From db2db31300c967e1dba700ee57a6ea14764fbfb3 Mon Sep 17 00:00:00 2001 From: Gilles Dartiguelongue Date: Tue, 11 Jul 2017 11:31:17 +0200 Subject: [PATCH] Handle installation of openssl to generate DH param --- nginx/ng/certificates.sls | 4 ++++ nginx/ng/map.jinja | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/nginx/ng/certificates.sls b/nginx/ng/certificates.sls index ea74c28..a9e2659 100644 --- a/nginx/ng/certificates.sls +++ b/nginx/ng/certificates.sls @@ -1,3 +1,5 @@ +{% from 'nginx/ng/map.jinja' import nginx with context %} + include: - nginx.ng.service @@ -11,6 +13,8 @@ create_nginx_dhparam_key: - makedirs: True {% elif salt.pillar.get('nginx:ng:dh_keygen', False) %} generate_nginx_dhparam_key: + pkg.installed: + - name: {{ nginx.lookup.openssl_package }} file.directory: - name: {{ certificates_path }} - makedirs: True diff --git a/nginx/ng/map.jinja b/nginx/ng/map.jinja index fc3c45d..e2f70d4 100644 --- a/nginx/ng/map.jinja +++ b/nginx/ng/map.jinja @@ -16,6 +16,7 @@ 'server_enabled': '/etc/nginx/sites-enabled', 'server_use_symlink': True, 'pid_file': '/run/nginx.pid', + 'openssl_package': 'openssl', }, 'CentOS': { 'package': 'nginx', @@ -30,6 +31,7 @@ 'rh_os_releasever': '$releasever', 'gpg_check': False, 'gpg_key': 'http://nginx.org/keys/nginx_signing.key', + 'openssl_package': 'openssl', }, 'RedHat': { 'package': 'nginx', @@ -49,6 +51,7 @@ 'passenger_instance_registry_dir': ' /var/run/passenger-instreg', 'passenger_ruby': '/usr/bin/ruby', }, + 'openssl_package': 'openssl', }, 'Suse': { 'package': 'nginx', @@ -60,7 +63,8 @@ 'server_use_symlink': False, 'pid_file': '/run/nginx.pid', 'gpg_check': True, - 'gpg_key': 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/repodata/repomd.xml.key' + 'gpg_key': 'http://download.opensuse.org/repositories/server:/http/openSUSE_13.2/repodata/repomd.xml.key', + 'openssl_package': 'openssl', }, 'Arch': { 'package': 'nginx', @@ -70,6 +74,7 @@ 'server_available': '/etc/nginx/sites-available', 'server_enabled': '/etc/nginx/sites-enabled', 'server_use_symlink': True, + 'openssl_package': 'openssl', }, 'Gentoo': { 'package': 'www-servers/nginx', @@ -79,6 +84,7 @@ 'server_available': '/etc/nginx/sites-available', 'server_enabled': '/etc/nginx/sites-enabled', 'server_use_symlink': True, + 'openssl_package': 'dev-libs/openssl', }, }, default='Debian' ), 'install_from_source': False,