1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
5 {%- set orig_cert_dir = salt['pillar.get']('extra_custom_certs_dir', '/srv/salt/certs') %}
6 {%- set dest_cert_dir = '/etc/nginx/ssl' %}
7 {%- set certs = salt['pillar.get']('extra_custom_certs', []) %}
9 extra_custom_certs_file_directory_certs_dir:
11 - name: /etc/nginx/ssl
15 {%- for cert in certs %}
16 {%- set cert_file = 'arvados-' ~ cert ~ '.pem' %}
17 {#- set csr_file = 'arvados-' ~ cert ~ '.csr' #}
18 {%- set key_file = 'arvados-' ~ cert ~ '.key' %}
19 {% for c in [cert_file, key_file] %}
20 extra_custom_certs_file_copy_{{ c }}:
22 - name: {{ dest_cert_dir }}/{{ c }}
23 - source: {{ orig_cert_dir }}/{{ c }}
27 - unless: cmp {{ dest_cert_dir }}/{{ c }} {{ orig_cert_dir }}/{{ c }}
29 - file: extra_custom_certs_file_directory_certs_dir