--- {%- from "nginx/map.jinja" import nginx with context -%} {%- for configfile in nginx.config.files %} nginx-config-{{ configfile }}: file.managed: - name: {{ nginx.config.dir }}/{{ configfile }} - source: salt://nginx/templates/{{ configfile }}.j2 - template: jinja - user: {{ nginx.config.user }} - group: {{ nginx.config.group }} - watch_in: - service: nginx-service - watch: - cmd: acme-certs - require: - sls: acme {%- endfor %} nginx-config-wipe-default: file.absent: - name: /etc/nginx/sites-enabled/default {%- for subdir in nginx.config.subdirs %} nginx-config-dir-{{ subdir }}: file.directory: - name: {{ nginx.config.dir }}/{{ subdir }} - user: {{ nginx.config.user }} - group: {{ nginx.config.group }} - watch_in: - service: nginx-service {%- endfor %} {#% for vhost in salt['file.find']( nginx.config.dir+'/sites-enabled/',type='f') %#} {#% do salt['file.remove'](vhost) %#} {#% endfor %#} {%- for key, vhost in nginx.vhosts.items() %} nginx-sites-available-{{ key }}: file.managed: - name: {{ nginx.config.dir }}/sites-available/{{ key }} - source: salt://nginx/templates/types/{{ vhost.type }}.j2 - template: jinja - user: {{ nginx.config.user }} - group: {{ nginx.config.group }} - require: - file: nginx-config-dir-sites-available - file: nginx-config-dir-sites-enabled - context: vhost_name: {{ vhost.name }} https: {{ vhost.https|default(true) }} proxy: {{ vhost.proxy|default(false) }} proxy_pass: {{ vhost.proxy_pass|default("") }} cache: {{ vhost.cache|default(true) }} autoindex: {{ vhost.autoindex|default(false) }} root_dir: {{ vhost.root_dir|default(None) }} internal_access: {{ vhost.internal_access|default(false) }} dirs: {{ vhost.dirs|default([]) }} nginx-site-enabled-{{ key }}: file.symlink: - name: {{ nginx.config.dir }}/sites-enabled/{{ key }} - target: {{ nginx.config.dir }}/sites-available/{{ key }} - template: jinja - user: {{ nginx.config.user }} - group: {{ nginx.config.group }} - require: - file: nginx-config-dir-sites-available - file: nginx-config-dir-sites-enabled - nginx-sites-available-{{ key }} - watch_in: - service: nginx-service {%- endfor %}