From 8fb8a773fe939a00a44384b55e33abc53474ac89 Mon Sep 17 00:00:00 2001 From: Johannes Löthberg Date: Wed, 2 Jan 2019 20:40:05 +0100 Subject: theos/certs/matrix: Copy cert instead of ACL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit They're reset on every run otherwise, which is annoying. Signed-off-by: Johannes Löthberg --- theos/certs/matrix_kyriasis_com.sls | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'theos/certs') diff --git a/theos/certs/matrix_kyriasis_com.sls b/theos/certs/matrix_kyriasis_com.sls index 26981f3..0828d04 100644 --- a/theos/certs/matrix_kyriasis_com.sls +++ b/theos/certs/matrix_kyriasis_com.sls @@ -13,14 +13,22 @@ matrix.kyriasis.com: - require_in: - service: nginx_service -synapse-access-matrix: - acl.present: - - name: /etc/letsencrypt/archive/matrix.kyriasis.com/ - - acl_type: default:user - - acl_name: synapse - - perms: r-x - - recurse: True - - require_in: +/etc/synapse/ssl/fullchain.pem: + file.copy: + - source: /etc/letsencrypt/live/matrix.kyriasis.com/fullchain.pem + - user: synapse + - group: synapse + - mode: 600 + - onchanges: + - acme: matrix.kyriasis.com + +/etc/synapse/ssl/privkey.pem: + file.copy: + - source: /etc/letsencrypt/live/matrix.kyriasis.com/fullchain.pem + - user: synapse + - group: synapse + - mode: 600 + - onchanges: - acme: matrix.kyriasis.com # vim: set ft=yaml et: -- cgit v1.2.3-70-g09d2