add sls file

README.md

+ถ้าต้องการ add key ใหม่ ต้องลบ ไฟล์ /etc/salt/pki/minion เพื่อ ลบ Key master เดิมออกไป
+ตรวจเช็ค Key salt-key -L
+ยืนยัน Key minion salt-key -a 'ชื่อ minion'
+ลบ Key salt-key -d 'ชื่อ minionง
+เช็คสถานะ minion salt '*' test.ping
+ถ้าต้องการรัน sls ไฟล์ต้องนำไฟล์ sls ไปไว้ใน /srv/salt/ แล้วใช้คำสั่ง salt '* หรือ ชื่อ minion' state.apply 'ชื่อ sls'
\ No newline at end of file

docker-compose.yml

@@ -7,10 +7,10 @@ services:
     container_name: salt-master
     hostname: salt-master
     restart: unless-stopped
-#    ports:
+    ports:
 #      - "44505:4505"  
 #      - "44506:4506"  
-#      - "48000:8000"  
+      - "8000:8000" 
     environment:
       - SALT_USER=saltuser
       - SALT_PASSWORD=saltpassword
@@ -28,6 +28,7 @@ services:
       - MASTER=salt-master
     volumes:
       - ./salt-minion:/etc/salt
+      - /var/run/docker.sock:/var/run/docker.sock
     networks:
       - salt-network
 

fullchain.pem

+-----BEGIN CERTIFICATE-----
+MIIDoDCCAyegAwIBAgISBNGETHFir0dOoi0nZS+/xXX0MAoGCCqGSM49BAMDMDIx
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
+NjAeFw0yNDA3MjMwOTUzNTFaFw0yNDEwMjEwOTUzNTBaMB8xHTAbBgNVBAMTFGZs
+b3dzdGFjay5uZXhpaW90LmlvMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB7dA
+ICNaw5bOvIjKNgMCD9YQLUfsv3jgnSIcdOfh3YLHjIuX83/Zi/XqJX+1MQEpt7Ub
+MmIWNv75kVVCaZhIQ6OCAi4wggIqMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUHwB4
+SVVJE2P+3KRTbmslLJKN7VowHwYDVR0jBBgwFoAUkydGmAOpUWiOmNbEQkjbI79Y
+lNIwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vZTYuby5sZW5j
+ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNi5pLmxlbmNyLm9yZy8wNwYDVR0R
+BDAwLoIWKi5mbG93c3RhY2submV4aWlvdC5pb4IUZmxvd3N0YWNrLm5leGlpb3Qu
+aW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA
+dgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAZDfOeSYAAAEAwBH
+MEUCIQD+ZTXdnzJhX6VDEyaA6No+M4nLDzR/xeVKlxre7/HG0gIgHd86A+FCp4RJ
+aidhTCG/rW6gpIStzgX1bwQQe8W1GNMAdgAZmBBxCfDWUi4wgNKeP2S7g24ozPkP
+Uo7u385KPxa0ygAAAZDfOeSmAAAEAwBHMEUCIQDYdpkjQ6w2RTT0frhFWj23k4EJ
+s+y7HK8IE5pLSUwomwIgSYSvz89+B3G/2NKNu7OcQDK4jpA47/Y4C+AoplswKoAw
+CgYIKoZIzj0EAwMDZwAwZAIwZmRJcBqIRkfJS+J5/kLdkvcYzOtte8K5fQeQsBwX
+eRNh+PQ+fa20Hqm0/N6r4R39AjBT17dHUdx0Qr5yJfukQJ3XX87rep0LHfRueDE0
+Wjmr2/CwRqDZrIWD6lt1aVLnxDc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
+h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
+6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
+v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
+MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
+pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
+eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
+pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
+s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
+h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
+YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
+ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
+LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
+EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
+Ig46v9mFmBvyH04=
+-----END CERTIFICATE-----

fullchain.pem:Zone.Identifier

+[ZoneTransfer]
+ZoneId=3
+ReferrerUrl=C:\Users\bakuk\Downloads\flowstack.nexiiot.io(1).zip

privkey.pem

+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgaqeCaQenvbyY4yvK
+J8b1ye9IY2/MtlY/A3PkHp7ijluhRANCAAQHt0AgI1rDls68iMo2AwIP1hAtR+y/
+eOCdIhx05+HdgseMi5fzf9mL9eolf7UxASm3tRsyYhY2/vmRVUJpmEhD
+-----END PRIVATE KEY-----

privkey.pem:Zone.Identifier

+[ZoneTransfer]
+ZoneId=3
+ReferrerUrl=C:\Users\bakuk\Downloads\flowstack.nexiiot.io(1).zip

salt-master/base.sls

+base:
+  "*":
+    - docker
+    - directory
+    - git
+    - generate
+    - compose

salt-master/checkdirectory.sls

+directory_status:
+  cmd.run:
+    - name: ls /usr/local/flowstack
+    - output: high
\ No newline at end of file

salt-master/checkversion.sls

+docker_ps_status:
+  cmd.run:
+    - name: docker images
+    # - output_file: /tmp/docker_ps_output.txt
+    - user: root
\ No newline at end of file

salt-master/compose-down.sls

+run_docker_compose_up:
+  cmd.run:
+    - name: docker compose down
+    - cwd: /usr/local/flowstack
+    - user: root
\ No newline at end of file

salt-master/compose-up.sls

+run_docker_compose_up:
+  cmd.run:
+    - name: docker compose up -d
+    - cwd: /usr/local/flowstack
+    - user: root
\ No newline at end of file

salt-master/configimage.sls

+config_image_compose:
+  cmd.run:
+    - name: |
+        sed -i "s/^FLOWSTACK_NANOMQ_USERNAME=.*/FLOWSTACK_NANOMQ_USERNAME={{ pillar['name'] }}/" /usr/local/flowstack/.env
+    - runas: root  # ใช้สิทธิ์ root
+    - onlyif: grep -q "^FLOWSTACK_NANOMQ_USERNAME=" /usr/local/flowstack/.env  # ทำงานเฉพาะเมื่อมี FLOWSTACK_NANOMQ_USERNAME ในไฟล์

salt-master/docker/init.sls

@@ -40,6 +40,7 @@ install_docker_packages:
       - containerd.io
       - docker-buildx-plugin
       - docker-compose-plugin
+    - refresh: true  # This will run 'apt-get update' before installing
     - require:
       - cmd: add_docker_repository
 

salt-master/dockerps.sls

+docker_ps_status:
+  cmd.run:
+    - name: docker ps
+    # - output_file: /tmp/docker_ps_output.txt
+    - user: root
\ No newline at end of file

salt-master/example.sls

+{% set url = "http://localhost:58081" %}
+{% set username = "contact@nexpie.com" %}
+{% set password = "nexpie2023" %}
+{% set domain = "flowstack.nexiiot.io" %}
+{% set email = "contact@nexpie.com" %}
+{% set private_key_path = "/home/bakukan2008/saltstack/privkey.pem" %}
+{% set certificate_path = "/home/bakukan2008/saltstack/fullchain.pem" %}
+
+# ดึง Token
+get_token:
+  cmd.run:
+    - name: >
+        curl -s -X POST -H "Content-Type: application/json" 
+        -d '{"identity": "{{ username }}", "secret": "{{ password }}"}' 
+        {{ url }}/api/tokens
+    - output_loglevel: debug
+    - require:
+      - cmd: install_jq
+
+# สร้างใบรับรองด้วย Custom Certificate Key และ Certificate
+create_certificate:
+  cmd.run:
+    - name: >
+        curl -s -X POST -H "Content-Type: application/json" 
+        -H "Authorization: Bearer {{ npm_token }}" 
+        -d '{
+              "nice_name": "{{ domain }}",
+              "domain_names": ["{{ domain }}"],
+              "provider": "custom",
+              "meta": { 
+                  "letsencrypt_email": "{{ email }}", 
+                  "letsencrypt_agree": true, 
+                  "dns_challenge": false
+              },
+              "key": "{{ salt['cmd.shell']('cat ' ~ private_key_path) | replace("\n", "\\n") }}",
+              "certificate": "{{ salt['cmd.shell']('cat ' ~ certificate_path) | replace("\n", "\\n") }}"
+            }'
+        {{ url }}/api/nginx/certificates
+    - output_loglevel: debug
+    - require:
+      - cmd: get_token
+
+# สร้าง HTTPS Proxy
+create_https_proxy:
+  cmd.run:
+    - name: >
+        curl -s -X POST -H "Content-Type: application/json" 
+        -H "Authorization: Bearer {{ npm_token }}" 
+        -d '{"domain_names": ["{{ domain }}"], "forward_host": "{{ forward_host }}", "forward_port": {{ forward_port }}, "forward_scheme": "http", "certificate_id": {{ ssl_id }}, "meta": {"letsencrypt_email": "{{ email }}", "letsencrypt_agree": true, "dns_challenge": false, "nginx_online": true, "nginx_err": null }, "allow_websocket_upgrade": 1, "ssl_forced": 1, "enabled": 1}'
+        {{ url }}/api/nginx/proxy-hosts
+    - output_loglevel: debug
+    - require:
+      - cmd: create_certificate

