
|
|
pkg.installed:
|
2017-10-23 15:35:31 +02:00
|
|
|
- name: {{ apache.mod_ssl }}
|
2016-05-18 10:07:24 +02:00
|
|
|
- require:
|
|
|
|
- pkg: apache
|
|
|
|
- watch_in:
|
|
|
|
- module: apache-restart
|
2018-11-09 00:25:52 +01:00
|
|
|
- require_in:
|
|
|
|
- module: apache-restart
|
|
|
|
- module: apache-reload
|
|
|
|
- service: apache
|
2016-05-18 10:07:24 +02:00
|
|
|
|
2018-10-27 23:27:27 +02:00
|
|
|
{{ apache.confdir }}/ssl.conf:
|
|
|
|
file.absent:
|
|
|
|
- require:
|
|
|
|
- pkg: apache
|
|
|
|
- watch_in:
|
2018-11-09 00:25:52 +01:00
|
|
|
- module: apache-restart
|
|
|
|
- require_in:
|
|
|
|
- module: apache-restart
|
|
|
|
- module: apache-reload
|
2018-10-27 23:27:27 +02:00
|
|
|
- service: apache
|
|
|
|
|
2016-09-27 00:56:52 +02:00
|
|
|
{% elif grains['os_family']=="FreeBSD" %}
|
|
|
|
|
|
|
|
include:
|
|
|
|
- apache
|
|
|
|
- apache.mod_socache_shmcb
|
|
|
|
|
|
|
|
{{ apache.modulesdir }}/010_mod_ssl.conf:
|
|
|
|
file.managed:
|
|
|
|
- source: salt://apache/files/{{ salt['grains.get']('os_family') }}/mod_ssl.conf.jinja
|
|
|
|
- mode: 644
|
|
|
|
- template: jinja
|
|
|
|
- require:
|
|
|
|
- pkg: apache
|
|
|
|
- watch_in:
|
|
|
|
- module: apache-restart
|
2018-11-09 00:25:52 +01:00
|
|
|
- require_in:
|
|
|
|
- module: apache-restart
|
|
|
|
- module: apache-reload
|
|
|
|
- service: apache
|
2016-09-27 00:56:52 +02:00
|
|
|
|
2016-04-07 11:58:42 +02:00
|
|
|
{% endif %}
|
2018-01-10 01:24:17 +01:00
|
|
|
|
|
|
|
{{ apache.confdir }}/tls-defaults.conf:
|
|
|
|
{% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) %}
|
|
|
|
file.managed:
|
|
|
|
- source: salt://apache/files/tls-defaults.conf.jinja
|
|
|
|
- mode: 644
|
|
|
|
- template: jinja
|
|
|
|
{% else %}
|
|
|
|
file.absent:
|
|
|
|
{% endif %}
|
|
|
|
- require:
|
|
|
|
- pkg: apache
|
|
|
|
- watch_in:
|
|
|
|
- module: apache-restart
|
2018-11-09 00:25:52 +01:00
|
|
|
- require_in:
|
|
|
|
- module: apache-restart
|
|
|
|
- module: apache-reload
|
|
|
|
- service: apache
|
2018-01-10 01:24:17 +01:00
|
|
|
|
|
|
|
{% if grains['os_family']=="Debian" %}
|
|
|
|
a2endisconf tls-defaults:
|
|
|
|
cmd.run:
|
|
|
|
{% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) %}
|
|
|
|
- name: a2enconf tls-defaults
|
|
|
|
- unless: test -L /etc/apache2/conf-enabled/tls-defaults.conf
|
|
|
|
{% else %}
|
|
|
|
- name: a2disconf tls-defaults
|
|
|
|
- onlyif: test -L /etc/apache2/conf-enabled/tls-defaults.conf
|
|
|
|
{% endif %}
|
|
|
|
- order: 225
|
|
|
|
- require:
|
|
|
|
- pkg: apache
|
|
|
|
- file: {{ apache.confdir }}/tls-defaults.conf
|
|
|
|
- watch_in:
|
|
|
|
- module: apache-restart
|
2018-11-09 00:25:52 +01:00
|
|
|
- require_in:
|
|
|
|
- module: apache-restart
|
|
|
|
- module: apache-reload
|
|
|
|
- service: apache
|
2018-01-10 01:24:17 +01:00
|
|
|
{% endif %}
|