Fix cert rights

commit: 0bf2e30aefeb397a18c65298d867ee93cca742a9 [log] [tgz]
author: Ales Komarek <ales.komarek@tcpcloud.eu> Fri Jul 15 15:34:31 2016 +0200
committer: Ales Komarek <ales.komarek@tcpcloud.eu> Fri Jul 15 15:34:43 2016 +0200
tree: 9d8c3ec5f5b769898f6467e5a5180ffb36ff147b
parent: 14220973a6139b0ad75234dcf41de4b0c9a7b92a [diff]
diff --git a/salt/files/_peer.conf b/salt/files/_peer.conf
index be3f8a7..11a3b28 100644
--- a/salt/files/_peer.conf
+++ b/salt/files/_peer.conf

@@ -3,4 +3,4 @@
 peer:
 {%- for peer_name,peer_rules in master.peer.items() %}
   {{ peer_name }}: {{ peer_rules }}
-{%- endfor %}
\ No newline at end of file
+{%- endfor %}

diff --git a/salt/minion/cert.sls b/salt/minion/cert.sls
index 65958f7..1953390 100644
--- a/salt/minion/cert.sls
+++ b/salt/minion/cert.sls

@@ -8,6 +8,13 @@
   x509.private_key_managed:
   - bits: 4096
 
+{{ cert.common_name }}_rights:
+  file.managed:
+  - name: /etc/ssl/private/{{ cert.common_name }}.key
+  - mode: 600
+  - require:
+    - x509: /etc/ssl/private/{{ cert.common_name }}.key
+
 /etc/ssl/certs/{{ cert.common_name }}.crt:
   x509.certificate_managed:
   - ca_server: {{ cert.host }}
commit	0bf2e30aefeb397a18c65298d867ee93cca742a9	[log] [tgz]
author	Ales Komarek <ales.komarek@tcpcloud.eu>	Fri Jul 15 15:34:31 2016 +0200
committer	Ales Komarek <ales.komarek@tcpcloud.eu>	Fri Jul 15 15:34:43 2016 +0200
tree	9d8c3ec5f5b769898f6467e5a5180ffb36ff147b
parent	14220973a6139b0ad75234dcf41de4b0c9a7b92a [diff]