Merge pull request #197 from MEschenbacher/pillarcert
deploy certificates directly from pillar
This commit is contained in:
commit
355a968a2b
@ -36,17 +36,25 @@ nginx_{{ domain }}_ssl_certificate:
|
||||
file.managed:
|
||||
- name: {{ certificates_path }}/{{ domain }}.crt
|
||||
- makedirs: True
|
||||
{% if salt['pillar.get']("nginx:ng:certificates:{}:public_cert_pillar".format(domain)) %}
|
||||
- contents_pillar: {{salt['pillar.get']('nginx:ng:certificates:{}:public_cert_pillar'.format(domain))}}
|
||||
{% else %}
|
||||
- contents_pillar: nginx:ng:certificates:{{ domain }}:public_cert
|
||||
{% endif %}
|
||||
- watch_in:
|
||||
- service: nginx_service
|
||||
|
||||
{% if salt['pillar.get']("nginx:ng:certificates:{}:private_key".format(domain)) %}
|
||||
{% if salt['pillar.get']("nginx:ng:certificates:{}:private_key".format(domain)) or salt['pillar.get']("nginx:ng:certificates:{}:private_key_pillar".format(domain))%}
|
||||
nginx_{{ domain }}_ssl_key:
|
||||
file.managed:
|
||||
- name: {{ certificates_path }}/{{ domain }}.key
|
||||
- mode: 600
|
||||
- makedirs: True
|
||||
{% if salt['pillar.get']("nginx:ng:certificates:{}:private_key_pillar".format(domain)) %}
|
||||
- contents_pillar: {{salt['pillar.get']('nginx:ng:certificates:{}:private_key_pillar'.format(domain))}}
|
||||
{% else %}
|
||||
- contents_pillar: nginx:ng:certificates:{{ domain }}:private_key
|
||||
{% endif %}
|
||||
- watch_in:
|
||||
- service: nginx_service
|
||||
{% endif %}
|
||||
|
@ -188,6 +188,11 @@ nginx:
|
||||
# control (or use encrypted pillar data).
|
||||
certificates:
|
||||
'www.example.com':
|
||||
|
||||
# choose one of: deploying this cert by pillar (e.g. in combination with ext_pillar and file_tree)
|
||||
# public_cert_pillar: certs:example.com:fullchain.pem
|
||||
# private_key_pillar: certs:example.com:privkey.pem
|
||||
# or directly pasting the cert
|
||||
public_cert: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
(Your Primary SSL certificate: www.example.com.crt)
|
||||
|
Loading…
Reference in New Issue
Block a user