summaryrefslogtreecommitdiffstats
path: root/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-05-22 20:01:40 +0200
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-05-22 20:01:40 +0200
commitc7dff6e1ae6444f60d3fe20b1f495609c7980051 (patch)
treeccf594b7491a29c054957af7e8b619b1aaa164a8 /mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
parentbd04374d931bea88476d4c3d08ac44f46febecce (diff)
[patch] Backport proposed generate_dhparams fix
Upstream PR [1] should fix recently introduced issues with nginx state for SSL-enabled sites. [1] https://github.com/salt-formulas/salt-formula-nginx/pull/40 Change-Id: I52b5e4f51539e535249e0850f0b34c2801f4d74a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch')
-rw-r--r--mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch41
1 files changed, 41 insertions, 0 deletions
diff --git a/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
new file mode 100644
index 000000000..f2141862c
--- /dev/null
+++ b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
@@ -0,0 +1,41 @@
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+:
+: All rights reserved. This program and the accompanying materials
+: are made available under the terms of the Apache License, Version 2.0
+: which accompanies this distribution, and is available at
+: http://www.apache.org/licenses/LICENSE-2.0
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+Date: Tue, 22 May 2018 19:56:47 +0200
+Subject: [PATCH] server: Fix generate_dhparams j2 var manipulation
+
+Fixes: 621ee472
+
+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+---
+ nginx/server.sls | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/nginx/server.sls b/nginx/server.sls
+index 79287c4..f8c9305 100644
+--- a/nginx/server.sls
++++ b/nginx/server.sls
+@@ -78,14 +78,14 @@ nginx_service:
+ - require:
+ - pkg: nginx_packages
+
+-{%- set generate_dhparams = False %}
++{%- set generate_dhparams = { 'enabled': False } %}
+ {%- for site_name, site in server.get('site', {}).iteritems() %}
+ {%- if site.get('ssl', {}).get('enabled') and site.ssl.get('mode', 'secure') == 'secure' %}
+- {%- set generate_dhparams = True %}
++ {%- do generate_dhparams.update({ 'enabled': True }) %}
+ {%- endif %}
+ {%- endfor %}
+
+-{%- if generate_dhparams %}
++{%- if generate_dhparams['enabled'] %}
+ nginx_generate_dhparams:
+ cmd.run:
+ - name: openssl dhparam -out /etc/ssl/dhparams.pem 2048