recreate cert chain file when cert or ca file changes
When chain file exists, state will never change content even if source files will change
Change-Id: I9ad8f52d887512e6703f0bea50a64aa9b80e2fa5
Closes-bug: PROD-17928
diff --git a/nginx/server/sites.sls b/nginx/server/sites.sls
index 5ccf27e..0da0fad 100644
--- a/nginx/server/sites.sls
+++ b/nginx/server/sites.sls
@@ -75,10 +75,13 @@
{% endif %}
+{%- set old_chain_file = salt['cmd.shell']('cat {0}'.format(chain_file)) %}
+{%- set new_chain_file = salt['cmd.shell']('cat {0} {1}'.format(cert_file, ca_file)) %}
+
nginx_init_{{ site.host.name }}_tls:
cmd.run:
- name: "cat {{ cert_file }} {{ ca_file }} > {{ chain_file }}"
- - creates: {{ chain_file }}
+ - onlyif: {% if old_chain_file != new_chain_file %}/bin/true{% else %}/bin/false{% endif %}
- watch_in:
- service: nginx_service