barbican/map.jinja - salt-formulas/barbican - Gitiles

 {%- load_yaml as server_defaults %}
 default:
   bind:
     address: 127.0.0.1
     port: 8080
   cache:
     engine: noop
   message_queue:
     ssl:
       enabled: False
   database:
     ssl:
       enabled: False
   dogtag_admin_cert:
     engine: noop
   logging:
     app_name: 'barbican'
     log_appender: false
     log_handlers:
       watchedfile:
         enabled: true
   oslo_policy:
     policy_file: 'policy.json'
 Debian:
   pkgs:
   - barbican-api
   - barbican-keystone-listener
   - barbican-worker
   services:
   - barbican-keystone-listener
   dogtag_pkgs:
   - libnss3-tools
   - python-nss
   - pki-base
   cacert_file: /etc/ssl/certs/ca-certificates.crt
 RedHat:
   cacert_file: /etc/pki/tls/certs/ca-bundle.crt
 {%- endload %}

 {%- load_yaml as client_defaults %}
 Debian:
   pkgs:
   - python-barbicanclient
 {%- endload %}

 {%- set server = salt['grains.filter_by'](server_defaults, merge=salt['pillar.get']('barbican:server'), base='default') %}

 {%- if server.cache is defined %}
   {%- do server.pkgs.append('python-memcache') %}
 {%- endif %}

 {# Dogtag cert source case #2: Cert from Mine. #}
 {%- if server.dogtag_admin_cert.engine == 'mine' %}
   {%- set dogtag_mine_admin_certs = salt['mine.get']('I@dogtag:server', 'dogtag_admin_cert', 'compound') %}
   {%- if dogtag_mine_admin_certs.get(server.dogtag_admin_cert.minion) == None %}
     {%- do salt['mine.send']('I@dogtag:server:role:master', 'dogtag_admin_cert', "cmd.run 'cat /etc/dogtag/kra_admin_cert.pem'") %}
   {%- endif %}
   {%- do server.dogtag_admin_cert.update({'key': dogtag_mine_admin_certs.get(server.dogtag_admin_cert.minion) }) %}
 {%- endif %}

 {%- set client = salt['grains.filter_by'](client_defaults, merge=salt['pillar.get']('barbican:client')) %}
	{%- load_yaml as server_defaults %}
	default:
	bind:
	address: 127.0.0.1
	port: 8080
	cache:
	engine: noop
	message_queue:
	ssl:
	enabled: False
	database:
	ssl:
	enabled: False
	dogtag_admin_cert:
	engine: noop
	logging:
	app_name: 'barbican'
	log_appender: false
	log_handlers:
	watchedfile:
	enabled: true
	oslo_policy:
	policy_file: 'policy.json'
	Debian:
	pkgs:
	- barbican-api
	- barbican-keystone-listener
	- barbican-worker
	services:
	- barbican-keystone-listener
	dogtag_pkgs:
	- libnss3-tools
	- python-nss
	- pki-base
	cacert_file: /etc/ssl/certs/ca-certificates.crt
	RedHat:
	cacert_file: /etc/pki/tls/certs/ca-bundle.crt
	{%- endload %}

	{%- load_yaml as client_defaults %}
	Debian:
	pkgs:
	- python-barbicanclient
	{%- endload %}

	{%- set server = salt['grains.filter_by'](server_defaults, merge=salt['pillar.get']('barbican:server'), base='default') %}

	{%- if server.cache is defined %}
	{%- do server.pkgs.append('python-memcache') %}
	{%- endif %}

	{# Dogtag cert source case #2: Cert from Mine. #}
	{%- if server.dogtag_admin_cert.engine == 'mine' %}
	{%- set dogtag_mine_admin_certs = salt['mine.get']('I@dogtag:server', 'dogtag_admin_cert', 'compound') %}
	{%- if dogtag_mine_admin_certs.get(server.dogtag_admin_cert.minion) == None %}
	{%- do salt['mine.send']('I@dogtag:server:role:master', 'dogtag_admin_cert', "cmd.run 'cat /etc/dogtag/kra_admin_cert.pem'") %}
	{%- endif %}
	{%- do server.dogtag_admin_cert.update({'key': dogtag_mine_admin_certs.get(server.dogtag_admin_cert.minion) }) %}
	{%- endif %}

	{%- set client = salt['grains.filter_by'](client_defaults, merge=salt['pillar.get']('barbican:client')) %}