Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Pull in the upstream salt master formula.
- include:
- - salt.minion
- # Salt master public key
- master_pub:
- file.managed:
- - contents_pillar: secrets:salt-master:pub
- {% if grains['kernel'] == 'Windows' %}
- - name: 'C:\salt\conf\pki\minion\master.pub'
- {% elif grains['kernel'] == 'Linux' %}
- - name: '/etc/salt/pki/minion/master.pub'
- - group: root
- - mode: 0640
- - user: root
- {% endif %}
- # Salt master PKI signing public key
- #
- # This allows minions to verify that they are connected to expected master(s).
- master_sign_pub:
- file.managed:
- - contents_pillar: secrets:salt-master-sign:pub
- {% if grains['kernel'] == 'Windows' %}
- - name: 'C:\salt\conf\pki\minion\master_sign.pub'
- {% elif grains['kernel'] == 'Linux' %}
- - name: '/etc/salt/pki/minion/master_sign.pub'
- - group: root
- - mode: 0640
- - user: root
- {% endif %}
- # Extend salt-minion here to watch for file changes and restart.
- extend:
- salt-minion:
- service:
- - running
- - watch:
- - master_pub
- - master_sign_pub
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement