From 622d22f9711085aeca19f3907e22e87c6b21b8d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= <javier@netmanagers.com.ar>
Date: Fri, 12 Mar 2021 10:02:43 -0300
Subject: [PATCH] feat(servers_config): add require statement to manage
 dependencies

Also, check config before applying
---
 nginx/config.sls                     |  3 ---
 nginx/servers_config.sls             |  6 ++++++
 nginx/service.sls                    |  3 +++
 pillar.example                       | 12 ++++++++++++
 test/salt/passenger/pillar/nginx.sls |  4 +---
 5 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/nginx/config.sls b/nginx/config.sls
index 82b181f..3cd00b5 100644
--- a/nginx/config.sls
+++ b/nginx/config.sls
@@ -31,6 +31,3 @@ nginx_config:
     - context:
         config: {{ nginx.server.config|json(sort_keys=False) }}
 {% endif %}
-{% if nginx.check_config_before_apply %}
-    - check_cmd: /usr/sbin/nginx -t -c
-{% endif %}
diff --git a/nginx/servers_config.sls b/nginx/servers_config.sls
index 09aec68..5dd11a9 100644
--- a/nginx/servers_config.sls
+++ b/nginx/servers_config.sls
@@ -123,6 +123,12 @@ nginx_server_available_dir:
       }}
     - makedirs: True
     - template: jinja
+      {%- if 'requires' in settings %}
+    - require:
+        {%- for k, v in settings.requires.items() %}
+      - {{ k }}: {{ v }}
+        {%- endfor %}
+      {%- endif %}
 {% if 'source_path' not in settings.config %}
     - context:
         config: {{ settings.config|json(sort_keys=False) }}
diff --git a/nginx/service.sls b/nginx/service.sls
index 9cbc5cc..61defa3 100644
--- a/nginx/service.sls
+++ b/nginx/service.sls
@@ -42,3 +42,6 @@ nginx_service:
       {% else %}
       - pkg: nginx_install
       {% endif %}
+{% if nginx.check_config_before_apply %}
+    - only_if: /usr/sbin/nginx -t
+{% endif %}
diff --git a/pillar.example b/pillar.example
index ce6109b..7b610ef 100644
--- a/pillar.example
+++ b/pillar.example
@@ -202,6 +202,18 @@ nginx:
         # and None indicates no action
         enabled: true
 
+        # This let's you add dependencies on other resources being applied for a
+        # particular vhost
+        # A common case is when you use this formula together with letsencrypt's,
+        # validating through nginx: you need nginx running (to validate the vhost) but
+        # can't have the ssl vhost up until the certificate is created (because it
+        # won't exist and will make nginx fail to load the configuration)
+        #
+        # An example, when using LE to create the cert for 'some.host.domain':
+        # requires:
+        #   cmd: create-initial-cert-some.host.domain
+        requires: {}
+
         # Remove the site config file shipped by nginx
         # (i.e. '/etc/nginx/sites-available/default' by default)
         # It also remove the symlink (if it is exists).
diff --git a/test/salt/passenger/pillar/nginx.sls b/test/salt/passenger/pillar/nginx.sls
index 95edc52..63a9f54 100644
--- a/test/salt/passenger/pillar/nginx.sls
+++ b/test/salt/passenger/pillar/nginx.sls
@@ -26,7 +26,6 @@ nginx:
       - location ^~ /.well-known/acme-challenge/:
           - proxy_pass: http://localhost:9999
   server:
-
     config:
       # This is required to get the passenger module loaded
       # In Debian it can be done with this
@@ -64,5 +63,4 @@ nginx:
               - index: 'index.html index.htm'
               - location ~ .htm:
                   - try_files: '$uri $uri/ =404'
-              # - include: '/etc/nginx/snippets/letsencrypt.conf'
-              - include: 'snippets/letsencrypt.conf'
+              - include: '/etc/nginx/snippets/letsencrypt.conf'