cert-formula
A SaltStack formula to deploy certificates.
Table of Contents
General notes
See the full SaltStack Formulas installation and usage instructions.
If you are interested in writing or contributing to formulas, please pay attention to the Writing Formula Section.
If you want to use this formula, please pay attention to the FORMULA file and/or git tag,
which contains the currently released version. This formula is versioned according to Semantic Versioning.
See Formula Versioning Section for more details.
If you need (non-default) configuration, please refer to:
- how to configure the formula with map.jinja
- the
pillar.examplefile
Contributing to this repo
Commit message formatting is significant!!
Please see How to contribute for more details.
Available states
cert
Meta-state (This is a state that includes other states).
Deploys or removes given certificates and keys.
cert.package
This state will install the required packages to manage certificates.
cert.deployed
This state will write the certificates and there matching keys, if any, are store on disk and integrated in the system.
cert.updated
This state will run the certs_update_cmd command to integrate the deployed certificates on supported systems.
Available modules
cert_formula_helper.get_filenames_matching_content
A helper function to find certificate files that match certificate contents. Useful if a certificate file gets renamed to something you don't remember and have trouble finding a certificate you wish to remove.
Example
Example that finds all certificate files in /usr/local/share/ca-certificates matching the certificate contents found in the pillar data in cert:certlist:cert.filename:cert
salt-call cert_formula_helper.get_filenames_matching_content /usr/local/share/ca-certificates pillar_key="cert:certlist:cert.filename:cert"