New version of salt-formula from Saltstack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

minion_pki_cert.sls 1.8KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859
  1. salt:
  2. #master:
  3. # enabled: true
  4. # accept_policy:
  5. # open_mode
  6. # peer:
  7. # '.*':
  8. # - x509.sign_remote_certificate
  9. minion:
  10. enabled: true
  11. cert:
  12. ceph_cert:
  13. alternative_names:
  14. IP:127.0.0.1,DNS:salt.ci.local,DNS:ceph.ci.local,DNS:radosgw.ci.local,DNS:swift.ci.local
  15. cert_file:
  16. /srv/salt/pki/ci/ceph.ci.local.crt
  17. common_name:
  18. ceph_mon.ci.local
  19. key_file:
  20. /srv/salt/pki/ci/ceph.ci.local.key
  21. country: CZ
  22. state: Prague
  23. locality: Karlin
  24. signing_cert:
  25. /etc/pki/ca/salt-ca-test/ca.crt
  26. signing_private_key:
  27. /etc/pki/ca/salt-ca-test/ca.key
  28. # Kitchen-Salt CI trigger `salt-call --local`, below attributes
  29. # can't be used as there is no required SaltMaster connectivity
  30. authority:
  31. salt-ca-test
  32. #host:
  33. # salt.ci.local
  34. #signing_policy:
  35. # cert_server
  36. proxy_cert:
  37. alternative_names:
  38. IP:127.0.0.1,DNS:salt.ci.local,DNS:proxy.ci.local
  39. cert_file:
  40. /srv/salt/pki/ci/prx.ci.local.crt
  41. common_name:
  42. prx.ci.local
  43. key_file:
  44. /srv/salt/pki/ci/prx.ci.local.key
  45. country: CZ
  46. state: Prague
  47. locality: Zizkov
  48. signing_cert:
  49. /etc/pki/ca/salt-ca-default/ca.crt
  50. signing_private_key:
  51. /etc/pki/ca/salt-ca-default/ca.key
  52. # Kitchen-Salt CI trigger `salt-call --local`, below attributes
  53. # can't be used as there is no required SaltMaster connectivity
  54. authority:
  55. salt-ca-default
  56. #host:
  57. # salt.ci.local
  58. #signing_policy:
  59. # cert_server