salt-master/example/fullchain.pem

+-----BEGIN CERTIFICATE-----
+MIIDoDCCAyegAwIBAgISBNGETHFir0dOoi0nZS+/xXX0MAoGCCqGSM49BAMDMDIx
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
+NjAeFw0yNDA3MjMwOTUzNTFaFw0yNDEwMjEwOTUzNTBaMB8xHTAbBgNVBAMTFGZs
+b3dzdGFjay5uZXhpaW90LmlvMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB7dA
+ICNaw5bOvIjKNgMCD9YQLUfsv3jgnSIcdOfh3YLHjIuX83/Zi/XqJX+1MQEpt7Ub
+MmIWNv75kVVCaZhIQ6OCAi4wggIqMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUHwB4
+SVVJE2P+3KRTbmslLJKN7VowHwYDVR0jBBgwFoAUkydGmAOpUWiOmNbEQkjbI79Y
+lNIwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vZTYuby5sZW5j
+ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNi5pLmxlbmNyLm9yZy8wNwYDVR0R
+BDAwLoIWKi5mbG93c3RhY2submV4aWlvdC5pb4IUZmxvd3N0YWNrLm5leGlpb3Qu
+aW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA
+dgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAZDfOeSYAAAEAwBH
+MEUCIQD+ZTXdnzJhX6VDEyaA6No+M4nLDzR/xeVKlxre7/HG0gIgHd86A+FCp4RJ
+aidhTCG/rW6gpIStzgX1bwQQe8W1GNMAdgAZmBBxCfDWUi4wgNKeP2S7g24ozPkP
+Uo7u385KPxa0ygAAAZDfOeSmAAAEAwBHMEUCIQDYdpkjQ6w2RTT0frhFWj23k4EJ
+s+y7HK8IE5pLSUwomwIgSYSvz89+B3G/2NKNu7OcQDK4jpA47/Y4C+AoplswKoAw
+CgYIKoZIzj0EAwMDZwAwZAIwZmRJcBqIRkfJS+J5/kLdkvcYzOtte8K5fQeQsBwX
+eRNh+PQ+fa20Hqm0/N6r4R39AjBT17dHUdx0Qr5yJfukQJ3XX87rep0LHfRueDE0
+Wjmr2/CwRqDZrIWD6lt1aVLnxDc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
+h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
+6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
+v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
+MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
+pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
+eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
+pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
+s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
+h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
+YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
+ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
+LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
+EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
+Ig46v9mFmBvyH04=
+-----END CERTIFICATE-----

