commit 2a75c3b019cc157e0bd74af3876c1bb5dbc1e737
author Petr Michalec <epcim@apealive.net> Tue Mar 21 13:40:12 2017 +0100
committer Petr Michalec <epcim@apealive.net> Wed Mar 22 15:08:38 2017 +0100
tree 55008b7d1566c410f35d7e2fca76e055d8755295
parent ecd14b0e06a6d63358acafe7ff60c237e27b604c

Reusable certificates
 - store cert under /srv/salt/pki
 - isolate certs per cluster name
 - reclass overrides (openstack, wildcard)

salt/minion/cert/swift/init.yml

diff --git a/salt/minion/cert/swift/init.yml b/salt/minion/cert/swift/init.yml
new file mode 100644
index 0000000..28859cf
--- /dev/null
+++ b/salt/minion/cert/swift/init.yml
@@ -0,0 +1,11 @@
+parameters:
+  _param:
+    salt_minion_ca_authority: salt_master_ca
+  salt:
+    minion:
+      cert:
+        swift:
+          host: ${_param:salt_minion_ca_host}
+          signing_policy: cert_server
+          authority: ${_param:salt_minion_ca_authority}
+          common_name: ${_param:cluster_public_host}