summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGeorg Pfuetzenreuter2023-02-19 13:40:47 +0100
committerGeorg Pfuetzenreuter2023-02-26 13:14:28 +0100
commit4653655010c16d8f1f128480b55d4cd2e9f5a9e7 (patch)
tree585e1237b9cf5509a36404613568b07006d4eba4
parentd8d848055ffe8da7530ccdf3f8076a01fae44ed0 (diff)
downloadsalt-4653655010c16d8f1f128480b55d4cd2e9f5a9e7.tar.gz
salt-4653655010c16d8f1f128480b55d4cd2e9f5a9e7.tar.bz2
salt-4653655010c16d8f1f128480b55d4cd2e9f5a9e7.zip
profile.apache-httpd: manage snippets
- add apache-httpd profile with snippets configuration - add TLS snippet to apache-httpd role pillar Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
-rw-r--r--pillar/role/web/apache-httpd.sls10
-rw-r--r--salt/profile/apache-httpd/init.sls31
-rw-r--r--salt/role/web/apache-httpd.sls2
3 files changed, 42 insertions, 1 deletions
diff --git a/pillar/role/web/apache-httpd.sls b/pillar/role/web/apache-httpd.sls
index 5b4b64b..bd77162 100644
--- a/pillar/role/web/apache-httpd.sls
+++ b/pillar/role/web/apache-httpd.sls
@@ -1,3 +1,13 @@
+{%- set host = grains['host'] -%}
+{%- set fqdn = grains['fqdn'] -%}
+
apache:
global:
ServerAdmin: system@lysergic.dev
+
+profile:
+ apache-httpd:
+ snippets:
+ ssl_{{ host }}:
+ - 'SSLCertificateFile "/etc/ssl/{{ host }}/{{ fqdn }}.crt"'
+ - 'SSLCertificateKeyFile "/etc/ssl/{{ host }}/{{ fqdn }}.key"'
diff --git a/salt/profile/apache-httpd/init.sls b/salt/profile/apache-httpd/init.sls
new file mode 100644
index 0000000..db5b6f9
--- /dev/null
+++ b/salt/profile/apache-httpd/init.sls
@@ -0,0 +1,31 @@
+{%- set snippetsdir = '/etc/apache2/snippets.d' -%}
+{%- set mypillar = salt['pillar.get']('profile:apache-httpd', {}) -%}
+
+{{ snippetsdir }}:
+ file.directory:
+ - makedirs: True
+
+{%- if 'snippets' in mypillar %}
+{%- for snippet, config in mypillar['snippets'].items() %}
+{{ snippetsdir }}/{{ snippet }}.conf:
+ file.managed:
+ - contents:
+ {%- for line in config %}
+ - {{ line }}
+ {%- endfor %}
+ - require:
+ - file: {{ snippetsdir }}
+ {#- formula dependencies #}
+ - require_in:
+ - module: apache-service-running-restart
+ - service: apache-service-running
+ - watch_in:
+ - module: apache-service-running-reload
+{%- endfor %}
+{%- endif %}
+
+include:
+ - apache.config
+
+
+
diff --git a/salt/role/web/apache-httpd.sls b/salt/role/web/apache-httpd.sls
index 7c2002f..559d860 100644
--- a/salt/role/web/apache-httpd.sls
+++ b/salt/role/web/apache-httpd.sls
@@ -1,2 +1,2 @@
include:
- - apache.config
+ - profile.apache-httpd