salt-master/example/init-original.bash

+#!/bin/bash
+# Function to check for errors in the response
+check_for_error() {
+  local response=$1
+  local error=$(echo $response | jq -r '.error')
+  if [ "$error" != "null" ]; then
+    echo "Error: $(echo $response | jq -r '.error')"
+    exit 1
+  fi
+}
+
+# Function to get the token
+get_token() {
+   
+  # echo "111"
+
+  local URL=$1
+  local USERNAME=$2
+  local PASSWORD=$3
+
+  urlGetToken=$URL'/api/tokens'
+  # Create JSON payload
+  payload=$(cat <<EOF
+{
+    "identity": "$USERNAME",
+    "secret": "$PASSWORD"
+}
+EOF
+  )
+
+  # Request for token
+  # echo "Requesting token from: ${urlGetToken}"
+  response=$(curl -s -X POST -H "Content-Type: application/json" -d "$payload" "$urlGetToken")
+  # echo $urlGetToken $payload
+
+  # Check for error in response
+  # status=$(check_for_error "$response")
+  # echo $status
+  # NPM_TOKEN=$(echo $response | jq -r '.token')
+  # Print token
+  # echo "NPM_TOKEN: $NPM_TOKEN"
+  echo $response #| jq -r '.token'
+}
+
+
+# Function to create a certificate
+create_certificate() {
+  local URL=$1
+  local domain=$2
+  local email=$3
+  local token=$4
+
+  cert_url="$URL/api/nginx/certificates"
+  cert_payload=$(cat <<EOF
+{
+    "provider": "letsencrypt",
+    "nice_name": "$domain",
+    "domain_names": ["$domain"],
+    "meta": { 
+        "letsencrypt_email": "$email", 
+        "letsencrypt_agree": true, 
+        "dns_challenge": false
+    }
+}
+EOF
+)
+
+  # Send POST request to create certificate
+  cert_response=$(curl -s -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$cert_payload" "$cert_url")
+
+  # Check for error in certificate response
+  # check_for_error "$cert_response"
+
+  # # Print certificate response
+  # echo "Certificate response: $cert_response"
+
+  # # Extract SSL ID
+  # SSL_ID=$(echo $cert_response | jq -r '.id')
+  echo $cert_response
+}
+
+# Function to create a proxy
+create_https_proxy() {
+  local URL=$1
+  local domain=$2
+  local forward_host=$3
+  local forward_port=$4
+  local email=$5
+  local token=$6
+  local SSL_ID=$7
+
+  # Create certificate and get SSL ID
+  cert_response=$(create_certificate "$URL" "$domain" "$email" "$token")
+  echo "$cert_response"
+  check_for_error "$cert_response"
+  SSL_ID=$(echo $cert_response | jq -r '.id')
+  echo 'SSL_ID:' $SSL_ID
+
+  proxy_url="$URL/api/nginx/proxy-hosts"
+  proxy_payload=$(cat <<EOF
+{ 
+    "domain_names": ["$domain"], 
+    "forward_host": "$forward_host", 
+    "forward_port": $forward_port, 
+    "forward_scheme": "http", 
+    "certificate_id": $SSL_ID, 
+    "meta": { 
+        "letsencrypt_email": "$email", 
+        "letsencrypt_agree": true, 
+        "dns_challenge": false, 
+        "nginx_online": true, 
+        "nginx_err": null }, 
+    "allow_websocket_upgrade": 1,
+    "ssl_forced": 1, 
+    "enabled": 1 
+}
+EOF
+)
+
+  # Send POST request to create proxy
+  proxy_response=$(curl -s -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$proxy_payload" "$proxy_url")
+
+  # Check for error in proxy response
+  check_for_error "$proxy_response"
+
+  # Print proxy response
+  echo "HTTPS Proxy response: $proxy_response"
+}
+
+
+# Function to create a proxy without SSL
+create_http_proxy() {
+  local URL=$1
+  local domain=$2
+  local forward_host=$3
+  local forward_port=$4
+  local token=$5
+
+  proxy_url="$URL/api/nginx/proxy-hosts"
+  proxy_payload=$(cat <<EOF
+{ 
+    "domain_names": ["$domain"], 
+    "forward_host": "$forward_host", 
+    "forward_port": $forward_port, 
+    "allow_websocket_upgrade": 1,
+    "forward_scheme": "http"
+}
+EOF
+  )
+
+  # Send POST request to create proxy
+  proxy_response=$(curl -s -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$proxy_payload" "$proxy_url")
+
+  # Check for error in proxy response
+  check_for_error "$proxy_response"
+
+  # Print proxy response
+  echo "HTTP Proxy response: $proxy_response"
+}
+# Main script execution
+main() {
+  local URL=$1 #http://flowstack.internet-th.com:58080
+  local USERNAME=$2 #contact@nexpie.com
+  local PASSWORD=$3 #4824913d320d49668d7806f0c8159ccc
+  local domain_flowstack=$4 #flowstack.internet-th.com
+  local domain_grafana=$5 #grafana-flowstack.internet-th.com
+  local domain_scada=$6 #scada-flowstack.internet-th.com
+  local NPM_LOCAL=$NPM_LOCAL
+  echo NPM_LOCAL: $NPM_LOCAL
+  local email=$USERNAME  #$5
+  local forward_flowstack_host="flowstack" #$3
+  local forward_flowstack_port=80 #$4
+  local forward_grafana_host="grafana" #$3
+  local forward_grafana_port=3000 #$4
+  local forward_scada_host="fuxa-scada" #$3
+  local forward_scada_port=1881 #$4
+  # local token=""
+  # URL="http://myubuntu:8081"
+
+  # NPM_TOKEN=
+  # FLOWSTACK_URL=myubuntu.io
+
+  # Get token
+  echo $USERNAME
+  echo $PASSWORD
+  echo $URL
+
+  # while ! curl -s http://localhost:81 > /dev/null; do
+  #     echo "Waiting for Nginx Proxy Manager to be ready..."
+  #     sleep 5
+  # done
+
+
+  response=$(get_token "$URL" "$USERNAME" "$PASSWORD") 
+  echo 'response'
+  check_for_error "$response"
+  # NPM_TOKEN=$response
+  NPM_TOKEN=$(echo $response | jq -r '.token')
+  echo 'NPM_TOKEN:'$NPM_TOKEN
+
+  if [ "$NPM_LOCAL" == "false" ]; then
+    # Create HTTP proxy
+    create_https_proxy "$URL" "$domain_flowstack" "$forward_flowstack_host" "$forward_flowstack_port" "$email" "$NPM_TOKEN" "$SSL_ID"
+    # create_https_proxy "$URL" "$domain_grafana" "$forward_grafana_host" "$forward_grafana_port" "$email" "$NPM_TOKEN" "$SSL_ID"
+    # create_https_proxy "$URL" "$domain_scada" "$forward_scada_host" "$forward_scada_port" "$email" "$NPM_TOKEN" "$SSL_ID"
+
+  else
+    # Create proxy with SSL
+    create_http_proxy "$URL" "$domain_flowstack" "$forward_flowstack_host" "$forward_flowstack_port" "$NPM_TOKEN"
+    # create_http_proxy "$URL" "$domain_grafana" "$forward_grafana_host" "$forward_grafana_port" "$NPM_TOKEN"
+    # create_http_proxy "$URL" "$domain_scada" "$forward_scada_host" "$forward_scada_port" "$NPM_TOKEN"
+
+  fi
+
+
+}
+
+# Execute main function with provided arguments
+main "$@"

