{%- from "arvados/map.jinja" import arvados with context %}
{%- set tpldir = curr_tpldir %}
-snake_oil_certs:
+arvados_test_salt_states_examples_single_host_snakeoil_certs_openssl_pkg_installed:
pkg.installed:
- name: openssl
+
+arvados_test_salt_states_examples_single_host_snakeoil_certs_arvados_snake_oil_cert_cmd_run:
cmd.run:
- name: |
cat > /tmp/openssl.cnf <<-CNF
{%- endfor %}
{%- for entry in [
'keep',
- 'keep0',
'collections',
'download',
'ws',
mkdir -p /etc/ssl/certs/ /etc/ssl/private/ && \
openssl req -config /tmp/openssl.cnf -new -x509 -days 3650 -nodes -sha256 \
- -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
- -keyout /etc/ssl/private/ssl-cert-snakeoil.key > /tmp/snake_oil_certs.output 2>&1 && \
- chmod 0644 /etc/ssl/certs/ssl-cert-snakeoil.pem && \
- chmod 0640 /etc/ssl/private/ssl-cert-snakeoil.key
- - unless: test -f /etc/ssl/private/ssl-cert-snakeoil.key
+ -out /etc/ssl/certs/arvados-snakeoil-cert.pem \
+ -keyout /etc/ssl/private/arvados-snakeoil-cert.key > /tmp/snake_oil_certs.output 2>&1 && \
+ chmod 0644 /etc/ssl/certs/arvados-snakeoil-cert.pem && \
+ chmod 0640 /etc/ssl/private/arvados-snakeoil-cert.key
+ - unless: test -f /etc/ssl/private/arvados-snakeoil-cert.key
- require:
- - pkg: openssl
+ - pkg: arvados_test_salt_states_examples_single_host_snakeoil_certs_openssl_pkg_installed
{%- if grains.get('os_family') == 'Debian' %}
-ssl_certs:
+arvados_test_salt_states_examples_single_host_snakeoil_certs_ssl_cert_pkg_installed:
pkg.installed:
- name: ssl-cert
- require_in:
snake_oil_certs_permissions:
cmd.run:
- name: |
- chown root:ssl-cert /etc/ssl/private/ssl-cert-snakeoil.key
+ chown root:ssl-cert /etc/ssl/private/arvados-snakeoil-cert.key
- require:
- - pkg: ssl_certs
+ - cmd: arvados_test_salt_states_examples_single_host_snakeoil_certs_arvados_snake_oil_cert_cmd_run
+ - pkg: arvados_test_salt_states_examples_single_host_snakeoil_certs_ssl_cert_pkg_installed
{%- endif %}