Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / designate / a8037cd3999b7406e8a5eeef4c4634baf0a092f3 / . / designate / server.sls
blob: df50a0b0156515c856cfc08d2a7661d8c5676d9c [file] [log] [blame]
{%- from "designate/map.jinja" import server, system_cacerts_file with context %}
{%- if server.enabled %}
{%- if server.backend is defined %}
{%- if server.backend.bind9 is defined %}
designate_bind_packages:
pkg.installed:
- names:
- bind9utils
{%- if server.backend.bind9.rndc_key is defined %}
/etc/designate/rndc.key:
file.managed:
- source: salt://designate/files/rndc.key
- template: jinja
- require:
- pkg: designate_server_packages
{%- endif %}
{%- endif %}
{%- endif %}
designate_server_packages:
pkg.installed:
- names: {{ server.pkgs }}
/etc/designate/designate.conf:
file.managed:
- source: salt://designate/files/{{ server.version }}/designate.conf.{{ grains.os_family }}
- template: jinja
- require:
- pkg: designate_server_packages
/etc/designate/api-paste.ini:
file.managed:
- source: salt://designate/files/{{ server.version }}/api-paste.ini
- template: jinja
- require:
- pkg: designate_server_packages
{%- if not grains.get('noservices', False) %}
designate_syncdb:
cmd.run:
- name: designate-manage database sync
- require:
- file: /etc/designate/designate.conf
designate_pool_sync:
cmd.run:
- name: designate-manage pool-manager-cache sync
- require:
- file: /etc/designate/designate.conf
designate_server_services:
service.running:
- enable: true
- names: {{ server.services }}
- require:
- cmd: designate_syncdb
- cmd: designate_pool_sync
- watch:
- file: /etc/designate/designate.conf
{%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
- file: rabbitmq_ca_designate_server
{%- endif %}
{%- if server.database.get('ssl',{}).get('enabled', False) %}
- file: mysql_ca_designate_server
{%- endif %}
{%- endif %}
{%- if server.version not in ['liberty', 'juno', 'kilo'] and server.pools is defined %}
# Since Mitaka it is recommended to use pools.yaml for pools configuration
/etc/designate/pools.yaml:
file.managed:
- source: salt://designate/files/{{ server.version }}/pools.yaml
- template: jinja
- require:
- pkg: designate_server_packages
{%- if not grains.get('noservices', False) %}
designate_pool_update:
cmd.run:
- name: designate-manage pool update
- require:
- service: designate_server_services
- onchanges:
- file: /etc/designate/pools.yaml
{%- endif %}
{%- endif %}
{%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
rabbitmq_ca_designate_server:
{%- if server.message_queue.ssl.cacert is defined %}
file.managed:
- name: {{ server.message_queue.ssl.cacert_file }}
- contents_pillar: designate:server:message_queue:ssl:cacert
- mode: 0444
- makedirs: true
- require_in:
- file: /etc/designate/designate.conf
{%- else %}
file.exists:
- name: {{ server.message_queue.ssl.get('cacert_file', system_cacerts_file) }}
- require_in:
- file: /etc/designate/designate.conf
{%- endif %}
{%- endif %}
{%- if server.database.get('ssl',{}).get('enabled', False) %}
mysql_ca_designate_server:
{%- if server.database.ssl.cacert is defined %}
file.managed:
- name: {{ server.database.ssl.cacert_file }}
- contents_pillar: designate:server:database:ssl:cacert
- mode: 0444
- makedirs: true
- require_in:
- file: /etc/designate/designate.conf
{%- else %}
file.exists:
- name: {{ server.database.ssl.get('cacert_file', system_cacerts_file) }}
- require_in:
- file: /etc/designate/designate.conf
{%- endif %}
{%- endif %}
{%- endif %}