salt-master/example/init.bash

+#!/bin/bash
+
+# Function to check for errors in the response
+check_for_error() {
+  local response=$1
+  local error=$(echo $response | jq -r '.error')
+  if [ "$error" != "null" ]; then
+    echo "Error: $(echo $response | jq -r '.error')"
+    exit 1
+  fi
+}
+
+# Function to get the token
+get_token() {
+  local URL=$1
+  local USERNAME=$2
+  local PASSWORD=$3
+
+  urlGetToken=$URL'/api/tokens'
+  payload=$(cat <<EOF
+{
+    "identity": "$USERNAME",
+    "secret": "$PASSWORD"
+}
+EOF
+  )
+
+  response=$(curl -s -X POST -H "Content-Type: application/json" -d "$payload" "$urlGetToken")
+  echo $response
+}
+
+# Function to create a certificate with custom key and certificate
+create_certificate() {
+  local URL=$1
+  local domain=$2
+  local email=$3
+  local token=$4
+  local private_key_path=$5
+  local certificate_path=$6
+
+  # Read the contents of the key and certificate files
+  private_key=$(cat "$private_key_path" | sed ':a;N;$!ba;s/\n/\\n/g')
+  certificate=$(cat "$certificate_path" | sed ':a;N;$!ba;s/\n/\\n/g')
+
+  cert_url="$URL/api/nginx/certificates"
+  cert_payload=$(cat <<EOF
+{
+    "provider": "custom",
+    "nice_name": "$domain",
+    "domain_names": ["$domain"],
+    "meta": { 
+        "letsencrypt_email": "$email", 
+        "letsencrypt_agree": true, 
+        "dns_challenge": false
+    },
+    "key": "$private_key",
+    "certificate": "$certificate"
+}
+EOF
+)
+
+  # Send POST request to create certificate
+  cert_response=$(curl -s -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$cert_payload" "$cert_url")
+  echo $cert_response
+}
+
+# Function to create a proxy with SSL using the created certificate
+create_https_proxy() {
+  local URL=$1
+  local domain=$2
+  local forward_host=$3
+  local forward_port=$4
+  local email=$5
+  local token=$6
+  local private_key_path=$7
+  local certificate_path=$8
+
+  # Create certificate and get SSL ID
+  cert_response=$(create_certificate "$URL" "$domain" "$email" "$token" "$private_key_path" "$certificate_path")
+  echo "$cert_response"
+  check_for_error "$cert_response"
+  SSL_ID=$(echo $cert_response | jq -r '.id')
+  echo 'SSL_ID:' $SSL_ID
+
+  proxy_url="$URL/api/nginx/proxy-hosts"
+  proxy_payload=$(cat <<EOF
+{ 
+    "domain_names": ["$domain"], 
+    "forward_host": "$forward_host", 
+    "forward_port": $forward_port, 
+    "forward_scheme": "http", 
+    "certificate_id": $SSL_ID, 
+    "meta": { 
+        "letsencrypt_email": "$email", 
+        "letsencrypt_agree": true, 
+        "dns_challenge": false, 
+        "nginx_online": true, 
+        "nginx_err": null 
+    }, 
+    "allow_websocket_upgrade": 1,
+    "ssl_forced": 1, 
+    "enabled": 1 
+}
+EOF
+)
+
+  # Send POST request to create proxy
+  proxy_response=$(curl -s -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$proxy_payload" "$proxy_url")
+  check_for_error "$proxy_response"
+  echo "HTTPS Proxy response: $proxy_response"
+}
+
+# Main script execution
+main() {
+  local URL=$1
+  local USERNAME=$2
+  local PASSWORD=$3
+  local domain_flowstack=$4
+  local domain_grafana=$5
+  local domain_scada=$6
+  local NPM_LOCAL=$NPM_LOCAL
+  local email=$USERNAME
+  local forward_flowstack_host="flowstack"
+  local forward_flowstack_port=80
+  local forward_grafana_host="grafana"
+  local forward_grafana_port=3000
+  local forward_scada_host="fuxa-scada"
+  local forward_scada_port=1881
+  local private_key_path="/path/to/private.key"  # Specify your path
+  local certificate_path="/path/to/certificate.crt"  # Specify your path
+
+  response=$(get_token "$URL" "$USERNAME" "$PASSWORD")
+  check_for_error "$response"
+  NPM_TOKEN=$(echo $response | jq -r '.token')
+  echo 'NPM_TOKEN:'$NPM_TOKEN
+
+  if [ "$NPM_LOCAL" == "false" ]; then
+    # Create HTTPS proxy with SSL
+    create_https_proxy "$URL" "$domain_flowstack" "$forward_flowstack_host" "$forward_flowstack_port" "$email" "$NPM_TOKEN" "$private_key_path" "$certificate_path"
+    create_https_proxy "$URL" "$domain_grafana" "$forward_grafana_host" "$forward_grafana_port" "$email" "$NPM_TOKEN" "$private_key_path" "$certificate_path"
+    create_https_proxy "$URL" "$domain_scada" "$forward_scada_host" "$forward_scada_port" "$email" "$NPM_TOKEN" "$private_key_path" "$certificate_path"
+  else
+    # Create HTTP proxy without SSL
+    create_http_proxy "$URL" "$domain_flowstack" "$forward_flowstack_host" "$forward_flowstack_port" "$NPM_TOKEN"
+    create_http_proxy "$URL" "$domain_grafana" "$forward_grafana_host" "$forward_grafana_port" "$NPM_TOKEN"
+    create_http_proxy "$URL" "$domain_scada" "$forward_scada_host" "$forward_scada_port" "$NPM_TOKEN"
+  fi
+}
+
+# Execute main function with provided arguments
+main "$@"

