fix(certificates.sls): prepare certificates_path dir separately

* Close #241
This commit is contained in:
Imran Iqbal 2019-11-22 15:41:06 +00:00
parent 4ba35247ed
commit 297e3ac400
No known key found for this signature in database
GPG Key ID: 6D8629439D2B7819

View File

@ -4,6 +4,10 @@ include:
- nginx.service - nginx.service
{% set certificates_path = salt['pillar.get']('nginx:certificates_path', '/etc/nginx/ssl') %} {% set certificates_path = salt['pillar.get']('nginx:certificates_path', '/etc/nginx/ssl') %}
prepare_certificates_path_dir:
file.directory:
- name: {{ certificates_path }}
- makedirs: True
{%- for dh_param, value in salt['pillar.get']('nginx:dh_param', {}).items() %} {%- for dh_param, value in salt['pillar.get']('nginx:dh_param', {}).items() %}
{%- if value is string %} {%- if value is string %}
@ -12,19 +16,20 @@ create_nginx_dhparam_{{ dh_param }}_key:
- name: {{ certificates_path }}/{{ dh_param }} - name: {{ certificates_path }}/{{ dh_param }}
- contents_pillar: nginx:dh_param:{{ dh_param }} - contents_pillar: nginx:dh_param:{{ dh_param }}
- makedirs: True - makedirs: True
- require:
- file: prepare_certificates_path_dir
- watch_in: - watch_in:
- service: nginx_service - service: nginx_service
{%- else %} {%- else %}
generate_nginx_dhparam_{{ dh_param }}_key: generate_nginx_dhparam_{{ dh_param }}_key:
pkg.installed: pkg.installed:
- name: {{ nginx.lookup.openssl_package }} - name: {{ nginx.lookup.openssl_package }}
file.directory:
- name: {{ certificates_path }}
- makedirs: True
cmd.run: cmd.run:
- name: openssl dhparam -out {{ dh_param }} {{ value.get('keysize', 2048) }} - name: openssl dhparam -out {{ dh_param }} {{ value.get('keysize', 2048) }}
- cwd: {{ certificates_path }} - cwd: {{ certificates_path }}
- creates: {{ certificates_path }}/{{ dh_param }} - creates: {{ certificates_path }}/{{ dh_param }}
- require:
- file: prepare_certificates_path_dir
- watch_in: - watch_in:
- service: nginx_service - service: nginx_service
{%- endif %} {%- endif %}