1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
5 {%- set orig_cert_dir = salt['pillar.get']('extra_custom_certs_dir', '/srv/salt/certs') %}
6 {%- set dest_cert_dir = '/etc/nginx/ssl' %}
7 {%- set certs = salt['pillar.get']('extra_custom_certs', []) %}
10 extra_custom_certs_file_directory_certs_dir:
12 - name: /etc/nginx/ssl
24 {%- for cert in certs %}
25 {%- set cert_file = 'arvados-' ~ cert ~ '.pem' %}
26 {%- set key_file = 'arvados-' ~ cert ~ '.key' %}
27 {% for c in [cert_file, key_file] %}
28 extra_custom_certs_file_copy_{{ c }}:
30 - name: {{ dest_cert_dir }}/{{ c }}
31 - source: {{ orig_cert_dir }}/{{ c }}
36 - unless: cmp {{ dest_cert_dir }}/{{ c }} {{ orig_cert_dir }}/{{ c }}
38 - file: extra_custom_certs_file_directory_certs_dir