salt-master/example/privkey.pem

+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgaqeCaQenvbyY4yvK
+J8b1ye9IY2/MtlY/A3PkHp7ijluhRANCAAQHt0AgI1rDls68iMo2AwIP1hAtR+y/
+eOCdIhx05+HdgseMi5fzf9mL9eolf7UxASm3tRsyYhY2/vmRVUJpmEhD
+-----END PRIVATE KEY-----

salt-master/example/proxy-5.internet-th.com.conf

+server {
+    listen 80;
+
+    server_name proxy-5.internet-th.com;
+
+    location / {
+        proxy_pass http://m.internet-th.com:81;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}

salt-master/example/test.bash

+#!/bin/bash
+
+# Set global variables (replace these with actual values or export them as environment variables)
+pUri="http://localhost:58081"  # Replace with actual URI
+username="contact@nexpie.com"   # Replace with actual username
+password="nexpie2023"           # Replace with actual password
+
+# Construct the URL for the API request
+url="${pUri}/api/tokens"
+
+# Prepare the payload for the POST request
+payload=$(cat <<EOF
+{
+    "identity": "$username",
+    "secret": "$password"
+}
+EOF
+)
+
+# Send the HTTP POST request
+response=$(curl -s -X POST -H "Content-Type: application/json" -d "$payload" "$url")
+
+# Print the response
+echo "Response: $response"

salt-master/gitcheck.sls

+dockercompose_status:
+  cmd.run:
+    - name: ls /usr/local/flowstack/docker-compose.yml
+    - output: high
+env_status:
+    cmd.run:
+    - name: ls /usr/local/flowstack/.env
+    - output: high
\ No newline at end of file

salt-master/install-package.sls

+install_packages:
+  pkg.installed:
+    - pkgs:
+{% if pillar.get('name') %}
+      - {{ pillar['name'] }}
+{% endif %}
+    - refresh: true  # This will run 'apt-get update' before installing
+#salt '*' state.apply install-package pillar='{"name": "curl"}'
\ No newline at end of file

