From c7dff6e1ae6444f60d3fe20b1f495609c7980051 Mon Sep 17 00:00:00 2001
From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Date: Tue, 22 May 2018 20:01:40 +0200
Subject: [patch] Backport proposed generate_dhparams fix

Upstream PR [1] should fix recently introduced issues with nginx
state for SSL-enabled sites.

[1] https://github.com/salt-formulas/salt-formula-nginx/pull/40

Change-Id: I52b5e4f51539e535249e0850f0b34c2801f4d74a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
---
 ...Fix-generate_dhparams-j2-var-manipulation.patch | 41 ++++++++++++++++++++++
 mcp/patches/patches.list                           |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch

diff --git a/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
new file mode 100644
index 000000000..f2141862c
--- /dev/null
+++ b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
@@ -0,0 +1,41 @@
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+:
+: All rights reserved. This program and the accompanying materials
+: are made available under the terms of the Apache License, Version 2.0
+: which accompanies this distribution, and is available at
+: http://www.apache.org/licenses/LICENSE-2.0
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+Date: Tue, 22 May 2018 19:56:47 +0200
+Subject: [PATCH] server: Fix generate_dhparams j2 var manipulation
+
+Fixes: 621ee472
+
+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+---
+ nginx/server.sls | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/nginx/server.sls b/nginx/server.sls
+index 79287c4..f8c9305 100644
+--- a/nginx/server.sls
++++ b/nginx/server.sls
+@@ -78,14 +78,14 @@ nginx_service:
+   - require:
+     - pkg: nginx_packages
+
+-{%- set generate_dhparams = False %}
++{%- set generate_dhparams = { 'enabled': False } %}
+ {%- for site_name, site in server.get('site', {}).iteritems() %}
+ {%- if site.get('ssl', {}).get('enabled') and site.ssl.get('mode', 'secure') == 'secure' %}
+-  {%- set generate_dhparams = True %}
++  {%- do generate_dhparams.update({ 'enabled': True }) %}
+ {%- endif %}
+ {%- endfor %}
+
+-{%- if generate_dhparams %}
++{%- if generate_dhparams['enabled'] %}
+ nginx_generate_dhparams:
+   cmd.run:
+   - name: openssl dhparam -out /etc/ssl/dhparams.pem 2048
diff --git a/mcp/patches/patches.list b/mcp/patches/patches.list
index ce59395c5..3cdc646a0 100644
--- a/mcp/patches/patches.list
+++ b/mcp/patches/patches.list
@@ -5,6 +5,7 @@
 # which accompanies this distribution, and is available at
 # http://www.apache.org/licenses/LICENSE-2.0
 ##############################################################################
+/usr/share/salt-formulas/env: 0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
 /usr/share/salt-formulas/env: 0002-maas-region-skip-credentials-update.patch
 /usr/share/salt-formulas/env: 0003-maas-region-force-artifact-download.patch
 /usr/share/salt-formulas/env: 0004-network.dpdk-Move-ifcfg-br-prv-to-interfaces.u.patch
-- 
cgit 1.2.3-korg