diff --git a/nginx/ng/certificates.sls b/nginx/ng/certificates.sls index ea74c28..a9e2659 100644 --- a/nginx/ng/certificates.sls +++ b/nginx/ng/certificates.sls @@ -1,3 +1,5 @@ +{% from 'nginx/ng/map.jinja' import nginx with context %} + include: - nginx.ng.service @@ -11,6 +13,8 @@ create_nginx_dhparam_key: - makedirs: True {% elif salt.pillar.get('nginx:ng:dh_keygen', False) %} generate_nginx_dhparam_key: + pkg.installed: + - name: {{ nginx.lookup.openssl_package }} file.directory: - name: {{ certificates_path }} - makedirs: True diff --git a/nginx/ng/map.jinja b/nginx/ng/map.jinja index fc3c45d..e2f70d4 100644 --- a/nginx/ng/map.jinja +++ b/nginx/ng/map.jinja @@ -16,6 +16,7 @@ 'server_enabled': '/etc/nginx/sites-enabled', 'server_use_symlink': True, 'pid_file': '/run/nginx.pid', + 'openssl_package': 'openssl', }, 'CentOS': { 'package': 'nginx', @@ -30,6 +31,7 @@ 'rh_os_releasever': '$releasever', 'gpg_check': False, 'gpg_key': 'http://nginx.org/keys/nginx_signing.key', + 'openssl_package': 'openssl', }, 'RedHat': { 'package': 'nginx', @@ -49,6 +51,7 @@ 'passenger_instance_registry_dir': ' /var/run/passenger-instreg', 'passenger_ruby': '/usr/bin/ruby', }, + 'openssl_package': 'openssl', }, 'Suse': { 'package': 'nginx', @@ -60,7 +63,8 @@ 'server_use_symlink': False, 'pid_file': '/run/nginx.pid', 'gpg_check': True, - 'gpg_key': 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/repodata/repomd.xml.key' + 'gpg_key': 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/repodata/repomd.xml.key', + 'openssl_package': 'openssl', }, 'Arch': { 'package': 'nginx', @@ -70,6 +74,7 @@ 'server_available': '/etc/nginx/sites-available', 'server_enabled': '/etc/nginx/sites-enabled', 'server_use_symlink': True, + 'openssl_package': 'openssl', }, 'Gentoo': { 'package': 'www-servers/nginx', @@ -79,6 +84,7 @@ 'server_available': '/etc/nginx/sites-available', 'server_enabled': '/etc/nginx/sites-enabled', 'server_use_symlink': True, + 'openssl_package': 'dev-libs/openssl', }, }, default='Debian' ), 'install_from_source': False,