Skip to content

Commit

Permalink
fix: Change certificates ownership
Browse files Browse the repository at this point in the history
  • Loading branch information
@cdalvaro
cdalvaro committed Nov 3, 2020
1 parent 8d2fa05 commit a277e05
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions assets/runtime/functions.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,8 +208,10 @@ function configure_salt_api()
echo "Configuring salt-api service ..."

CERTS_PATH=/etc/pki
SALT_API_KEY_FILE='docker-salt-master'
rm -rf "${CERTS_PATH}/tls/certs/*"
salt-call --local tls.create_self_signed_cert cacert_path="${CERTS_PATH}" CN=docker-salt-master
salt-call --local tls.create_self_signed_cert cacert_path="${CERTS_PATH}" CN="${SALT_API_KEY_FILE}"
chown "${SALT_USER}": "${CERTS_PATH}/tls/certs/${SALT_API_KEY_FILE}".{crt,key}

cat >> "${SALT_ROOT_DIR}/master" <<EOF
Expand All @@ -221,8 +223,8 @@ api_logfile: ${SALT_LOGS_DIR}/salt/api
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/docker-salt-master.crt
ssl_key: /etc/pki/tls/certs/docker-salt-master.key
ssl_crt: ${CERTS_PATH}/tls/certs/${SALT_API_KEY_FILE}.crt
ssl_key: ${CERTS_PATH}/tls/certs/${SALT_API_KEY_FILE}.key
EOF

# configure supervisord to start salt-api
Expand Down

0 comments on commit a277e05

Please sign in to comment.