Merge pull request #163 from Perceptyx/cert_path_configurable
Make certificates path configurable.
This commit is contained in:
commit
07d06079bc
@ -1,11 +1,12 @@
|
||||
include:
|
||||
- nginx.ng.service
|
||||
|
||||
{% set certificates_path = salt['pillar.get']('nginx:ng:certificates_path', '/etc/nginx/ssl') %}
|
||||
{%- for domain in salt['pillar.get']('nginx:ng:certificates', {}).keys() %}
|
||||
|
||||
nginx_{{ domain }}_ssl_certificate:
|
||||
file.managed:
|
||||
- name: /etc/nginx/ssl/{{ domain }}.crt
|
||||
- name: {{ certificates_path }}/{{ domain }}.crt
|
||||
- makedirs: True
|
||||
- contents_pillar: nginx:ng:certificates:{{ domain }}:public_cert
|
||||
- watch_in:
|
||||
@ -14,7 +15,7 @@ nginx_{{ domain }}_ssl_certificate:
|
||||
{% if salt['pillar.get']("nginx:ng:certificates:{}:private_key".format(domain)) %}
|
||||
nginx_{{ domain }}_ssl_key:
|
||||
file.managed:
|
||||
- name: /etc/nginx/ssl/{{ domain }}.key
|
||||
- name: {{ certificates_path }}/{{ domain }}.key
|
||||
- mode: 600
|
||||
- makedirs: True
|
||||
- contents_pillar: nginx:ng:certificates:{{ domain }}:private_key
|
||||
|
@ -132,6 +132,7 @@ nginx:
|
||||
# }
|
||||
# }
|
||||
|
||||
certificates_path: '/etc/nginx/ssl' # Use this if you need to deploy below certificates in a custom path.
|
||||
# If you're doing SSL termination, you can deploy certificates this way.
|
||||
# The private one(s) should go in a separate pillar file not in version
|
||||
# control (or use encrypted pillar data).
|
||||
|
Loading…
Reference in New Issue
Block a user