diff --git a/bin/encrypt_pillar.sh b/bin/encrypt_pillar.sh index 71c1061..f9066f3 100755 --- a/bin/encrypt_pillar.sh +++ b/bin/encrypt_pillar.sh @@ -4,21 +4,30 @@ help() { echo "Encrypt a given string and print out the output. This output can be" echo "then used as encrypted pillar" echo + echo "Options:" + echo "-m Pass multiline input, end with CTRL+D when done" + echo } [[ $1 == '--help' ]] && help && exit -while getopts h arg; do +while getopts mh arg; do case ${arg} in + m) MULTILINE=1 ;; h) help && exit ;; *) help && exit 1 ;; esac done -echo "Please type the string that you want to encrypt" -read STRING +if [[ -n $MULTILINE ]]; then + echo "Please type the lines that you want to encrypt, and press CTRL+D when done" + STRING=$(cat) +else + echo "Please type the string that you want to encrypt" + read STRING +fi -[[ -z $STRING ]] && help && exit 1 +[[ -z $STRING ]] && echo "ERROR: Input was empty" && exit 1 RECIPIENTS=$(egrep '^\s*0x' encrypted_pillar_recipients | while read i; do echo "-r $i"; done | xargs) echo -n "${STRING}" | gpg --armor --batch --trust-model always --encrypt ${RECIPIENTS} diff --git a/pillar/role/web_gitlab.sls b/pillar/role/web_gitlab.sls index 36f64ca..1b1ba35 100644 --- a/pillar/role/web_gitlab.sls +++ b/pillar/role/web_gitlab.sls @@ -162,9 +162,9 @@ nginx: - root: /srv/www/vhosts/gitlab-ce/public - internal enabled: True -{% set osrelease = salt['grains.get']('osrelease') %} -{% if osrelease == '42.3' %} profile: + {% set osrelease = salt['grains.get']('osrelease') %} + {% if osrelease == '42.3' %} monitoring: check_zypper: whitelist: @@ -481,4 +481,28 @@ profile: - ruby2.4-rubygem-webpack-rails - ruby2.4-rubygem-wikicloth - ruby2.4-stdlib -{% endif %} + {% endif %} + web: + server: + nginx: + csr: + gitlab.infra.opensuse.org: | + -----BEGIN CERTIFICATE