| root | cf03eb8 | 2019-05-30 08:59:27 +0000 | [diff] [blame] | 1 | classes: |
| 2 | # Enabled ssl api by default |
| 3 | - system.salt.minion.cert.salt_api |
| 4 | - system.nginx.server.single |
| 5 | - system.nginx.server.proxy.ssl |
| 6 | - system.nginx.server.proxy.salt_api |
| Simon Pasquier | c8eeebc | 2017-01-13 13:47:19 +0100 | [diff] [blame] | 7 | parameters: |
| 8 | _param: |
| Tomáš Kukrál | 33cd256 | 2017-03-03 11:55:33 +0100 | [diff] [blame] | 9 | salt_master_api_port: 6969 |
| Ales Komarek | bc52ba0 | 2017-01-13 08:53:36 -0800 | [diff] [blame] | 10 | salt_master_api_permissions: |
| 11 | - '.*' |
| 12 | - '@local' |
| 13 | - '@wheel' # to allow access to all wheel modules |
| 14 | - '@runner' # to allow access to all runner modules |
| 15 | - '@jobs' # to allow access to the jobs runner and/or wheel mo |
| Simon Pasquier | c8eeebc | 2017-01-13 13:47:19 +0100 | [diff] [blame] | 16 | salt: |
| 17 | api: |
| 18 | enabled: true |
| 19 | bind: |
| root | cf03eb8 | 2019-05-30 08:59:27 +0000 | [diff] [blame] | 20 | address: ${_param:salt_master_api_bind_address} |
| Simon Pasquier | c8eeebc | 2017-01-13 13:47:19 +0100 | [diff] [blame] | 21 | port: ${_param:salt_master_api_port} |
| 22 | master: |
| 23 | command_timeout: 600 |
| 24 | user: |
| 25 | salt: |
| Ales Komarek | bc52ba0 | 2017-01-13 08:53:36 -0800 | [diff] [blame] | 26 | permissions: ${_param:salt_master_api_permissions} |
| Simon Pasquier | c8eeebc | 2017-01-13 13:47:19 +0100 | [diff] [blame] | 27 | linux: |
| 28 | system: |
| 29 | user: |
| 30 | salt: |
| 31 | enabled: true |
| 32 | name: salt |
| 33 | password: ${_param:salt_api_password_hash} |
| 34 | home: /var/tmp/salt |
| 35 | sudo: false |
| 36 | system: true |
| 37 | shell: /bin/false |