salt/minion/cert/salt_api.yml - salt-models/reclass-system - Gitiles

 parameters:
   salt:
     minion:
       cert:
         salt_api:
           common_name: salt_api
           host: ${_param:salt_minion_ca_host}
           authority: ${_param:salt_minion_ca_authority}
           key_file:   /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}.key
           cert_file:  /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}.crt
           all_file:   /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}-chain-with-key.pem
           ca_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}-ca.pem
           signing_policy: cert_server
           alternative_names: >
             IP:${_param:salt_master_host},
             IP:127.0.0.1,
             IP:${_param:infra_config_address},
             DNS:${_param:salt_master_host},
             DNS:127.0.0.1,
             DNS:${_param:infra_config_address},
             DNS:${_param:infra_config_hostname}.${_param:cluster_domain}
           mode: '0644'
	parameters:
	salt:
	minion:
	cert:
	salt_api:
	common_name: salt_api
	host: ${_param:salt_minion_ca_host}
	authority: ${_param:salt_minion_ca_authority}
	key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}.key
	cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}.crt
	all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}-chain-with-key.pem
	ca_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:salt_api:common_name}-ca.pem
	signing_policy: cert_server
	alternative_names: >
	IP:${_param:salt_master_host},
	IP:127.0.0.1,
	IP:${_param:infra_config_address},
	DNS:${_param:salt_master_host},
	DNS:127.0.0.1,
	DNS:${_param:infra_config_address},
	DNS:${_param:infra_config_hostname}.${_param:cluster_domain}
	mode: '0644'