salt-master/install.sls

-generate_env_password:
-  cmd.run:
-    - name: |
-        PASSWORD=$(openssl rand -base64 18)  
-        PASSWORD1=$(openssl rand -base64 18)  
-        POSTGRES_PASSWORD=$(openssl rand -base64 18)
-        MONGODB_PASSWORD=$(openssl rand -base64 18)
-        INFLUXDB_ADMIN_PASSWORD=$(openssl rand -base64 18)
-        INFLUXDB_ADMIN_TOKEN=$(openssl rand -base64 18)
-        NPM_INIT_PASSWORD=$(openssl rand -base64 18)
-        CLOUDBEAVER_ADMIN_PASSWORD=$(openssl rand -base64 18)
-        FLOWSTACK_ADMINISTRATOR_PASSWORD=$(openssl rand -base64 18)
-        FLOWSTACK_NANOMQ_PASSWORD=$(openssl rand -base64 18)
-        GRAFANA_SECURITY_ADMIN_PASSWORD=$(openssl rand -base64 18)
-      
-        sed -i "s/^ENV_PASSWORD=.*/ENV_PASSWORD=$PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^ENV_PASSWORD1=.*/ENV_PASSWORD1=$PASSWORD1/" /usr/local/flowstack/.env
-        sed -i "s/^POSTGRES_PASSWORD=.*/POSTGRES_PASSWORD=$POSTGRES_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^MONGODB_PASSWORD=.*/MONGODB_PASSWORD=$MONGODB_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^INFLUXDB_ADMIN_PASSWORD=.*/INFLUXDB_ADMIN_PASSWORD=$INFLUXDB_ADMIN_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^INFLUXDB_ADMIN_TOKEN=.*/INFLUXDB_ADMIN_TOKEN=$INFLUXDB_ADMIN_TOKEN/" /usr/local/flowstack/.env
-        sed -i "s/^NPM_INIT_PASSWORD=.*/NPM_INIT_PASSWORD=$NPM_INIT_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^CLOUDBEAVER_ADMIN_PASSWORD=.*/CLOUDBEAVER_ADMIN_PASSWORD=$CLOUDBEAVER_ADMIN_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^FLOWSTACK_ADMINISTRATOR_PASSWORD=.*/FLOWSTACK_ADMINISTRATOR_PASSWORD=$FLOWSTACK_ADMINISTRATOR_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^FLOWSTACK_NANOMQ_PASSWORD=.*/FLOWSTACK_NANOMQ_PASSWORD=$FLOWSTACK_NANOMQ_PASSWORD/" /usr/local/flowstack/.env
-        sed -i "s/^GRAFANA_SECURITY_ADMIN_PASSWORD=.*/GRAFANA_SECURITY_ADMIN_PASSWORD=$GRAFANA_SECURITY_ADMIN_PASSWORD/" /usr/local/flowstack/.env
-        
-    - runas: root  # ใช้สิทธิ์ root
-    - onlyif: grep -q "^ENV_PASSWORD=" /usr/local/flowstack/.env  # ทำงานเฉพาะเมื่อมี ENV_PASSWORD ในไฟล์
-    - onlyif: grep -q "^ENV_PASSWORD1=" /usr/local/flowstack/.env  
-    - onlyif: grep -q "^POSTGRES_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^MONGODB_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^INFLUXDB_ADMIN_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^INFLUXDB_ADMIN_TOKEN=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^NPM_INIT_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^CLOUDBEAVER_ADMIN_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^FLOWSTACK_ADMINISTRATOR_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^FLOWSTACK_NANOMQ_PASSWORD=" /usr/local/flowstack/.env
-    - onlyif: grep -q "^GRAFANA_SECURITY_ADMIN_PASSWORD=" /usr/local/flowstack/.env
-
-add_env_password:
-  cmd.run:
-    - name: |
-        PASSWORD=$(openssl rand -base64 18)  
-        PASSWORD1=$(openssl rand -base64 18)  
-        POSTGRES_PASSWORD=$(openssl rand -base64 18)
-        MONGODB_PASSWORD=$(openssl rand -base64 18)
-        INFLUXDB_ADMIN_PASSWORD=$(openssl rand -base64 18)
-        INFLUXDB_ADMIN_TOKEN=$(openssl rand -base64 18)
-        NPM_INIT_PASSWORD=$(openssl rand -base64 18)
-        CLOUDBEAVER_ADMIN_PASSWORD=$(openssl rand -base64 18)
-        FLOWSTACK_ADMINISTRATOR_PASSWORD=$(openssl rand -base64 18)
-        FLOWSTACK_NANOMQ_PASSWORD=$(openssl rand -base64 18)
-        GRAFANA_SECURITY_ADMIN_PASSWORD=$(openssl rand -base64 18)
-        
-        echo "ENV_PASSWORD=$PASSWORD" >> /usr/local/flowstack/.env
-        echo "ENV_PASSWORD1=$PASSWORD1" >> /usr/local/flowstack/.env
-        echo "POSTGRES_PASSWORD=$POSTGRES_PASSWORD" >> /usr/local/flowstack/.env
-        echo "MONGODB_PASSWORD=$MONGODB_PASSWORD" >> /usr/local/flowstack/.env
-        echo "INFLUXDB_ADMIN_PASSWORD=$INFLUXDB_ADMIN_PASSWORD" >> /usr/local/flowstack/.env
-        echo "INFLUXDB_ADMIN_TOKEN=$INFLUXDB_ADMIN_TOKEN" >> /usr/local/flowstack/.env
-        echo "NPM_INIT_PASSWORD=$NPM_INIT_PASSWORD" >> /usr/local/flowstack/.env
-        echo "CLOUDBEAVER_ADMIN_PASSWORD=$CLOUDBEAVER_ADMIN_PASSWORD" >> /usr/local/flowstack/.env
-        echo "FLOWSTACK_ADMINISTRATOR_PASSWORD=$FLOWSTACK_ADMINISTRATOR_PASSWORD" >> /usr/local/flowstack/.env
-        echo "FLOWSTACK_NANOMQ_PASSWORD=$FLOWSTACK_NANOMQ_PASSWORD" >> /usr/local/flowstack/.env
-        echo "GRAFANA_SECURITY_ADMIN_PASSWORD=$GRAFANA_SECURITY_ADMIN_PASSWORD" >> /usr/local/flowstack/.env
-    - runas: root
-    - unless: grep -q "^ENV_PASSWORD=" /usr/local/flowstack/.env  # ทำงานเฉพาะเมื่อไม่มี ENV_PASSWORD ในไฟล์
-    - unless: grep -q "^ENV_PASSWORD1=" /usr/local/flowstack/.env  
-    - unless: grep -q "^POSTGRES_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^MONGODB_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^INFLUXDB_ADMIN_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^INFLUXDB_ADMIN_TOKEN=" /usr/local/flowstack/.env
-    - unless: grep -q "^NPM_INIT_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^CLOUDBEAVER_ADMIN_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^FLOWSTACK_ADMINISTRATOR_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^FLOWSTACK_NANOMQ_PASSWORD=" /usr/local/flowstack/.env
-    - unless: grep -q "^GRAFANA_SECURITY_ADMIN_PASSWORD=" /usr/local/flowstack/.env

salt-master/servicedocker.sls

+directory_status:
+  cmd.run:
+    - name: systemctl | grep "docker.service"
+    - output: high
\ No newline at end of file

