commit 2a75c3b019cc157e0bd74af3876c1bb5dbc1e737
author Petr Michalec <epcim@apealive.net> Tue Mar 21 13:40:12 2017 +0100
committer Petr Michalec <epcim@apealive.net> Wed Mar 22 15:08:38 2017 +0100
tree 55008b7d1566c410f35d7e2fca76e055d8755295
parent ecd14b0e06a6d63358acafe7ff60c237e27b604c

Reusable certificates
 - store cert under /srv/salt/pki
 - isolate certs per cluster name
 - reclass overrides (openstack, wildcard)

salt/minion/cert/swift/pki.yml

diff --git a/salt/minion/cert/swift/pki.yml b/salt/minion/cert/swift/pki.yml
new file mode 100644
index 0000000..dd24060
--- /dev/null
+++ b/salt/minion/cert/swift/pki.yml
@@ -0,0 +1,8 @@
+parameters:
+  salt:
+    minion:
+      cert:
+        swift:
+          key_file:  /srv/salt/pki/${_param:cluster_name}/swift.${_param:cluster_public_host}.key
+          cert_file: /srv/salt/pki/${_param:cluster_name}/swift.${_param:cluster_public_host}.crt
+          all_file:  /srv/salt/pki/${_param:cluster_name}/swift-with-key.${_param:cluster_public_host}.pem