pki management

2020-04-02 16:18:18 +02:00
parent 0a74735ba9
commit 393c48b4cb
7 changed files with 120 additions and 0 deletions
--- a/base/pki/host.sls
+++ b/base/pki/host.sls
@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+
+/etc/pki/private.key:
+  x509.private_key_managed:
+    - bits: 4096
+    - backup: True
+    - require:
+      - file: /etc/pki
+
+/etc/pki/public.crt:
+  x509.certificate_managed:
+    - ca_server: tumor.chaos 
+    - signing_policy: host
+    - public_key: /etc/pki/private.key
+    - CN: {{ grains['fqdn'] }} 
+    - days_remaining: 30
+    - backup: True
+    - require:
+      - x509: /etc/pki/private.key