Master Module - Add certs for Docker Registry

2025-12-06 09:12:45 +01:00 · 2018-06-04 11:11:17 -04:00
parent cf4d12e980
commit 5ee6f38980
2 changed files with 7 additions and 1 deletions
--- a/salt/master/files/registry/config.yml
+++ b/salt/master/files/registry/config.yml
@@ -11,6 +11,9 @@ http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
+  tls:
+    certificate: /etc/pki/registry.crt
+    key: /etc/pki/registry.key
 health:
  storagedriver:
    enabled: true
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -7,6 +7,7 @@
  x509.pem_managed:
    - text:  {{ salt['mine.get'](master, 'x509.get_pem_entries')[master]['/etc/pki/ca.crt']|replace('\n', '') }}

+{% if grains['role'] == 'so-master' %}
 # Request a cert and drop it where it needs to go to be distributed
 /etc/pki/filebeat.crt:
  x509.certificate_managed:
@@ -35,4 +36,6 @@
    - managed_private_key:
        name: /etc/pki/registry.key
        bits: 4096
-        backup: True
+        backup: True
+
+{% endif %}