94 lines
2.2 KiB
Text
94 lines
2.2 KiB
Text
{%- set os=grains['os'] -%}
|
|
|
|
{##check if server is portal##}
|
|
{%- if 'portal' in pillar['roles'] -%}
|
|
{%- set portal = "portal" -%}
|
|
{%- endif -%}
|
|
nginx:
|
|
pkg.installed: []
|
|
service.running:
|
|
- enable: true
|
|
- watch:
|
|
- file: /etc/nginx/conf.d/*
|
|
- file: /etc/nginx/nginx.conf
|
|
{%- if pillar['nginx'] is defined -%}
|
|
{%- for name in pillar['nginx'] %}
|
|
- file: /etc/nginx/certs/{{name}}.actcur.com/*
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
/etc/nginx/nginx.conf:
|
|
file.managed:
|
|
- source: salt://roles/maintain/nginx-proxy/nginx.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
|
|
{##ensure that nginx pillar exists##}
|
|
{%- if pillar['nginx'] is defined -%}
|
|
{%- set resolver = "172.16.40.20" -%}
|
|
|
|
{##set up conf files for this server##}
|
|
{%- for name in pillar['nginx'] %}
|
|
"/etc/nginx/certs/{{name}}.actcur.com/":
|
|
file.recurse:
|
|
- source: salt://secure/certs/{{name}}.actcur.com/
|
|
{%- if os=="CentOS" or os=="RedHat" %}
|
|
- user: nginx
|
|
- user: nginx
|
|
{%- elif os=="Arch" or os=="Manjaro" %}
|
|
- user: http
|
|
- group: http
|
|
{%- endif %}
|
|
- dir_mode: 755
|
|
- file_mode: 400
|
|
- clean: true
|
|
|
|
/etc/nginx/conf.d/{{ name }}.conf:
|
|
file.managed:
|
|
- makedirs: true
|
|
{%- if portal is defined %}
|
|
- source: salt://roles/maintain/nginx-proxy/remote.conf
|
|
{%- else %}
|
|
- source: salt://roles/maintain/nginx-proxy/local.conf
|
|
{%- endif %}
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
- template: jinja
|
|
- context:
|
|
server: {{ name }}
|
|
resolver: {{ resolver }}
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
|
|
{%- if portal is defined %}
|
|
/etc/nginx/conf.d/portal.actcur.com.conf:
|
|
file.managed:
|
|
- makedirs: true
|
|
- source: salt://roles/maintain/nginx-proxy/portal.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
- template: jinja
|
|
- context:
|
|
resolver: {{ resolver }}
|
|
|
|
"/etc/nginx/certs/portal.actcur.com/":
|
|
file.recurse:
|
|
- source: salt://secure/certs/portal.actcur.com/
|
|
- user: http
|
|
- group: http
|
|
- dir_mode: 755
|
|
- file_mode: 400
|
|
- clean: true
|
|
{%- else %}
|
|
/etc/nginx/conf.d/default.conf:
|
|
file.managed:
|
|
- makedirs: true
|
|
- source: salt://roles/maintain/nginx-proxy/default.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
{%- endif -%}
|