apache-formula/apache/config/certificates/install.sls

# -*- coding: utf-8 -*-
# vim: ft=sls

{%- set tplroot = tpldir.split('/')[0] %}
{%- set sls_service_running = tplroot ~ '.service.running' %}
{%- from tplroot ~ "/map.jinja" import apache with context %}

include:
  - {{ sls_service_running }}

{%- for site, cert in salt['pillar.get']('apache:sites', {}).items() %}

    {%- if cert.SSLCertificateKeyFile is defined and cert.SSLCertificateKeyFile_content is defined %}

apache_cert_config_install_{{ site }}_key_file:
  file.managed:
    - name: {{ cert.SSLCertificateKeyFile }}
    - contents_pillar: apache:sites:{{ site }}:SSLCertificateKeyFile_content
    - makedirs: True
    - mode: 600
    - user: {{ apache.rootuser }}
    - group: {{ apache.rootgroup }}
    - watch_in:
      - module: apache-service-running-reload
    - require_in:
      - module: apache-service-running-restart
      - module: apache-service-running-reload
      - service: apache-service-running

    {%- endif %}
    {%- if cert.SSLCertificateFile is defined and cert.SSLCertificateFile_content is defined %}

apache_cert_config_install_{{ site }}_cert_file:
  file.managed:
    - name: {{ cert.SSLCertificateFile }}
    - contents_pillar: apache:sites:{{ site }}:SSLCertificateFile_content
    - makedirs: True
    - mode: 600
    - user: {{ apache.rootuser }}
    - group: {{ apache.rootgroup }}
    - watch_in:
      - module: apache-service-running-reload
    - require_in:
      - module: apache-service-running-restart
      - module: apache-service-running-reload
      - service: apache-service-running

    {%- endif %}
    {%- if cert.SSLCertificateChainFile is defined and cert.SSLCertificateChainFile_content is defined %}

apache_cert_config_install_{{ site }}_bundle_file:
  file.managed:
    - name: {{ cert.SSLCertificateChainFile }}
    - contents_pillar: apache:sites:{{ site }}:SSLCertificateChainFile_content
    - makedirs: True
    - mode: 600
    - user: {{ apache.rootuser }}
    - group: {{ apache.rootgroup }}
    - watch_in:
      - module: apache-service-running-reload
    - require_in:
      - module: apache-service-running-restart
      - module: apache-service-running-reload
      - service: apache-service-running

    {%- endif %}
{%- endfor %}
refactor(formula): align to template-formula & improve ci features FEATURE: Archlinux support FEATURE: Windows support FEATURE: Enhanced CI/CD FEATURE: modular states BREAKING CHANGE: 'apache.sls' converted to new style 'init.ssl' BREAKING CHANGE: "logrotate.sls" became "config/logrotate.sls" BREAKING CHANGE: "debian_full.sls" became "config/debian_full.sls" BREAKING CHANGE: "flags.sls" became "config/flags.sls" BREAKING CHANGE: "manage_security" became "config/manage_security.sls" BREAKING CHANGE: "mod_.sls" became "config/mod_.sls" BREAKING CHANGE: "no_default_host.sls" became "config/no_default_host.sls" BREAKING CHANGE: "own_default_host.sls" became "config/own_default_host.sls" BREAKING CHANGE: "register_site.sls" became "config/register_site.sls" BREAKING CHANGE: "server_status.sls" became "config/server_status.sls" BREAKING CHANGE: "vhosts/" became "config/vhosts/" BREAKING CHANGE: "mod_security/" became "config/mod_security/" NOT-BREAKING CHANGE: 'config.sls' became 'config/init.sls' NOT-BREAKING CHANGE: 'uninstall.sls' symlinked to 'clean.sls' 2020-09-13 06:07:20 +02:00			`# -- coding: utf-8 --`
			`# vim: ft=sls`

			`{%- set tplroot = tpldir.split('/')[0] %}`
			`{%- set sls_service_running = tplroot ~ '.service.running' %}`
			`{%- from tplroot ~ "/map.jinja" import apache with context %}`

			`include:`
			`- {{ sls_service_running }}`

			`{%- for site, cert in salt['pillar.get']('apache:sites', {}).items() %}`

			`{%- if cert.SSLCertificateKeyFile is defined and cert.SSLCertificateKeyFile_content is defined %}`

			`apache_cert_config_install_{{ site }}_key_file:`
			`file.managed:`
			`- name: {{ cert.SSLCertificateKeyFile }}`
			`- contents_pillar: apache:sites:{{ site }}:SSLCertificateKeyFile_content`
			`- makedirs: True`
			`- mode: 600`
			`- user: {{ apache.rootuser }}`
			`- group: {{ apache.rootgroup }}`
			`- watch_in:`
			`- module: apache-service-running-reload`
			`- require_in:`
			`- module: apache-service-running-restart`
			`- module: apache-service-running-reload`
			`- service: apache-service-running`

			`{%- endif %}`
			`{%- if cert.SSLCertificateFile is defined and cert.SSLCertificateFile_content is defined %}`

			`apache_cert_config_install_{{ site }}_cert_file:`
			`file.managed:`
			`- name: {{ cert.SSLCertificateFile }}`
			`- contents_pillar: apache:sites:{{ site }}:SSLCertificateFile_content`
			`- makedirs: True`
			`- mode: 600`
			`- user: {{ apache.rootuser }}`
			`- group: {{ apache.rootgroup }}`
			`- watch_in:`
			`- module: apache-service-running-reload`
			`- require_in:`
			`- module: apache-service-running-restart`
			`- module: apache-service-running-reload`
			`- service: apache-service-running`

			`{%- endif %}`
			`{%- if cert.SSLCertificateChainFile is defined and cert.SSLCertificateChainFile_content is defined %}`

			`apache_cert_config_install_{{ site }}_bundle_file:`
			`file.managed:`
			`- name: {{ cert.SSLCertificateChainFile }}`
			`- contents_pillar: apache:sites:{{ site }}:SSLCertificateChainFile_content`
			`- makedirs: True`
			`- mode: 600`
			`- user: {{ apache.rootuser }}`
			`- group: {{ apache.rootgroup }}`
			`- watch_in:`
			`- module: apache-service-running-reload`
			`- require_in:`
			`- module: apache-service-running-restart`
			`- module: apache-service-running-reload`
			`- service: apache-service-running`

			`{%- endif %}`
			`{%- endfor %}`