Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / salt / 2f7a5b62a7e9657523421df4d95d6a3370141943 / . / salt / api.sls
blob: 2d7ac5a7c6f30d597bcd583861a7d4c61b3213c9 [file] [log] [blame]
{%- from "salt/map.jinja" import api with context %}
{%- if api.get('enabled', False) %}
salt_api_packages:
pkg.installed:
- names: {{ api.pkgs }}
/etc/salt/master.d/_api.conf:
file.managed:
- source: salt://salt/files/_api.conf
- user: root
- template: jinja
- require:
- pkg: salt_api_packages
- watch_in:
- service: salt_api_service
{%- if api.get('ssl', {}).authority is defined %}
{%- set cert_file = "/etc/ssl/certs/" + api.ssl.get('name', grains.id) + ".crt" %}
{%- set ca_file = "/etc/ssl/certs/ca-" + api.ssl.authority + ".crt" %}
salt_api_init_tls:
cmd.run:
- name: "cat {{ cert_file }} {{ ca_file }} > /etc/ssl/certs/{{ api.ssl.get('name', grains.id) }}-chain.crt"
- creates: /etc/ssl/certs/{{ api.ssl.get('name', grains.id) }}-chain.crt
- watch_in:
- service: salt_api_service
{%- endif %}
salt_api_service:
service.running:
- name: salt-api
- require:
- pkg: salt_api_packages
- watch:
- file: /etc/salt/master.d/_api.conf
{%- endif %}