ExternalMirrors
/
salt-formula
mirror of https://github.com/salt-formulas/salt-formula-salt
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 7 Wiki Activity
New version of salt-formula from Saltstack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 Commits
26 Branches
Tree: ffbaaed24d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ffbaaed24d'
${ noResults }
salt-formula/salt/files/_pki.conf

19 lines
638B
Raw Blame History 

  1. {%- from "salt/map.jinja" import minion with context %}

  2. 

  3. x509_signing_policies:

  4. {%- for ca_name,ca in minion.ca.items() %}

  5.   {{ ca_name }}:

  6.     - minions: '*'

  7.     - signing_private_key: /etc/pki/ca/{{ ca_name }}/ca.key

  8.     - signing_cert: /etc/pki/ca/{{ ca_name }}/ca.crt

  9.     - C: {{ ca.country }}

  10.     - ST: {{ ca.state }}

  11.     - L: {{ ca.locality }}

  12.     - basicConstraints: "critical CA:false"

  13.     - keyUsage: "critical cRLSign, keyCertSign"

  14.     - subjectKeyIdentifier: hash

  15.     - authorityKeyIdentifier: keyid,issuer:always

  16.     - days_valid: {{ ca.days_valid.certificate }}

  17.     - copypath: /etc/pki/ca/{{ ca_name }}/certs/

  18. {%- endfor %}