New Saltstack Salt formula
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.

minion_pki_cert.sls 2.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. salt:
  2. #master:
  3. # enabled: true
  4. # accept_policy:
  5. # open_mode
  6. # peer:
  7. # '.*':
  8. # - x509.sign_remote_certificate
  9. minion:
  10. enabled: true
  11. trusted_ca_minions:
  12. - cfg01
  13. cert:
  14. ceph_cert:
  15. alternative_names:
  16. IP:127.0.0.1,DNS:salt.ci.local,DNS:ceph.ci.local,DNS:radosgw.ci.local,DNS:swift.ci.local
  17. cert_file:
  18. /srv/salt/pki/ci/ceph.ci.local.crt
  19. common_name:
  20. ceph_mon.ci.local
  21. key_file:
  22. /srv/salt/pki/ci/ceph.ci.local.key
  23. country: CZ
  24. state: Prague
  25. locality: Karlin
  26. signing_cert:
  27. /etc/pki/ca/salt-ca-test/ca.crt
  28. signing_private_key:
  29. /etc/pki/ca/salt-ca-test/ca.key
  30. # Kitchen-Salt CI trigger `salt-call --local`, below attributes
  31. # can't be used as there is no required SaltMaster connectivity
  32. authority:
  33. salt-ca-test
  34. #host:
  35. # salt.ci.local
  36. #signing_policy:
  37. # cert_server
  38. proxy_cert:
  39. alternative_names:
  40. IP:127.0.0.1,DNS:salt.ci.local,DNS:proxy.ci.local
  41. cert_file:
  42. /srv/salt/pki/ci/prx.ci.local.crt
  43. common_name:
  44. prx.ci.local
  45. key_file:
  46. /srv/salt/pki/ci/prx.ci.local.key
  47. country: CZ
  48. state: Prague
  49. locality: Zizkov
  50. signing_cert:
  51. /etc/pki/ca/salt-ca-default/ca.crt
  52. signing_private_key:
  53. /etc/pki/ca/salt-ca-default/ca.key
  54. # Kitchen-Salt CI trigger `salt-call --local`, below attributes
  55. # can't be used as there is no required SaltMaster connectivity
  56. authority:
  57. salt-ca-default
  58. #host:
  59. # salt.ci.local
  60. #signing_policy:
  61. # cert_server
  62. test_cert:
  63. alternative_names:
  64. IP:127.0.0.1,DNS:salt.ci.local,DNS:test.ci.local
  65. cert_file:
  66. /srv/salt/pki/ci/test.ci.local.crt
  67. common_name:
  68. test.ci.local
  69. key_file:
  70. /srv/salt/pki/ci/test.ci.local.key
  71. country: CZ
  72. state: Prague
  73. locality: Cesky Krumlov
  74. signing_cert:
  75. /etc/test/ca.crt
  76. signing_private_key:
  77. /etc/test/ca.key
  78. # Kitchen-Salt CI trigger `salt-call --local`, below attributes
  79. # can't be used as there is no required SaltMaster connectivity
  80. authority:
  81. salt-ca-alt