{%- set os=grains['os'] -%}
{##check if server is portal##}
{%- if 'portal' in pillar['grains']['roles'] -%}
{%- set portal = "portal" -%}
{%- endif -%}
nginx:
pkg.installed: []
service.running:
- enable: true
- watch:
- file: /etc/nginx/conf.d/*
- file: /etc/nginx/nginx.conf
{%- if pillar['nginx'] is defined -%}
{%- for name in pillar['nginx'] %}
- file: /etc/nginx/certs/{{name}}.actcur.com/*
{%- endfor %}
{%- endif %}
/etc/nginx/nginx.conf:
file.managed:
- source: salt://roles/maintain/nginx-proxy/nginx.conf
- user: root
- group: root
- mode: 644
{##ensure that nginx pillar exists##}
{%- if pillar['nginx'] is defined -%}
{%- set resolver = "172.16.40.20" -%}
{##set up conf files for this server##}
{%- for name in pillar['nginx'] %}
"/etc/nginx/certs/{{name}}.actcur.com/":
file.recurse:
- source: salt://secure/certs/{{name}}.actcur.com/
{%- if os=="CentOS" or os=="RedHat" %}
- user: nginx
- user: nginx
{%- elif os=="Arch" or os=="Manjaro" %}
- user: http
- group: http
{%- endif %}
- dir_mode: 755
- file_mode: 400
- clean: true
/etc/nginx/conf.d/{{ name }}.conf:
file.managed:
- makedirs: true
{%- if portal is defined %}
- source: salt://roles/maintain/nginx-proxy/remote.conf
{%- else %}
- source: salt://roles/maintain/nginx-proxy/local.conf
{%- endif %}
- user: root
- group: root
- mode: 644
- template: jinja
- context:
server: {{ name }}
resolver: {{ resolver }}
{%- endfor %}
{%- endif %}
{%- if portal is defined %}
/etc/nginx/conf.d/portal.actcur.com.conf:
file.managed:
- makedirs: true
- source: salt://roles/maintain/nginx-proxy/portal.conf
- user: root
- group: root
- mode: 644
- template: jinja
- context:
resolver: {{ resolver }}
"/etc/nginx/certs/portal.actcur.com/":
file.recurse:
- source: salt://secure/certs/portal.actcur.com/
- user: http
- group: http
- dir_mode: 755
- file_mode: 400
- clean: true
{%- else %}
/etc/nginx/conf.d/default.conf:
file.managed:
- makedirs: true
- source: salt://roles/maintain/nginx-proxy/default.conf
- user: root
- group: root
- mode: 644
{%- endif -%}