Page MenuHomeDevCentral
Files F3763690

D966.id2468.diff
No OneTemporary
Actions

D966.id2468.diff
View Options

diff --git a/roles/core/letsencrypt/init.sls b/pillar/certificates/certificates.sls
copy from roles/core/letsencrypt/init.sls
copy to pillar/certificates/certificates.sls
--- a/roles/core/letsencrypt/init.sls
+++ b/pillar/certificates/certificates.sls
@@ -6,6 +6,11 @@
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-include:
- - .software
- - .service
+# -------------------------------------------------------------
+# Certificates
+# -------------------------------------------------------------
+
+certificates_letsencrypt:
+ eglide:
+ - www.eglide.org
+ - robot.paysannerebelle.com
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -9,6 +9,7 @@
base:
'*':
- core.hostnames
+ - certificates.certificates
eglide:
- users.revokedusers
- users.shellusers
diff --git a/roles/core/letsencrypt/certificates.sls b/roles/core/letsencrypt/certificates.sls
new file mode 100644
--- /dev/null
+++ b/roles/core/letsencrypt/certificates.sls
@@ -0,0 +1,29 @@
+# -------------------------------------------------------------
+# Salt — Let's encrypt certificates
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-04-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+# -------------------------------------------------------------
+# Working directory
+# -------------------------------------------------------------
+
+/var/letsencrypt-auto:
+ file.directory:
+ - user: root
+ - dir_mode: 711
+
+# -------------------------------------------------------------
+# Certificates
+# -------------------------------------------------------------
+
+{% for domain in pillar.get('certificates_letsencrypt')[grains['id']] %}
+certificate_{{ domain }}:
+ cmd.run:
+ - name: certbot certonly --server https://acme-v01.api.letsencrypt.org/directory -a webroot --webroot-path=/var/letsencrypt-auto -d {{ domain }}
+ - unless: test -f {{ dirs.etc }}/letsencrypt/live/{{ domain }}/fullchain.pem
+{% endfor %}
diff --git a/roles/core/letsencrypt/init.sls b/roles/core/letsencrypt/init.sls
--- a/roles/core/letsencrypt/init.sls
+++ b/roles/core/letsencrypt/init.sls
@@ -9,3 +9,4 @@
include:
- .software
- .service
+ - .certificates

File Metadata

Mime Type
text/plain
Expires
Sat, Nov 23, 01:48 (16 h, 14 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2256822
Default Alt Text
D966.id2468.diff (2 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator