Petr Michalec
e07687e17e
Global trust for SaltCA, distribute ca.crt
7 years ago
Tomáš Kukrál
e3ae6b3bbf
fix conflicting salt_ca_certificates_packages
It was failing with:
Rendering SLS 'base:salt.minion.cert' failed: Conflicting ID 'salt_ca_certificates_packages'
ca-certificates installation should be probably moved out of the loop in
the future.
Change-Id: I26aeae62cc1c1d407d36d1d6bf101db073d9e601
7 years ago
Filip Pytloun
1fde6eac8d
Add salt master's CA into system CA bundle
Change-Id: I89cec95e87db52fd59a84d57c485d8c938711ef3
7 years ago
Filip Pytloun
a7d2ecde9b
Run saltutil.sync_all when minion is started
Unfortunately this is not idempotent, however we surely want to sync
everything when salt.minion state is executed.
Change-Id: I0faaf606b57dbd7d009156abfe50d2e5f350190e
7 years ago
Swann Croiset
7d792fe76f
Factorize minion grains generation
7 years ago
Tomáš Kukrál
a480e1663c
add policy open_usage
This policy will be used for certificate with various keyUsage
parameters. Etcd for example.
Change-Id: I2a6387f8b7ee58fb6f256881e3e09142f13119a9
7 years ago
Tomáš Kukrál
bb122162f2
allow to set keyUsage and extendedKeyUsage cert params
Change-Id: I1eaa9cf7a7f861cc5de604e03fba8a74436d99ad
7 years ago
Petr Michalec
dc7dbfffb7
add minion.conf default output/log level settings
7 years ago
Guillaume Thouvenin
8467224c8d
Update check for local salt master
By default the check is OK for a number of processes between 1 and 15
but on our machine the number is up to 48. So we set the limit
accordingly.
Change-Id: Iac3d2b91312dfe778ebcd39b5eb985348c7aee5a
7 years ago
Ondrej Smola
b74020fe39
added autostart for vm into virt
7 years ago
Martin819
92294ff2af
Added Kitchen and Travis
7 years ago
Tomáš Kukrál
04aa7b4bc7
fix mass install of formula pkgs
Previous approach fails when all of formulas are installed from git.
Change-Id: I0622461ee6469c59c1fd3ad4a23cdaeaeee1b444
7 years ago
Anežka Jadlovská
87c561dbad
Speed up installation of formula packages
Install all pkgs for formulas together.
7 years ago
Tomáš Kukrál
38bb20473f
fix Conflicting ID for ...crt_cert_permissions
This error occures when multiple certs signed by same CA are requested
on minion.
Change-Id: I6b20ab4e1795298c94f55fdc61af99f933d8491c
7 years ago
Tomáš Kukrál
5ea7fb3b3c
send mine always (not only on change)
First run is made during salt-master cloud-init and thus it is onchanges
is not suitable here because ca.crt file is already generated.
7 years ago
Ondrej Smola
6a4e11aafc
added config for proxy on salt minion
7 years ago
Ales Komarek
dec3101da7
Syndic service
7 years ago
Ales Komarek
70a32ba44f
Conditional orders
7 years ago
Ales Komarek
2c5e080c01
Support of multi-master-of-masters
7 years ago
Ales Komarek
a33b905a72
Cleaned up salt-syndic features
7 years ago
Simon Pasquier
b154dc3a7a
Fix salt.api state to catch undefined data
7 years ago
Ales Komarek
b1cb0104e3
API Expire responses
7 years ago
Michael Kutý
08eb0a4d28
Support letsencrypt certs for API.
Letsencrypt could makes symlinks to standard locations in the future.
8 years ago
Ondrej Smola
cd92dbf958
added log_level to salt minion
8 years ago
Olivier Bourdon
d261b33c40
Fix typo in package name
8 years ago
Ales Komarek
76eb5f1ccb
psutil package
8 years ago
Adam Tengler
686c07958e
Orchestration file generation and metadata
8 years ago
Ales Komarek
cb44c98189
Keystone fix
8 years ago
Éric Lemoine
28679f6dd0
Require reclass_data_dir
8 years ago
Ales Komarek
970f6caab6
Fix ACL generation condition
8 years ago
Éric Lemoine
0b33d6717e
Fix the saltversion test
8 years ago
Vladimir Eremin
3c32aea063
Fix empty array get
It was responsible for
[CRITICAL] Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'
[ERROR ] Data passed to highstate outputter is not a valid highstate return: {'local': ["Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'"]}
8 years ago
Ales Komarek
dbb39dee22
Salt-minion fix
8 years ago
Andres Montalban
d5709f2e3b
Debian based distros m2crypto package is actually called python-m2crypto. For more info check: http://packages.ubuntu.com/search?keywords=python-m2crypto
8 years ago
Ondrej Smola
41e64e1995
change salt master check range
8 years ago
Ales Komarek
b222a135fa
Master remote ACLs
8 years ago
Filip Pytloun
a4d0c2ec4a
Include salt.api in init.sls
8 years ago
Filip Pytloun
8d71b8b1c9
Fix typo in salt-api ssl setup
8 years ago
Filip Pytloun
1a4fb2f4c9
Fix duplicate definition of mine.send
8 years ago
Filip Pytloun
aafb50a304
Add ability to create concatenated pem file
8 years ago
Ales Komarek
93663473d0
Name escaping
8 years ago
Filip Pytloun
e3a26aea43
Fix salt-ssh, fix version
8 years ago
Ales Komarek
b2c8ff6df5
Pillar test data
8 years ago
Ales Komarek
8fb1da8490
Salt-ssh support
8 years ago
Ales Komarek
bbd978cad7
Optional SSL certs
8 years ago
Ales Komarek
cdb280f5fd
Salt ACL and API updates
8 years ago
Filip Pytloun
5521f52d6a
Enhance minion.cert
- allow defining custom key/cert path
- ensure key/cert directories
- set key/cert permissions by metadata
8 years ago
Ales Komarek
4386f3020a
Fix parameter to cert
8 years ago
Ales Komarek
09be95486f
Publish to mine
8 years ago
Ales Komarek
0bf2e30aef
Fix cert rights
8 years ago