Petr Michalec
f78895981d
remove local ca symlink, become useless
pirms 7 gadiem
Petr Michalec
64e7e680f2
fix, ca crt rollout for trusted_ca_minions
pirms 7 gadiem
Petr Michalec
e07687e17e
Global trust for SaltCA, distribute ca.crt
pirms 7 gadiem
Tomáš Kukrál
e3ae6b3bbf
fix conflicting salt_ca_certificates_packages
It was failing with:
Rendering SLS 'base:salt.minion.cert' failed: Conflicting ID 'salt_ca_certificates_packages'
ca-certificates installation should be probably moved out of the loop in
the future.
Change-Id: I26aeae62cc1c1d407d36d1d6bf101db073d9e601
pirms 7 gadiem
Filip Pytloun
1fde6eac8d
Add salt master's CA into system CA bundle
Change-Id: I89cec95e87db52fd59a84d57c485d8c938711ef3
pirms 7 gadiem
Filip Pytloun
a7d2ecde9b
Run saltutil.sync_all when minion is started
Unfortunately this is not idempotent, however we surely want to sync
everything when salt.minion state is executed.
Change-Id: I0faaf606b57dbd7d009156abfe50d2e5f350190e
pirms 7 gadiem
Tomáš Kukrál
bb122162f2
allow to set keyUsage and extendedKeyUsage cert params
Change-Id: I1eaa9cf7a7f861cc5de604e03fba8a74436d99ad
pirms 7 gadiem
Martin819
92294ff2af
Added Kitchen and Travis
pirms 7 gadiem
Tomáš Kukrál
38bb20473f
fix Conflicting ID for ...crt_cert_permissions
This error occures when multiple certs signed by same CA are requested
on minion.
Change-Id: I6b20ab4e1795298c94f55fdc61af99f933d8491c
pirms 7 gadiem
Tomáš Kukrál
5ea7fb3b3c
send mine always (not only on change)
First run is made during salt-master cloud-init and thus it is onchanges
is not suitable here because ca.crt file is already generated.
pirms 7 gadiem
Vladimir Eremin
3c32aea063
Fix empty array get
It was responsible for
[CRITICAL] Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'
[ERROR ] Data passed to highstate outputter is not a valid highstate return: {'local': ["Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'"]}
pirms 8 gadiem
Ales Komarek
dbb39dee22
Salt-minion fix
pirms 8 gadiem
Filip Pytloun
1a4fb2f4c9
Fix duplicate definition of mine.send
pirms 8 gadiem
Filip Pytloun
aafb50a304
Add ability to create concatenated pem file
pirms 8 gadiem
Ales Komarek
93663473d0
Name escaping
pirms 8 gadiem
Filip Pytloun
5521f52d6a
Enhance minion.cert
- allow defining custom key/cert path
- ensure key/cert directories
- set key/cert permissions by metadata
pirms 8 gadiem
Ales Komarek
4386f3020a
Fix parameter to cert
pirms 8 gadiem
Ales Komarek
09be95486f
Publish to mine
pirms 8 gadiem
Ales Komarek
0bf2e30aef
Fix cert rights
pirms 8 gadiem
Filip Pytloun
dac0ed8d0d
Fix cat /etc/salt/grains.d/* when files not present
pirms 8 gadiem
Adam Tengler
caedd97958
Optional installation source - pip
source:engine metadata created - defaults to pkg
installation, pip installation alternative added
pirms 8 gadiem
Ales Komarek
bca80b792f
x509 subject properties
pirms 8 gadiem
Ales Komarek
370356a933
PKI client cert paths
pirms 8 gadiem
Ales Komarek
9a9abb366b
Salt PKI proper x509v3 cert extensions
pirms 8 gadiem
Ales Komarek
7a911e0f2f
PKI CA certs
pirms 8 gadiem
marco
16d0dc2bc4
fix missing defined
pirms 8 gadiem
Ales Komarek
ffbaaed24d
Salt PKI fixes
pirms 8 gadiem
Ales Komarek
5d17e4b42c
Added Salt PKI setup, orchestration skeleton
pirms 8 gadiem