Skip to content

Commit fa30753

Browse files
JacobCoffeeJacobCoffee
committed
feat: install certs alongside other certs.
certs on certs on certs
1 parent 43ab883 commit fa30753

File tree

1 file changed

+13
-0
lines changed

1 file changed

+13
-0
lines changed

salt/tls/init.sls

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,19 @@ certbot:
4545
- pkg: ssl-cert
4646
{% endfor %}
4747

48+
# Install acme.cert certs prepended with acme-* to avoic conflicts
49+
{% for name in salt["pillar.get"]("tls:acme_certs", {}) %}
50+
/etc/ssl/private/acme-{{ name }}.pem:
51+
file.managed:
52+
- contents_pillar: tls:acme_certs:{{ name }}
53+
- user: root
54+
- group: ssl-cert
55+
- mode: "0640"
56+
- show_diff: False
57+
- require:
58+
- pkg: ssl-cert
59+
{% endfor %}
60+
4861
{% if salt["match.compound"](pillar["roles"]["salt-master"]["pattern"]) %}
4962
# Process ACME certificates
5063
{% for domain, domain_config in salt["pillar.get"]("tls:acme_certs", {}).items() %}

0 commit comments

Comments
 (0)