feat: dynamically add subscribe to nginx resource

- add subscribe option to nginx resource dependent on nginx_listen_mode
- ensure nginx reloads when the ssl_cert or ssl_key changes, only if
  these values are not undef
- ensure the file resources are defined for certificates
This commit is contained in:
2024-03-03 15:22:01 +11:00
parent df97b75aca
commit 0782cd5679
2 changed files with 47 additions and 15 deletions
+20
View File
@@ -102,5 +102,25 @@ class profiles::pki::vault (
require => File[$base_path],
}
}
}else{
# manage each file resources, but dont change the content
$certificate_files = [
"${base_path}/certificate.crt",
"${base_path}/private.key",
"${base_path}/full_chain.crt",
"${base_path}/ca_certificate.crt",
"${base_path}/certificate.pem"
]
$certificate_files.each |$file_path| {
file { $file_path:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
require => File[$base_path],
}
}
}
}