REQUEST----- + MIIDGzCCAgMCAQAwgZ4xCzAJBgNVBAYTAkRFMRAwDgYDVQQIDAdCYXZhcmlhMRIw + EAYDVQQHDAlOdXJlbWJlcmcxETAPBgNVBAoMCG9wZW5TVVNFMQ8wDQYDVQQLDAZI + ZXJvZXMxIjAgBgNVBAMMGWdpdGxhYi5pbmZyYS5vcGVuc3VzZS5vcmcxITAfBgkq + hkiG9w0BCQEWEmFkbWluQG9wZW5zdXNlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD + ggEPADCCAQoCggEBALWfuMhdJOdrwvu2hCw0+bRNl8AADSvdBBokQlwpUvbgITNW + R3tkj/KgIEO0ohBC7j+a2L3t3qm5tP8ETdETcS96lj1nZ6fTWV1J9qezfpTBRDE3 + VIK3vykoBqzRMBVq6R4Kajg7SvB9pWRpHBC4xm3vPA4AnSN9skPtMMGpqZxFMbpG + sirObzr5Rit4tM53gZy7zgS2n22TqMeEsEYvd/fHxW2bNLvS5BwX+RU1NhRlNFDP + I7BQgCOGzgWrKZeukGfzcOhIXMKtnLPQc/65VcGQDRm01ReSBqNbyADuAfbYrFOP + yf8V2FlloUG/voM4c5y6WamHv2ZJepel5qxIickCAwEAAaA3MDUGCSqGSIb3DQEJ + DjEoMCYwJAYDVR0RBB0wG4IZZ2l0bGFiLmluZnJhLm9wZW5zdXNlLm9yZzANBgkq + hkiG9w0BAQsFAAOCAQEAGJ+RU/bwMTZ+/rkCibJD3Ylp+UUBm0qvFTFkEtkptrM2 + 5/im/ogEPgYZnJNBlU+lTba7XL3uyG+eX3A3n8aX9wJE7DMYB7x1qZGkUppd0zIG + myRBZlZUBxtGtOLGW5+AcpjHdqk5aeLjaWz3PaX3WD7QnAYx7XWPJMdcFVzzwPoO + M+mSd9H9RUx9HOYy2Wolxg+Mx05mvBrTHoTYsgSBhrmSNLVbA7ZgvAx+cc4vh9Q0 + 6NaN7mDmnbT1CVSlQ43o0pRpUIwa9NGD7DQ/Ccrw0FevD/7szXa9KZvXhHdqS7BP + PJKOVLf4VbNDRGmkks0fst/NNdNuXRlS4lZMePi6pQ== + -----END CERTIFICATE REQUEST----- diff --git a/pillar/secrets/role/web_gitlab.sls b/pillar/secrets/role/web_gitlab.sls index 0d2981f..9615488 100644 --- a/pillar/secrets/role/web_gitlab.sls +++ b/pillar/secrets/role/web_gitlab.sls @@ -7,73 +7,101 @@ nginx: private_key: | -----BEGIN PGP MESSAGE----- - hQIMA8amgupjyC8cAQ//VkZxtkXKThB8O2AGDGZ1vU13o+4k9LXp1J7qwesq1298 - 8/Nhfs3v9ki/grSNnAsrPPUXhnYsqSejeAsyHBMaap3fJBL3FhAt44ZoguAHw7fC - X/F0zZ72ZGlw0v6lMih+gzI2UIoUcfrSj+FnnyRnL+vD4SmbwbDvKhc895wAD6yl - 1EN7lS+2ujbjIMD05HME3oTEDEprc9ZlG/neR5vq53jfon78YMOvnCiM4uYkZS+d - hMbK6HW5nna/73dF6vbB7NKWPr4czPg/+CFYuax8r7jWMz1Xk+wxskJwNt5Qm0uL - jnu1sweqiYyQN7euXqaKRBvOhKo+rLEQhNVe/bltGCou9uaHMZbPAC4VljJLZnzN - kXR2hH0xE3h+LnZQthyCJtvF92Tyh0InCcZ1ndvARqRP2fNqqS/OCYtUHbX4b2xx - 7/Uk7UMGq79jpotbmFEghnrdIBPFrZ65EsLfBR+yicuyt9I/ODmROXYz/A6wzsTo - wwx7hCFNxI3brMvvc6GXVfXxWahqK6ur3PLvU943I+MYxz8bv5OA3cp+4IRHjKzx - Dqpk5kp/Len8zC8cSrWk55DHFSem35s9TyJuCjj1vv9bPWGgBcdwq51bseochg7C - R1Kq+EXGMNHfJyqDXFSIjG8iwurxlgd58b6vrzYGb/vST2AS0TBKWOgzd1M1O4aF - AQ4DslgfDDfB4G8QBACNr3/zqigdjPEFtUDdp9E8AerjkBG5bjThVyNxNSHaQkkY - RcQZGmIMOoHwxB27zaICyRWVXQVGH90C+eWWnkOM7dQKlLMoRRYLJQDptmcTc9Bg - 4lQyr4vFLljnVaRkcOReVXTp/0vnfPbjYR7Fk3En5vGNB5mgacNKfKL1PUy1OQP/ - XzOz3DNKaBXrj6uVnWgfhy+0SQq+E0Tyh2WpLwHWioBUE2y86fO6TloiBw6Xpxmm - 26fRdhvHho7Gjh7b8W1oPg364mRQl2aflq3xDUzKytj3Zr6+8CG0D2t+5TQRpL+T - Jg2AhFsGiizPP4dueM+RGz/M6mVM8LpNKuzlbl3Q20CFAg4DiLcKbyvsTOYQCACY - /vnAzH2H/cvXHnzAq4JYJxUA9kslUL3ervvq8CMtqJbL+c11U2SuN84ajfEKZZmU - JrcZgK0iWO2gAba6+LS7cAIMJvodXZmZXa2vo4E33Y+0gMDlNompa+qSF5ERG74s - JOk9fei5VNuxmfjRK5rekkOjxujQVrzy9DEEf3M9h3zah865i1D7r5TFVvR67LEe - e+cv3GnzImkFfIq0+gjo/2stP4E8MjVyN6uGPUmqn1zkDb1L4ho2NzLyxN4vGeke - NP5Mlnz6juBViA56oAAoCjcvqXA6EO3lTimTXmFMF7tr9HxQYoZ65d4WhYSPmNSc - 8JEmhgBVv+DDNDCwNwEVB/9RQA0qTZGOrs4Rg0d0xeu8dUtXzTLpgWtyPlg9GeHY - QQFSoUPR31NV125K+0DTEc6mSYMJ/tTHQIHJtHGPVlUbx5stYCEJgrjgVZcZR/lE - 6s57MBJYWd3QJ/rmGM3a5yGBOaiRha4iT7tB/zajg8MTRd3Axjed1nQDndLfrvmQ - sW5p0+lyX2BVQQ5mGWP6h3BSD9f2i0g1kilOXwHmPjc9HyY0Wfg4BDB3JgOcqztb - uBsv5fEU9GDZ8NO48e+7u13RbeNOGRnAXKDjUvIUwpf4QLLCy5qRne6OVtMiLtWK - vdAgX4T49etiEVN0iwmmHpqkgu0E/o7628mh67lFctFIhQEMA1H2Gg3i02J9AQf/ - TzVMrREXM5pyCJnd5QD5kHHOhuzCgnFsLbfFdixLfUrAiB5MPwckso/JVuwCEYKp - 4zH9z0t9k59Tcf5U8ppZoP2zzAFpNDQvD8Yror1kBp/arCgQwE80q/zEmm6hqUtA - BZzudwIRUbBgUupEVRNiLx9CBsC/Aj17CyxWkKZ50zGbZg4uOs03koeUbdi4H7Jd - TZiaAgv4aqj/IjvwrDBU6hhzIRrCD3ydYwMr75Lj5Ugd0cWPLzw0K+8buPZequNo - ykNI1s4x1J2HRqDzHeBJa36Xn2lMD7fcMe9+Qa7LBAc66/1CskZcUv9F8DwHtsSV - 