diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-05-22 20:01:40 +0200 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-05-22 18:46:01 +0000 |
commit | fb78f2057df57af51a257c4605ff28cbec97cc79 (patch) | |
tree | 60cdb50f393d314004e90fdf7711f8bcd6a18f91 /mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch | |
parent | c8babe3e64c1c958c4ef0f6573edf9a08e1726eb (diff) |
[patch] Backport proposed generate_dhparams fix
Upstream PR [1] should fix recently introduced issues with nginx
state for SSL-enabled sites.
[1] https://github.com/salt-formulas/salt-formula-nginx/pull/40
Change-Id: I52b5e4f51539e535249e0850f0b34c2801f4d74a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
(cherry picked from commit c7dff6e1ae6444f60d3fe20b1f495609c7980051)
Diffstat (limited to 'mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch')
-rw-r--r-- | mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch new file mode 100644 index 000000000..f2141862c --- /dev/null +++ b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch @@ -0,0 +1,41 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Tue, 22 May 2018 19:56:47 +0200 +Subject: [PATCH] server: Fix generate_dhparams j2 var manipulation + +Fixes: 621ee472 + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + nginx/server.sls | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/nginx/server.sls b/nginx/server.sls +index 79287c4..f8c9305 100644 +--- a/nginx/server.sls ++++ b/nginx/server.sls +@@ -78,14 +78,14 @@ nginx_service: + - require: + - pkg: nginx_packages + +-{%- set generate_dhparams = False %} ++{%- set generate_dhparams = { 'enabled': False } %} + {%- for site_name, site in server.get('site', {}).iteritems() %} + {%- if site.get('ssl', {}).get('enabled') and site.ssl.get('mode', 'secure') == 'secure' %} +- {%- set generate_dhparams = True %} ++ {%- do generate_dhparams.update({ 'enabled': True }) %} + {%- endif %} + {%- endfor %} + +-{%- if generate_dhparams %} ++{%- if generate_dhparams['enabled'] %} + nginx_generate_dhparams: + cmd.run: + - name: openssl dhparam -out /etc/ssl/dhparams.pem 2048 |