formula-vault/vault/server.sls

{% from "vault/map.jinja" import vault with context %}
{%- if vault.self_signed_cert.enabled %}
/usr/local/bin/self-cert-gen.sh:
  file.managed:
    - source: salt://vault/files/cert-gen.sh.jinja
    - template: jinja
    - user: root
    - group: root
    - mode: 644

generate self signed SSL certs:
  cmd.run:
    - name: bash /usr/local/bin/cert-gen.sh {{ vault.self_signed_cert.hostname }} {{ vault.self_signed_cert.password }}
    - cwd: /etc/vault
    - require:
      - file: /usr/local/bin/self-cert-gen.sh
{% endif -%}

/etc/vault:
  file.directory:
    - user: root
    - group: root
    - mode: 755

/etc/vault/config:
  file.directory:
    - user: root
    - group: root
    - mode: 755
    - require:
      - file: /etc/vault

/etc/vault/config/server.hcl:
  file.managed:
    - source: salt://vault/files/server.hcl.jinja
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - require:
      - file: /etc/vault/config

{%- if vault.service.type == 'systemd' %}
/etc/systemd/system/vault.service:
  file.managed:
    - source: salt://vault/files/vault_systemd.service.jinja
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - require_in:
      - service: vault

{% elif vault.service.type == 'upstart' %}
/etc/init/vault.conf:
  file.managed:
    - source: salt://vault/files/vault_upstart.conf.jinja
    - template: jinja
    - user: root
    - group: root
    - require_in:
      - service: vault
{% endif -%}

vault:
  service.running:
    - enable: True
    - require:
      {%- if vault.self_signed_cert.enabled %}
      - cmd: generate self signed SSL certs
      {% endif %}
      - file: /etc/vault/config/server.hcl
    - onchanges:
      - cmd: install vault
      - file: /etc/vault/config/server.hcl
Added parameters 2017-04-11 10:55:31 -04:00			`{% from "vault/map.jinja" import vault with context %}`
Add support for tests 2017-04-24 10:48:25 -04:00			`{%- if vault.self_signed_cert.enabled %}`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`/usr/local/bin/self-cert-gen.sh:`
			`file.managed:`
Added parameters 2017-04-11 10:55:31 -04:00			`- source: salt://vault/files/cert-gen.sh.jinja`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`

Added parameters 2017-04-11 10:55:31 -04:00			`generate self signed SSL certs:`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`cmd.run:`
Added parameters 2017-04-11 10:55:31 -04:00			`- name: bash /usr/local/bin/cert-gen.sh {{ vault.self_signed_cert.hostname }} {{ vault.self_signed_cert.password }}`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`- cwd: /etc/vault`
			`- require:`
			`- file: /usr/local/bin/self-cert-gen.sh`
Add support for tests 2017-04-24 10:48:25 -04:00			`{% endif -%}`

			`/etc/vault:`
			`file.directory:`
			`- user: root`
			`- group: root`
			`- mode: 755`
Merge some tests to make travis faster (less permutations) 2017-04-28 16:02:17 -04:00
Add support for tests 2017-04-24 10:48:25 -04:00			`/etc/vault/config:`
			`file.directory:`
			`- user: root`
			`- group: root`
			`- mode: 755`
			`- require:`
			`- file: /etc/vault`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00
			`/etc/vault/config/server.hcl:`
			`file.managed:`
Added parameters 2017-04-11 10:55:31 -04:00			`- source: salt://vault/files/server.hcl.jinja`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
Add support for tests 2017-04-24 10:48:25 -04:00			`- require:`
			`- file: /etc/vault/config`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00
Add support for tests 2017-04-24 10:48:25 -04:00			`{%- if vault.service.type == 'systemd' %}`
			`/etc/systemd/system/vault.service:`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`file.managed:`
Add support for tests 2017-04-24 10:48:25 -04:00			`- source: salt://vault/files/vault_systemd.service.jinja`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
Add support for tests 2017-04-24 10:48:25 -04:00			`- require_in:`
			`- service: vault`

			`{% elif vault.service.type == 'upstart' %}`
			`/etc/init/vault.conf:`
			`file.managed:`
			`- source: salt://vault/files/vault_upstart.conf.jinja`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- require_in:`
			`- service: vault`
			`{% endif -%}`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00
			`vault:`
			`service.running:`
			`- enable: True`
			`- require:`
Add support for tests 2017-04-24 10:48:25 -04:00			`{%- if vault.self_signed_cert.enabled %}`
Added parameters 2017-04-11 10:55:31 -04:00			`- cmd: generate self signed SSL certs`
fix linefeed 2018-01-26 15:31:25 -05:00			`{% endif %}`
Initial commit - not workign as-is 2017-04-11 09:58:37 -04:00			`- file: /etc/vault/config/server.hcl`
download, verify, install logic 2018-01-10 15:12:09 -05:00			`- onchanges:`
			`- cmd: install vault`
			`- file: /etc/vault/config/server.hcl`