Merge "Add Users to Linux and SSH users"
diff --git a/defaults/init.yml b/defaults/init.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/defaults/init.yml
diff --git a/galera/server/database/x509/cinder.yml b/galera/server/database/x509/cinder.yml
index 38fd75a..be45c03 100644
--- a/galera/server/database/x509/cinder.yml
+++ b/galera/server/database/x509/cinder.yml
@@ -1,7 +1,7 @@
parameters:
_param:
- mysql_cinder_clietn_ssl_x509_subject: '/C=cz/CN=mysql-cinder-client/L=Prague/O=Mirantis'
- mysql_cinder_clietn_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_cinder_client_ssl_x509_subject: '/C=cz/CN=mysql-cinder-client/L=Prague/O=Mirantis'
+ mysql_cinder_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
mysql_cinder_ssl_option:
- - SUBJECT: ${_param:mysql_cinder_clietn_ssl_x509_subject}
- - ISSUER: ${_param:mysql_cinder_clietn_ssl_x509_issuer}
\ No newline at end of file
+ - SUBJECT: ${_param:mysql_cinder_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_cinder_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/kubernetes/control/opencontrail.yml b/kubernetes/control/opencontrail.yml
index d72892d..e5556fa 100644
--- a/kubernetes/control/opencontrail.yml
+++ b/kubernetes/control/opencontrail.yml
@@ -17,9 +17,9 @@
engine: none
opencontrail:
version: ${_param:opencontrail_version}
- public_ip_range: ${_param:opencontrail_public_ip_range }
- public_network: ${_param:opencontrail_public_ip_network }
- private_ip_range: ${_param:opencontrail_private_ip_range }
+ public_ip_range: ${_param:opencontrail_public_ip_range}
+ public_network: ${_param:opencontrail_public_ip_network}
+ private_ip_range: ${_param:opencontrail_private_ip_range}
config:
api:
host: ${_param:opencontrail_control_address}
diff --git a/linux/system/users/keystone.yml b/linux/system/users/keystone.yml
index 14e38dd..cda4c36 100644
--- a/linux/system/users/keystone.yml
+++ b/linux/system/users/keystone.yml
@@ -8,7 +8,7 @@
home: /var/lib/keystone
uid: 301
gid: 301
- shell: /bin/false
+ shell: /bin/bash
system: True
group:
keystone:
diff --git a/openssh/server/team/maintenance.yml b/openssh/server/team/maintenance.yml
index 33cc697..6f79522 100644
--- a/openssh/server/team/maintenance.yml
+++ b/openssh/server/team/maintenance.yml
@@ -4,8 +4,8 @@
- system.openssh.server.team.members.omolchanov
- system.openssh.server.team.members.ibumarskov
- system.openssh.server.team.members.vkhlyunev
-- system.openssh.server.team.members.vjigulin
- system.openssh.server.team.members.dtsapikov
+- system.openssh.server.team.members.rlubianyi
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/members/rlubianyi.yml b/openssh/server/team/members/rlubianyi.yml
new file mode 100644
index 0000000..63f3397
--- /dev/null
+++ b/openssh/server/team/members/rlubianyi.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ rlubianyi:
+ enabled: true
+ name: rlubianyi
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Roman Lubianyi
+ home: /home/rlubianyi
+ email: rlubianyi@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ rlubianyi:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXWwy6p3t4AGvaCtFDJxqKZiPDotJnbu2IKg2p7sl7YXQw+APLKk9maHyUehQQuGzidgBZpmBOMAXENcO1FGFj56cnp4W9tldTiRq1bWcUMq42wfNwIToP6dAXj5ZyhL+UZj1GsCThSasDhFe4Xife0cn69KHJqtmahApQK6D7tpZr2UNDYNWh/2JIrUOcJXZU+BqNg7zm1KNb6e9lKXL6KLDeaCiQ0bj+L/unqepLdg26eO7AQSZ/rt2qAnbfcquozECtDhT4cbK8q9xJODlJQ3eQGOgTH3m8jGijL+3UdPFUzbo4KwSK4V9FmB711HVBCQM4nlH9zumIUSxutnkd rlubianyi@rlubianyi-pc
+ user: ${linux:system:user:rlubianyi}
diff --git a/salt/minion/cert/mysql/clients/openstack/cinder.yml b/salt/minion/cert/mysql/clients/openstack/cinder.yml
index ec6a77a..1ff053f 100644
--- a/salt/minion/cert/mysql/clients/openstack/cinder.yml
+++ b/salt/minion/cert/mysql/clients/openstack/cinder.yml
@@ -2,9 +2,9 @@
_param:
salt_minion_ca_host: cfg01.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
- mysql_cinder_client_ssl_key_file: /etc/pki/mysql-cinder-client/client-key.pem
- mysql_cinder_client_ssl_cert_file: /etc/pki/mysql-cinder-client/client-cert.pem
- mysql_cinder_ssl_ca_file: /etc/pki/mysql-cinder-client/ca-cert.pem
+ mysql_cinder_client_ssl_key_file: /etc/cinder/ssl/mysql/client-key.pem
+ mysql_cinder_client_ssl_cert_file: /etc/cinder/ssl/mysql/client-cert.pem
+ mysql_cinder_ssl_ca_file: /etc/cinder/ssl/mysql/ca-cert.pem
salt:
minion:
cert:
@@ -24,4 +24,4 @@
ca_file: ${_param:mysql_cinder_ssl_ca_file}
user: cinder
group: cinder
- mode: 640
\ No newline at end of file
+ mode: 640