init.sls 1.1 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
  1. #
  2. # Nginx
  3. #
  4. {% set nginx_pkg = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':nginx:pkg', 'nginx') %}
  5. nginx:
  6. pkg.installed:
  7. - name: {{nginx_pkg}}
  8. {% if grains['oscodename'] == 'jessie' %}
  9. - fromrepo: jessie-backports
  10. {% endif %}
  11. service.running:
  12. - enable: TRUE
  13. - reload: TRUE
  14. {% if grains['saltversion'] >= '2014.7.0' %}
  15. nginx-dhparam:
  16. cmd.run:
  17. - name: openssl dhparam -out /etc/ssl/dhparam.pem 4096
  18. - creates: /etc/ssl/dhparam.pem
  19. - require_in:
  20. - serivce: nginx
  21. {% endif %}
  22. # Install meaningful main configuration (SSL tweaks 'n stuff)
  23. /etc/nginx/nginx.conf:
  24. file.managed:
  25. - source: salt://nginx/nginx.conf
  26. - watch_in:
  27. - service: nginx
  28. # Disable default configuration
  29. /etc/nginx/sites-enabled/default:
  30. file.absent:
  31. - watch_in:
  32. - service: nginx
  33. # Install website configuration files configured for this node
  34. {% for website in salt['pillar.get']('nodes:' ~ grains['id'] ~ ':nginx:websites', []) %}
  35. /etc/nginx/sites-enabled/{{website}}:
  36. file.managed:
  37. - source: salt://nginx/{{website}}
  38. - template: jinja
  39. - require:
  40. - pkg: nginx
  41. - watch_in:
  42. - service: nginx
  43. {% endfor %}