| Vasyl Saienko | 550374d | 2018-09-18 11:43:02 +0300 | [diff] [blame] | 1 | parameters: |
| 2 | _param: |
| 3 | salt_minion_ca_host: ${linux:network:fqdn} |
| 4 | salt_minion_ca_authority: salt_master_ca |
| Mykyta Karpin | d1ecdb0 | 2018-10-11 13:11:39 +0300 | [diff] [blame^] | 5 | openstack_api_cert_alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_vip_address},DNS:${linux:system:name},DNS:${linux:network:fqdn},DNS:${_param:cluster_vip_address} |
| Vasyl Saienko | 550374d | 2018-09-18 11:43:02 +0300 | [diff] [blame] | 6 | openstack_api_cert_key_file: "/etc/ssl/private/openstack_api.key" |
| 7 | openstack_api_cert_cert_file: "/etc/ssl/certs/openstack_api.crt" |
| 8 | openstack_api_cert_all_file: "/etc/ssl/certs/openstack_api_with_chain.crt" |
| 9 | salt: |
| 10 | minion: |
| 11 | cert: |
| 12 | openstack_api: |
| 13 | host: ${_param:salt_minion_ca_host} |
| 14 | authority: ${_param:salt_minion_ca_authority} |
| 15 | common_name: openstack_api |
| 16 | signing_policy: cert_server |
| 17 | alternative_names: ${_param:openstack_api_cert_alternative_names} |
| 18 | key_file: ${_param:openstack_api_cert_key_file} |
| 19 | cert_file: ${_param:openstack_api_cert_cert_file} |
| 20 | all_file: ${_param:openstack_api_cert_all_file} |
| 21 | enabled: true |
| 22 | engine: salt |