From 269b8552230120b8d3dcf837e41d57bfbe7b3af7 Mon Sep 17 00:00:00 2001 From: Dennis Ahrens <dennis.ahrens@hs-hannover.de> Date: Mon, 26 Oct 2020 12:09:36 +0100 Subject: [PATCH] Make key and pem optional in deploy.certs to push cacerts alone --- deploy/certs.sls | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/deploy/certs.sls b/deploy/certs.sls index 98d8d64..0b81a32 100644 --- a/deploy/certs.sls +++ b/deploy/certs.sls @@ -30,6 +30,7 @@ deploy_cert_{{ name }}_group: - name: {{ cert_group_name }} - system: True +{% if cert.pem is defined %} deploy_cert_{{ name }}_pem: file.managed: - name: {{ deploy.config.cert_directory }}/{{ name }}.pem @@ -41,7 +42,9 @@ deploy_cert_{{ name }}_pem: - requires: - file: deploy_cert_create_dir - group: deploy_cert_{{ name }}_group +{% endif %} +{% if cert.key is defined %} deploy_cert_{{ name }}_key: file.managed: - name: {{ deploy.config.cert_directory }}/{{ name }}.key @@ -54,6 +57,7 @@ deploy_cert_{{ name }}_key: - requires: - file: deploy_cert_create_dir - group: deploy_cert_{{ name }}_group +{% endif %} {% if cert.chain is defined %} deploy_cert_{{ name }}_chain: @@ -68,7 +72,9 @@ deploy_cert_{{ name }}_chain: - requires: - file: deploy_cert_create_dir - group: deploy_cert_{{ name }}_group +{% endif %} +{% if cert.chain is defined and cert.pem is defined %} deploy_cert_{{ name }}_fullchain: file.managed: - name: {{ deploy.config.cert_directory }}/{{ name }}.fullchain.pem @@ -81,6 +87,9 @@ deploy_cert_{{ name }}_fullchain: - requires: - file: deploy_cert_create_dir - group: deploy_cert_{{ name }}_group +{% endif %} + +{% if cert.chain is defined and cert.pem is defined and cert.key is defined %} deploy_cert_{{ name }}_fullchain_with_key: file.managed: - name: {{ deploy.config.cert_directory }}/{{ name }}.fullchain.key.pem @@ -125,7 +134,7 @@ deploy_cert_{{ name }}_cacert: - group: deploy_cert_{{ name }}_group {% endif %} -{% if cert.dhparam is defined and cert.chain is defined %} +{% if cert.dhparam is defined and cert.chain is defined and cert.pem is defined %} deploy_cert_{{ name }}_fullchain_dhparam: file.managed: - name: {{ deploy.config.cert_directory }}/{{ name }}.fullchain.dhparam.pem -- GitLab