Fix Salt PKI setup

commit: bc52ba0abcdd755e30777c96543ea52317c0c4c8 [log] [tgz]
author: Ales Komarek <ales.komarek@newt.cz> Fri Jan 13 08:53:36 2017 -0800
committer: Ales Komarek <ales.komarek@newt.cz> Fri Jan 13 08:53:36 2017 -0800
tree: fab36585d7e8dc64a27deab9ab53d01abad04985
parent: a831609649a1d07a64aad6728173ed6a720bf4a3 [diff]
diff --git a/salt/master/api.yml b/salt/master/api.yml
index 1cfeb42..1c0c3fb 100644
--- a/salt/master/api.yml
+++ b/salt/master/api.yml

@@ -1,6 +1,12 @@
 parameters:
   _param:
     salt_master_api_port: 8000
+    salt_master_api_permissions:
+    - '.*'
+    - '@local'
+    - '@wheel'   # to allow access to all wheel modules
+    - '@runner'  # to allow access to all runner modules
+    - '@jobs'    # to allow access to the jobs runner and/or wheel mo
   salt:
     api:
       enabled: true
@@ -11,12 +17,7 @@
       command_timeout: 600
       user:
         salt:
-          permissions:
-          - '.*'
-          - '@local'
-          - '@wheel'   # to allow access to all wheel modules
-          - '@runner'  # to allow access to all runner modules
-          - '@jobs'    # to allow access to the jobs runner and/or wheel mo
+          permissions: ${_param:salt_master_api_permissions}
   linux:
     system:
       user:
commit	bc52ba0abcdd755e30777c96543ea52317c0c4c8	[log] [tgz]
author	Ales Komarek <ales.komarek@newt.cz>	Fri Jan 13 08:53:36 2017 -0800
committer	Ales Komarek <ales.komarek@newt.cz>	Fri Jan 13 08:53:36 2017 -0800
tree	fab36585d7e8dc64a27deab9ab53d01abad04985
parent	a831609649a1d07a64aad6728173ed6a720bf4a3 [diff]