6EjpooIWIkmEZHnrdpniNoUCDAP/8/F+qY2A9QEP/3zPV+yCngqNpupwQ3xB3FHv - yIMSpv0itPC7wDGHDM7Z3FXB2eRxL+51EjK6cFTiEUMy+/BpX2dM4mZvyfJLEiVr - LqMEC6AIZNaK874vw4OY+Epdez64vSAl6ezH+mO1JgNBdRlwYrc5jchMgAY42Qao - V0WY3m0qIuixjou3daswenR+GnQsq69qwzDBOjZAcuAq1uJj7Yk8QLN3KI+i4ish - yOjBb300dQ4eYb2N8rt26AZNaZwcd7kV9/i7uOAFqxnzBNkZiihY+CUFY5H4M1Sc - 0sL6l84bx44qNbP4DGGlvmOEMcZeeN+zmM9gXKjUk9WKFqBG8fN/yunM/4aKaJ9z - hUo45tyWXnwZefghjSbQUiRLeHaK1wQheThD6hFB2P3mgRZ0KHCDNIfmyR1sdlUP - qyPmx/if19Uqj68l3gT218f8KkBUQd/D86Iz57EH3L9P2y6jgjgOq6rs3ZNMLmyw - pPHwiwM6aShTdYP1Rf9bRAu+sRz/pFomghLlZ9iNiZTj2JZi2k0qpzRu+94vM1Qs - qZicUEum03Sn8lS+pRme98BeC2S9eOCYOKSZnrsiCH69rWHpT2Mqj84QhlIKJHfO - LbZ8j4RTvWuIXzVJrI0qC2Y4RzBETiHPQO/ygko4sv89mZLApd2mEaAhACY9BK1O - cjwfTNazoQWQTRvikzY2hQIMA2dWijyei9AnARAApaB3fR4tg8O8ba1jM2MuCA4e - U5TC3t5Rb9m4Izka1Y3MTr+xwLSguXZyXWpaaoed8J5fJKZ6BfxmuX+NjBeeYa1W - wPsBpwy0X8Sih2eZKMoJ7GD5ZQwe30+WaSd8dUJo+giyOsyvq7POrme2vf5QgvUb - V3px+Sz2waeRD8FVUTyOJVx1b4Dh57W0PfaJ1D2Sxd1bQFgYmmi2BxNOFYQTlrXg - LwmSBsK7uRzM1WqQnvNGOo+gzwDTYZD6AqgLekDNqCoTTT1/8j81NLVVSXV0SQNg - ynSOeWrGP50Zp9H1hPM19aeack3+abbayu7ChXsCi2K45ih1DHegddXEjjXVD9yU - G1uyvLZiTV1f9j0FmXdmLh8LmmTQ0UH+sCX9yndbuUAzHlsaZVMi7FFmAk66I4hp - Co7fVsDNO/t+VGX68R5gpW7uWfhJnix+yVf7V/q0qi01MsF0+sGp1hYAEb0h0S5m - mQ6FJcWtGPVVyAs22rBOOewJ1RTgz1l/Aheb2Xa9cmvt9eFF+IA0jP47aE5CrHGM - 4gZCW6ENo3SxRb+WcN/M5D8K7ljbl0nlNkFZFfZvnytUrXNqqSIubt+BpojteREk - hOql+cweB1YfPvHhvaLEE4xxaCyzCDQedxhtiBYPbHyMCf69gpPCUSPuElgTcMpP - mBwsnpaWbSLZIETwu9+FAgwDrPDOChusaZEBEACrs/usf6ebOXNwubm+yHy8qpGu - K/iheTllIqzRGxuVX7+CjXuImIayq5O2dPsPYh8B1BdZ1wv463iveQT875st35VE - JDtUonTydJeZ80G7wtZl9rcrpbR3bvdahK+hNr9kSTysf/1rGwMxR2QRgWtwpiBw - wcJcVHRuyC8AkKl8GZO6tQZlRXcbET8vNe3els1BrMSbJGGRV+LoCQRT74findd2 - KwUKdvclljxye+XUos+33gKZRerKo3Tp0yHZfh5bXXNIZcnPlDnnYvfq7JQIxyyz - AoHAdgkxGQuK3gt6o752Xz7nWnzkK7+O+twCxYT2S8D247RROtm0nW/Q+vJajDNh - oB/bQgpPZY92qOVFnq7liEZyQVk7LWgtfh3wLHOD94byR38y9ebk0Oqu1KhYKnyC - VKATL8vCC7jfwJrx6Ulvar1LlD8ajMydzdQl9vvdf6t2e0fE0fNAg/c/kXUSsZcA - 2zPdUz2cZvuQBd7ce55l2mBfWth8DbKrqiCgT5zyFIcN9REN5W0W96fTeDM0KX0f - 0haXbM9R9X2F23QuOz2odeu/nU8z93/kLNUmFLIMHLDIlMPZC9W7Rvkm1ByGbD/W - HRZ4ePpb/YkzycfxWr3SW6mD+XllkTah6Gbe1KFIg8xxnW4a0eZftmT5blNmDCw0 - 06v1TkluC8CxeS6KnNJQAVEQFsE1PW1PJQkbxOunaJzJDVyaLhHpX9xIY33+SLpP - 8Bo6K9g9lN6WWPz1sD3v7iGOVQvxHEh88scIrdhL1HFi7ug65tkEgsfahxRx6bw= - =huGH + hQIMA8amgupjyC8cAQ/+M2R/f7cog/Emz3sW7pRObv/70YxfXDRJiGo/Jvl4OKHg + /hUGy13UEwi1joKZ3dVinydyEBlhnS4QFu3tPt9sWG7EsKzuWnlEHRK5FCGual/9 + mVheFF15/tISweEseexPoXU0ApOdYPLOAXxMkfUGEmjnGtKXAOhxv8FrzpeYUMIK + k4gfR2JZwkFG9VlXnMUrhgmqdbIzZH+b7o1ktkwoxiTEcAhQorz1M6t3rDSJgEAI + QZKWrX4ZnOLY5ahS7ReW5wrrBBHddMGSZVJ2R9Mnf5bgUv9CjIHk1ayzpNii0cSu + VWlTReBTjt+kpTuKcyB0CLy6VWmv8QHcEoOpQWL880JOy+ShjGqezzSS2Em/MV4z + kV0t6etYteaLtRVIKyiGiCJ0e7xkjcyHIdoti0OXMaacl7B7bNBZV4cSEH5B9utZ + ul2vK6jrT8qI70/f+0moGu4Zg2KK3+RYSPeBa/jyftkYvLjN7LEbiDvDbgVk8pVJ + /3tusuvGI61gsv/xv/65Xg1meg0Wsqvnr0hb/YmrdJXjqHS4cuNRcGj0JGxCTYw0 + laqznu+VjKH1KfDJqfHXgporA/SLe2S6QZvAzGoUr4XMb/YGOR5xP7kh6vtsZu+/ + eA44kLqgzaVIM2QC7LhtysbqrYpZK1mNyNBu+Jfgso3orSi9rO3k6vx4IMd7Q1SF + AQ4DslgfDDfB4G8QA/wP7g4ATUFcO+aDFAAgBUz7WboWkpcU1qmQG/l9FYhASr/L + +3h5hbN3sRAWdnIOsBOQNI5WtxzEj21DPH0/rlRe0NbHh98S6JDAowLvTIe9kfdG + hE0020DXY6DMBUpn3DzSuRU/RabTaRSe1yi3YghWFSHy+Naav4Bu029nIy6VqgP/ + Ru+tFJ+tf8KY4zv59ni3vfDuEzQ4C5BV4f2SLTc3dcr44RvA4/noioJwjeBaRhm3 + 3okvhWb5nZDQcvtRHr1+z/XfOTvwhyJQkfzTvUNlSma4hWz3TjDc/2HFelJyEZWc + 2n84OLLz7N2kdEK8dC2ZbWiBzKJLEhCGTnUY0p5dG5WFAg4DiLcKbyvsTOYQB/9z + ILS9JhZdmvi30pTyMrGqaGoZflnElHX37fGM1P06NfhbKaIOA9AEGrhG/nzf0e3I + pgzuSBoX1b5CUsuv3Q34OSfC4mlhmum9wYI5JFuAc3qk+MkYn2piZzjkvjKo7Fcv + Ngk8vmh66NDxFcca50bRSw33n8oSz7jFF4Qe1wMVtBN8mOFeqAefCrOuy5Sl5jWO + munU4gTsX5lbPK5jPOuAfNqDSgCEUPNnoqmK5F33F8fPIAXY7VED3tNNdbAfTE0i + sSBhhmpt9pMrJHYYlei2s0c50r3t/P1jwdbPaF4OGxFZLaxpOFoIj+V2GYeE8cTu + +gT708KV+K2EFvAOmTr6CACWGP4u1ftQV2QsWx2107GX1RPUScEpA3+cDOHUs/rj + ZAg3YjeZaCT6b+CDeb04oGTued0f4dSPpMX4YRth3p01M+y6QTiC75gi6ZXjX3tl + nTugHeQLOsRjh/tSmill+jioNrfCTYmTB5Ebx08k9QuygJPrazhJqleuiPfcpyaX + LDQvvfuDx21AFacIh4vN80wi3WxJlSgiHJsE494IeJ5KYQzwDEevBfxqbqvoBr0h + P8vxubCBIKdTMgBnHkibs4A1HplaDkNg5YFZVTRBOjFK1PugtbiiooF5c6+rnvGL + WeptF2mt1yFChL73vouuzBXxz09Jqv1+mHfA5nGA7bDUhQEMA1H2Gg3i02J9AQf+ + ORYCj7WgcNfVhCGiXtEqbbh4Zb3usYuHpjbxaw4WaIemZjRwjO2AzAZlDKZAv3eS + aFDZK9I8PNxPeG8ridfcykshBk15k8y4UUCMFr8cX6pdCIBm+CMVcnkrKVAQhIXk + 0xlNnrI8KwYBK9XdCZ65oFMQO0HUF1JaKXWFjirS18IMn8PxLQTUNWAFr12yIKYm + LCy/WWSATq5+76PH3uH4tzrwNMb0KZWRtr1MaiKUj1h16EcEbQH0BcYaitY3/dCp + ZPWvUPWeEmaaYYqRx/72sT/QoV8WKNYyZg+Hm0jwBB5z3XAEmyF9NlksAkMr7LLy + vakYcuktFKDEiKKFR/S2/YUCDAP/8/F+qY2A9QEP/A7go2yJCUPFZSZmyHFko52I + 1bfq0r0wtPc/lvKwhG3wc/JN7n3y3bSa5c7LMzRpmeinBiVwibWXK60xisRfzvep + xsV+NXMX/NhbjAomMh3/sGMYxQ1JCW/dG34EDkMuAf1Mo7bgXGdT7APV6JItaWSC + uoaOE0QhFiTMEFMPW1MC17hfLXy/v/37bCSpNXzpqz430FW+IG++sRccJuOoOcBA + rpDOn9wVWLLQlIIwOUnGqUmHeEg3Dj7nr2S525B03QIVDOfH6osp6pZCiem9N4Oa + 060jLF73fe1fnpquSzT9o2KVj6/K8Y/bXTJPMV6s8zoJLDWy+lmjCgX3gCWLpOal + /VkLvWk4eik+XsUr9Z85EI0Ncw3aZii2FtNwxV2y3eyQQFUgGkSC8TViR7uazo2r + BPzLz9slAyDzhMB+WbbuWRNmLl4gTV5dPNyrXjLpFwW3ifD0nSaEqMk0xy93/kIf + 2aG8Ig1gwbn7I6pwtBxccXTTAIXhSKieaMI0oD7TQ6QFzQCLOm6vYucIn3ARc3qi + kYpxNZ/3Dog5FOkk1HC3WwEp5H1ddeZ5903twhCaoDiyQF1Np5f7bmX9aCYKqW0V + OKa4Lpa8kt5xJWOy+fVrYdld3jcz8elzBW5wS51g2N2RR9lp2vUCXX77TlwzJeg5 + 31tocLHyumYAkMBLzliVhQIMA2dWijyei9AnAQ/9EquBiqNkehL0fuCZCiS4NlkN + gp7ylnmzMv8AEoqDJnPh3uS7lpFcL2tqtAPNknIaGnjchXJ9KNaH8wO52QFbqnD5 + ASmjvHlw2Z860npcseej1BnokG2KtH409ti0drJotmYIcZ+ZI+U2Ye3qbKF7TRNe + IS1HCQpKgzYvW24Nbufg0/hEcu1r+7UKFDEz0qw2bDi6gx9v645kJs95uScDeu0K + xJYB7ZG4ckBvKUkNAKzbVZmgJ1LFDJs8qqUoOq93oKKB3brVMNDEFteFAPOJmLpP + 9pgZU1uuIgR2tgB8tZTiXjrNqLwXthVFdi0mLCMETUzeDRN3wcH/2RiedkwEsKfJ + +tNYqWHURIygQ6HJxHljoh87iVhz/iprj6/6dR1OqOVzGc/FoYbF1ykGx7P+WgfD + L0KaXYLo2t+yft3bB76tq+8rJAfq0mJdIm7oOy0Sd44bw2Sm8ko0aZSQN5gGMWUO + rQAwCkwhVOV919DjFqNJI+2Uz9ZiSrFrEL7E0WVzgSpE/oeJs+uGj49UTONtn7+S + yFLy6Ag8jp/XhsMf7EC60w6dgHqdmJ7C9x7hE3S1XjmIhUMeweimhhz37Eev8R2t + o7mkcg3GmCDmNw/nSY4mopWkNzLNI9sZ5Jcy3NpobH3+AbWqShlBKyCHXo/dxOnL + jz4EU2bJlvlvFFrMIiCFAgwDrPDOChusaZEBD/40XHt0g0u2j14r1fdZRPUoE7BN + zbKYN/BAb60PM3XIllOTGEVgs0RozZ1XOEqZK+w905ZUQA66LCh/Bp6mf3rUwpMc + 9OiHXv/QniTPFMlfC2DHfYlfoFt5ObdFNeeSvsYmkm2POZDUAhRein8FD+BXekfd + YpbY6b/N2qc8urmWpGReljvj22t0zuYjtmJ4nM13VIwvG6fwBYGUPJfpMCTtd8x+ + SUxGwSzdas89RKj1KI5wz41x3xIIMl9o/jH/qLDfDk/suw0sEQPsNmRKu4jKmvzF + 1wYrYwU2LxzbOY7mauzbHsnz35TV/a5u8Y/41HwdvY8fKK6B/zNYrqsHoLHrRDRK + UryAbdIS2GNwvlHzzh3cZ5i5iWaTtmQd/XiEuM+Pr8Cm+1aied4ab1XQrCycXC/M + oJC7JaE9XiQb58qBaWBWX++4vSLEqePst+A+dSrzu6optiu7WTtFEaIPXn4FgFga + 8pmBdrjXnshk3aqO5ucRf7pUqZCbgtfLEZU8HHEm6wmlJS+g53JvFLc49XyDuDOr + wY73Qu5A3h7T8+BsL2JfsombpJkz/nrqHiLIWrPPpjLSniMMlcTmhb7xjdVlBP7T + kDg4pvLuMjAYnM8oHReDhWbG/2hmLaX3VTPdNPU6B36qaAbS8c72UzEd8lA86VGv + jw0FLbBdwLiwowo7ZtLqAQr4t1EWp3D4rJEM1324Q/USFIRPmFMmZ8p1sSCBxaUY + sahmvkVbjm2RSlOXatDFxjv+XWUWdIvqg730vwJSdve4ErgGMz9V98V/Fs6ne3KN + hMjM+/tl6ZtcdRlys1P/kbiCzIZU1sED7G57EJh6LVdEJlJfUMMXUaq0hgf3uzDQ + J/O/joxN+yKvQKI6GUhPnsnJnU9UdJ5ScAsGbFKVwpmj4Qja2aoNf6aIuHkaGSPz + RtQ73Tufi6zq1nQxlP1/1ngO9ncHSI96RRyZy1vswMIFBvGv9LgE2Mb/12PNtBcx + BiOGreKIvrgxSjIO663od1/8DktPozGC1qcX8TZe119GPjT4o8RMrfhZvpqNlxmE + EbDza0NHJUgAe2b0ZqzHVZ8iPbcutYvgLoD3TTlfwBu/3Y3Rhqm6A/kharPpJc5N + Xu+D/q7Ly+LAibwG7iUJOe7tx1cUUdkODaisXTHWvtiItQRFrA2QKD7W2m1OVIgW + sFO6mkrOBj7/CMR2f3CXQq2WKJjoyg48VQx2GnO10srEIGqixRshh1R3sE3/EkIM + xh9dcZ5vY84h6XVI++8YHelGsWTd4gNEdMUPNraPd+9iliMVP99xcpVoH4ChPFeK + WlMWtL9OwrBIY1HiO/E/q2/jYXbR2MTCzpkPQDiYKkIc8u1N2st00RWrC5C5vTzH + 9D3oZilTwkyhXvOPoc6l1qgL+yFKhXI1v/q4XG+YvRuifo1ZQxVnAdXTgCF9CRmu + ifaB1VmNwshtbRjGbKpocrOQlGP+oWumNhLAQLoN1ZC6h/rNveK13Q76vMGLtMkh + M294jCRIdier2MzfJiqWY/+hT6l7wRShL2XZDRcoBNkQBWRpVWjZtITdXMBeHxVm + KNehKT+ZPtPtcmGUKYlNnvNM1adAttRI8Stn2joTUOUJANmxb0gU9Nsfi6hUlFeY + qQfGE5CnVezMOPD2qJ/Yle5oNJKpFActo3kr/EZTMVPKoJeWiD8bVRMT9GE0DAvN + pLDQtgQ61JHgt4M/i2uCD5eEpqZ1TsgJukMsn6CCg11FBlx1NABfGOVuPBDQe/IK + P0but7cfbArlS6wuTf5yT/0598soclNH5JgU49UBnVJ6j5GNG9RZ/rqkIqXiPxEs + TTJr7CF6KykzomFbYMVXglu/EUPFP/YImmyZID/LE9s5ll/hQjQhvFYsmjsAcPdF + SG54g26Y944Dmj2A7rYFl4ggHOcm1vvTEjY7VAWJQs5Bof6JdYMjFH1srAK8aRCT + YvcAdAQI3hdvo8s/LvhO2DBFYOXk6t45AIB0SYL7lHDRZde+AqmNTfTXZOSIohtK + acSuhh/ewCJQxISQ3Nu3o9UY5CeaFEg0VxXrX7DEV8CnIjblGLwIh+haZDrGiA/S + 0WoCPMz5rO8SiNZ6sV+nmAsHLPgBhxEjEazTlVQAvN3hID4zRsO2BujqPCL2tdkh + JK9H3rgKm7Ap8OxR7+C5Mk1KzRpxEUFQS3S+n8PNFNxIe38pmKB1kpzA9WGcL1K/ + b97jEyvhwvzB3KcAHHnd/fOZ3UmXOLNifBVFRTVnMADYe0C2XONO8O4nQC2Mfnm1 + 0f2pNHc/LVFdNmrJbOYKt9TLj+Pdh9nJrnmMJeMUHv53m5swFhlEWzbXSYNfXUbE + gIFkgx7XVG/f4FkT+CJoVWTc0H8wvUsggyV1EL3XoMqh1re/vJqqbXNxKUrZbVVx + oot32ZdA3hOc9xQFKlnQV/HOgBi4pxiUUlAkBB4erRGepIuPjiQHAk4zm+7eI/xS + MRwXvME/t7fpsF/BlxlCEtNs+25pfLgGdhLSJVEye1waVJLLNYfAH45cFMARz3hK + cDnNPwnceb0= + =xyEG -----END PGP MESSAGE----- diff --git a/salt/profile/web/server/nginx.sls b/salt/profile/web/server/nginx.sls index b86b8d0..4bd2299 100644 --- a/salt/profile/web/server/nginx.sls +++ b/salt/profile/web/server/nginx.sls @@ -1,2 +1,10 @@ +{% set csr_dict = salt['pillar.get']('profile:web:server:nginx:csr', {}) %} + include: - nginx.ng + +{% for domain, csr in csr_dict.items() %} +/etc/nginx/ssl/{{ domain }}.csr: + file.managed: + - contents: {{ csr }} +{% endfor %}