paulbsd-salt/states/nginx/config.sls
2021-07-18 10:11:37 +02:00

73 lines
2.3 KiB
Plaintext

---
{%- from "nginx/map.jinja" import nginx with context -%}
{%- for configfile in nginx.config.files %}
nginx-config-{{ configfile }}:
file.managed:
- name: {{ nginx.config.dir }}/{{ configfile }}
- source: salt://nginx/templates/{{ configfile }}.j2
- template: jinja
- user: {{ nginx.config.user }}
- group: {{ nginx.config.group }}
- watch_in:
- service: nginx-service
- watch:
- pki: pki-fetched
- require:
- sls: acme.*
{%- endfor %}
nginx-config-wipe-default:
file.absent:
- name: /etc/nginx/sites-enabled/default
{%- for subdir in nginx.config.subdirs %}
nginx-config-dir-{{ subdir }}:
file.directory:
- name: {{ nginx.config.dir }}/{{ subdir }}
- user: {{ nginx.config.user }}
- group: {{ nginx.config.group }}
- watch_in:
- service: nginx-service
{%- endfor %}
{%- for key, vhost in nginx.vhosts.items() %}
nginx-sites-available-{{ key }}:
file.managed:
- name: {{ nginx.config.dir }}/sites-available/{{ key }}
- source: salt://nginx/templates/types/{{ vhost.type }}.j2
- template: jinja
- user: {{ nginx.config.user }}
- group: {{ nginx.config.group }}
- require:
- file: nginx-config-dir-sites-available
- file: nginx-config-dir-sites-enabled
- watch_in:
- service: nginx-service
- context:
vhost_name: {{ vhost.name }}
https: {{ vhost.https|default(true) }}
proxy: {{ vhost.proxy|default(false) }}
proxy_pass: {{ vhost.proxy_pass|default("") }}
cache: {{ vhost.cache|default(true) }}
autoindex: {{ vhost.autoindex|default(false) }}
root_dir: {{ vhost.root_dir|default(None) }}
internal_access: {{ vhost.internal_access|default(false) }}
dirs: {{ vhost.dirs|default([]) }}
php_socket_file: {{ nginx.config.php_socket_file }}
nginx-site-enabled-{{ key }}:
file.symlink:
- name: {{ nginx.config.dir }}/sites-enabled/{{ key }}
- target: {{ nginx.config.dir }}/sites-available/{{ key }}
- template: jinja
- user: {{ nginx.config.user }}
- group: {{ nginx.config.group }}
- require:
- file: nginx-config-dir-sites-available
- file: nginx-config-dir-sites-enabled
- nginx-sites-available-{{ key }}
- watch_in:
- service: nginx-service
{%- endfor %}