salt master stuff and CA move
This commit is contained in:
do
@@ -7,11 +7,11 @@
|
||||
|
||||
/etc/pki/intca.crt:
|
||||
x509.pem_managed:
|
||||
- text: {{ salt['mine.get']('tumor.chaos', 'x509.get_pem_entries')['tumor.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
- text: {{ salt['mine.get']('salt.chaos', 'x509.get_pem_entries')['salt.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
|
||||
/etc/ssl/certs/intca.crt:
|
||||
x509.pem_managed:
|
||||
- text: {{ salt['mine.get']('tumor.chaos', 'x509.get_pem_entries')['tumor.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
- text: {{ salt['mine.get']('salt.chaos', 'x509.get_pem_entries')['salt.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
|
||||
|
||||
/usr/sbin/update-ca-certificates:
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
|
||||
/etc/pki/public.crt:
|
||||
x509.certificate_managed:
|
||||
- ca_server: tumor.chaos
|
||||
- ca_server: salt.chaos
|
||||
- signing_policy: host
|
||||
- public_key: /etc/pki/private.key
|
||||
- CN: {{ grains['fqdn'] }}
|
||||
@@ -25,7 +25,7 @@
|
||||
|
||||
/etc/pki/{{ cn }}.crt:
|
||||
x509.certificate_managed:
|
||||
- ca_server: tumor.chaos
|
||||
- ca_server: salt.chaos
|
||||
- signing_policy: host
|
||||
- public_key: /etc/pki/private.key
|
||||
- days_remaining: 5
|
||||
|
||||
Reference in New Issue
Block a user