SHARE
TWEET

Untitled

a guest Apr 26th, 2019 50 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Pull in the upstream salt master formula.
  2. include:
  3.   - salt.minion
  4.  
  5. # Salt master public key
  6. master_pub:
  7.   file.managed:
  8.     - contents_pillar: secrets:salt-master:pub
  9.     {% if grains['kernel'] == 'Windows' %}
  10.     - name: 'C:\salt\conf\pki\minion\master.pub'
  11.     {% elif grains['kernel'] == 'Linux' %}
  12.     - name: '/etc/salt/pki/minion/master.pub'
  13.     - group: root
  14.     - mode: 0640
  15.     - user: root
  16.     {% endif %}
  17.  
  18. # Salt master PKI signing public key
  19. #
  20. # This allows minions to verify that they are connected to expected master(s).
  21. master_sign_pub:
  22.   file.managed:
  23.     - contents_pillar: secrets:salt-master-sign:pub
  24.     {% if grains['kernel'] == 'Windows' %}
  25.     - name: 'C:\salt\conf\pki\minion\master_sign.pub'
  26.     {% elif grains['kernel'] == 'Linux' %}
  27.     - name: '/etc/salt/pki/minion/master_sign.pub'
  28.     - group: root
  29.     - mode: 0640
  30.     - user: root
  31.     {% endif %}
  32.  
  33. # Extend salt-minion here to watch for file changes and restart.
  34. extend:
  35.   salt-minion:
  36.     service:
  37.       - running
  38.       - watch:
  39.         - master_pub
  40.         - master_sign_pub
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top