Merge pull request #260 from myii/bug/241-dhparam

fix(certificates.sls): prepare `certificates_path` dir separately

Author: daks

nginx/certificates.sls

@@ -4,6 +4,10 @@ include:
   - nginx.service
 
 {% set certificates_path = salt['pillar.get']('nginx:certificates_path', '/etc/nginx/ssl') %}
+prepare_certificates_path_dir:
+  file.directory:
+    - name: {{ certificates_path }}
+    - makedirs: True
 
 {%- for dh_param, value in salt['pillar.get']('nginx:dh_param', {}).items() %}
 {%- if value is string %}
@@ -12,19 +16,20 @@ create_nginx_dhparam_{{ dh_param }}_key:
     - name: {{ certificates_path }}/{{ dh_param }}
     - contents_pillar: nginx:dh_param:{{ dh_param }}
     - makedirs: True
+    - require:
+      - file: prepare_certificates_path_dir
     - watch_in:
       - service: nginx_service
 {%- else %}
 generate_nginx_dhparam_{{ dh_param }}_key:
   pkg.installed:
     - name: {{ nginx.lookup.openssl_package }}
-  file.directory:
-    - name: {{ certificates_path }}
-    - makedirs: True
   cmd.run:
     - name: openssl dhparam -out {{ dh_param }} {{ value.get('keysize', 2048) }}
     - cwd: {{ certificates_path }}
     - creates: {{ certificates_path }}/{{ dh_param }}
+    - require:
+      - file: prepare_certificates_path_dir
     - watch_in:
       - service: nginx_service
 {%- endif %}

test/salt/default/pillar/nginx.sls

@@ -37,3 +37,6 @@ nginx:
               - location ~ .htm:
                   - try_files: '$uri $uri/ =404'
               - include: 'snippets/letsencrypt.conf'
+  dh_param:
+    'mydhparam2.pem':
+      keysize: 2048