75 lines
1.6 KiB
Plaintext
75 lines
1.6 KiB
Plaintext
dehydrated:
|
|
pkg.installed:
|
|
- pkgs:
|
|
- dehydrated
|
|
- dnsutils
|
|
- rsync
|
|
|
|
dehydrated_domains:
|
|
file.managed:
|
|
- name: /etc/dehydrated/domains.txt
|
|
- source: salt://certificates/dehydrated/domains.txt
|
|
- mode: '0644'
|
|
|
|
dehydrated_dnsapi:
|
|
file.managed:
|
|
- name: /etc/dehydrated/dnsapi.config.txt
|
|
- source: salt://certificates/dehydrated/dnsapi.config.txt
|
|
- mode: '0600'
|
|
- template: jinja
|
|
|
|
dehydrated_mythic_dns01:
|
|
file.recurse:
|
|
- name: /etc/dehydrated/dehydrated-mythic-dns01
|
|
- source: salt://certificates/dehydrated/dehydrated-mythic-dns01
|
|
- dir_mode: '0755'
|
|
- file_mode: '0755'
|
|
- include_pat:
|
|
- "*.sh"
|
|
- "*-challenge"
|
|
- "common"
|
|
|
|
dehydrated_cert_group:
|
|
group.present:
|
|
- name: ssl-cert
|
|
- system: true
|
|
|
|
dehydrated_permissions:
|
|
file.directory:
|
|
- name: /var/lib/dehydrated/certs
|
|
- group: ssl-cert
|
|
- dir_mode: 2750
|
|
- file_mode: 0640
|
|
- recurse:
|
|
- group
|
|
- mode
|
|
|
|
dehydrated_hooks:
|
|
file.recurse:
|
|
- name: /etc/dehydrated/conf.d
|
|
- source: salt://certificates/dehydrated/conf.d
|
|
- dir_mode: '0755'
|
|
- file_mode: '0644'
|
|
|
|
dehydrated_cron:
|
|
file.managed:
|
|
- name: /etc/cron.daily/dehydrated
|
|
- source: salt://certificates/dehydrated/cron.daily
|
|
- mode: '0755'
|
|
|
|
dehydrated_logrotate:
|
|
file.managed:
|
|
- name: /etc/logrotate.d/dehydrated
|
|
- source: salt://certificates/dehydrated/logrotate
|
|
- mode: '0644'
|
|
|
|
server_key:
|
|
ssh_auth.present:
|
|
- user: root
|
|
- source: salt://certificates/certificates_id_ed25519.pub
|
|
|
|
server_client_certificate_location:
|
|
file.symlink:
|
|
- name: /var/local/certificates
|
|
- target: /var/lib/dehydrated/certs
|