Salt state failing to apply

Question

When I want to apply my state to the minion I get the following error:

Function: acme.cert
  Result: False
 Comment: State 'acme.cert' was not found in SLS 'certbot'
          Reason: 'acme.cert' is not available.
 Started:
Duration:
 Changes:

This is my state file. certbot.sls:

certbot:
  pkg.installed:
    - name: certbot

reload-nginx:
  cmd.run:
    - name: systemctl reload nginx.service

<my.domain>:
  acme.cert:
    - aliases:
      - <my.domain>
    - email: <my.email>
    - webroot_path: /srv/<my.domain>/
    - renew: 14
    - agree_tos: True
    - fire_event: acme/<my.domain>
    - onchanges:
      - cmd: reload-nginx

I assume that the problem occurs because I didn't install acme.cert module but I can't find it anywhere and maybe is their a other solution for this problem?

Answer 1

After installing certbot, you must reload the salt modules so they can see it.

Your onchanges is also the wrong way around.

certbot:
  pkg.installed:
    - reload_modules: true

nginx:
  service.running:
    - reload: true

<my.domain>:
  acme.cert:
    - aliases: 
      - <my.domain> 
    - email: <my.email> 
    - webroot_path: /srv/<my.domain>/ 
    - renew: 14 
    - agree_tos: true 
    - fire_event: acme/<my.domain>
    - require:
      - pkg: certbot
      - service: nginx
    - listen_in:
      - service: nginx

Though I'm assuming you already have an nginx state elsewhere? You should reference that instead of adding another one.

https://docs.saltproject.io/en/latest/ref/states/requisites.html

Answer 2

acme.cert didn't load when the salt-minion started because certbot wasn't available at minion start time.

So to fix this you'll need to run your certbot.sls file, then restart the salt-minin, then the rest of your state should work.