salt/minion/cert/rabbitmq/clients/openstack/ironic.yml - salt-models/reclass-system - Gitiles

 parameters:
   _param:
     salt_minion_ca_authority: salt_master_ca
     rabbitmq_ironic_client_ssl_key_file: /etc/ironic/ssl/rabbitmq/client-key.pem
     rabbitmq_ironic_client_ssl_cert_file: /etc/ironic/ssl/rabbitmq/client-cert.pem
     rabbitmq_ironic_ssl_ca_file: /etc/ironic/ssl/rabbitmq/ca-cert.pem
   salt:
     minion:
       cert:
         rabbitmq-ironic-client:
           enabled: ${_param:openstack_rabbitmq_x509_enabled}
           host: ${_param:salt_minion_ca_host}
           authority: ${_param:salt_minion_ca_authority}
           common_name: rabbitmq-ironic-client
           signing_policy: cert_client
           key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
           key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
           cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
           ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
           user: ironic
           group: ironic
           mode: 640
	parameters:
	_param:
	salt_minion_ca_authority: salt_master_ca
	rabbitmq_ironic_client_ssl_key_file: /etc/ironic/ssl/rabbitmq/client-key.pem
	rabbitmq_ironic_client_ssl_cert_file: /etc/ironic/ssl/rabbitmq/client-cert.pem
	rabbitmq_ironic_ssl_ca_file: /etc/ironic/ssl/rabbitmq/ca-cert.pem
	salt:
	minion:
	cert:
	rabbitmq-ironic-client:
	enabled: ${_param:openstack_rabbitmq_x509_enabled}
	host: ${_param:salt_minion_ca_host}
	authority: ${_param:salt_minion_ca_authority}
	common_name: rabbitmq-ironic-client
	signing_policy: cert_client
	key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
	key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
	cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
	ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
	user: ironic
	group: ironic
	mode: 640