salt/minion/cert/rabbitmq_server.yml - salt-models/reclass-system - Gitiles

 parameters:

   _param:
     salt_minion_ca_host: cfg01.${_param:cluster_domain}
     salt_minion_ca_authority: salt_master_ca

   salt:
     minion:
         cert:
           rabbitmq_server:
             host: ${_param:salt_minion_ca_host}
             authority: ${_param:salt_minion_ca_authority}
             common_name: rabbitmq_server
             signing_policy: cert_open
             alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
             key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
             key_file: ${rabbitmq:server:ssl:key_file}
             cert_file: ${rabbitmq:server:ssl:cert_file}
             all_file: ${rabbitmq:server:ssl:all_file}
             ca_file: ${rabbitmq:server:ssl:ca_file}
             user: rabbitmq
             group: rabbitmq
	parameters:

	_param:
	salt_minion_ca_host: cfg01.${_param:cluster_domain}
	salt_minion_ca_authority: salt_master_ca

	salt:
	minion:
	cert:
	rabbitmq_server:
	host: ${_param:salt_minion_ca_host}
	authority: ${_param:salt_minion_ca_authority}
	common_name: rabbitmq_server
	signing_policy: cert_open
	alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
	key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
	key_file: ${rabbitmq:server:ssl:key_file}
	cert_file: ${rabbitmq:server:ssl:cert_file}
	all_file: ${rabbitmq:server:ssl:all_file}
	ca_file: ${rabbitmq:server:ssl:ca_file}
	user: rabbitmq
	group: rabbitmq