salt-minion/fullchain.pem

+-----BEGIN CERTIFICATE-----
+MIIDoDCCAyegAwIBAgISBNGETHFir0dOoi0nZS+/xXX0MAoGCCqGSM49BAMDMDIx
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
+NjAeFw0yNDA3MjMwOTUzNTFaFw0yNDEwMjEwOTUzNTBaMB8xHTAbBgNVBAMTFGZs
+b3dzdGFjay5uZXhpaW90LmlvMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB7dA
+ICNaw5bOvIjKNgMCD9YQLUfsv3jgnSIcdOfh3YLHjIuX83/Zi/XqJX+1MQEpt7Ub
+MmIWNv75kVVCaZhIQ6OCAi4wggIqMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUHwB4
+SVVJE2P+3KRTbmslLJKN7VowHwYDVR0jBBgwFoAUkydGmAOpUWiOmNbEQkjbI79Y
+lNIwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vZTYuby5sZW5j
+ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNi5pLmxlbmNyLm9yZy8wNwYDVR0R
+BDAwLoIWKi5mbG93c3RhY2submV4aWlvdC5pb4IUZmxvd3N0YWNrLm5leGlpb3Qu
+aW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA
+dgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAZDfOeSYAAAEAwBH
+MEUCIQD+ZTXdnzJhX6VDEyaA6No+M4nLDzR/xeVKlxre7/HG0gIgHd86A+FCp4RJ
+aidhTCG/rW6gpIStzgX1bwQQe8W1GNMAdgAZmBBxCfDWUi4wgNKeP2S7g24ozPkP
+Uo7u385KPxa0ygAAAZDfOeSmAAAEAwBHMEUCIQDYdpkjQ6w2RTT0frhFWj23k4EJ
+s+y7HK8IE5pLSUwomwIgSYSvz89+B3G/2NKNu7OcQDK4jpA47/Y4C+AoplswKoAw
+CgYIKoZIzj0EAwMDZwAwZAIwZmRJcBqIRkfJS+J5/kLdkvcYzOtte8K5fQeQsBwX
+eRNh+PQ+fa20Hqm0/N6r4R39AjBT17dHUdx0Qr5yJfukQJ3XX87rep0LHfRueDE0
+Wjmr2/CwRqDZrIWD6lt1aVLnxDc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
+h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
+6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
+v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
+MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
+pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
+eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
+pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
+s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
+h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
+YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
+ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
+LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
+EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
+Ig46v9mFmBvyH04=
+-----END CERTIFICATE-----

salt-minion/pki/minion/minion.pem

 -----BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEApvkG6jgnecMZisMwHe9VbKOrv/QBhPnwAuoKWonEy43iBmgS
-5Oi5TNWd8HYsAI+x4P+iVDkt+Hd9czndzK+GGDdChOkHz0ZWxtllSZ2nUsJN035l
-E+R44A9AmvZpyuNbouvzd9ng2QoYwIlHVxod35cYZoN4hxXiYUcBuWrowGg947JD
-PdBhxyVqmVpPjyqeaibhrs4Yz4wXGPFjXljVNczPE+giowEXiWtEkc7v6UK7wpkI
-X8mzLVgQBKlQbCLGokJr8tFwumZAPK36tthQr4h9r5yyPOA4so70gVrLbY8xm/Hm
-g1/maEVWFOlhy1zbgVp3dOUfuwefVo0l+K1qGQIDAQABAoIBAAoxuZGawJQ/TGOr
-s5gcSOWjX4TOb7pP7S6sXdn1v9lirfpQp9ioecm+YBBykpCtNUHEscM9I3igSP08
-OvW4gLIhS5MkTBkEVR96XeP+91yG5uwC80Zh5FxfqgTcBwz/URSzHbADUiZGJsk4
-iG3BtzGzvqZhn/31YNcqF+mbZJ78lQhCS/IBSbfXfc5DmUR4i9cQ+1micC6FZ17z
-n7CP2DIHHcZLfyTfdtEl7Ku5RCL+Z+eEJY7tIz/BpxbsSPjCXyusNkfZY0DjHTPE
-CvUlM8OSxXgvmKxKflukgXs+RrUn265cbZ4hGI2K/rEUxMRZtVvCxDxu6aIOwpb/
-tcfdIBUCgYEAxlfgNazYKlyQ74QXfgAVY0Al/V8M4HrVSMyz3hlM5kosCzqjyXQM
-SsV3WVD9oh5izSqSVZfJ+STaeKZcGyL+4oz1GmkxmDxTH7DXMaJXUsRucvKzgDfg
-XdNeOBbBFujbzN3g1nEZiDAINGLfEk59GPKuMp5DpVsPRLO7x4cGVUUCgYEA14Km
-fEvfTEgQvIzcm8d+RDGtLenAj1zBDLAEeS590TW6l/bO8u+Ljn1eDrBKcWWPRpZc
-AsywXUDAVRByKdB/+omPqzOf3wA38SD18ggAZdotP8vMTSuVr8XIdOce+ohoSpvM
-YbCxEzXSC8sfe0pdCRTMjAkNsirXcWFc9JWVXMUCgYEAuHhYjnNgZR3MqweGteir
-+7BY5Os3VbzIi7nffCy5yeGoTxVN6fqlyBEaLJbYHqT2LW1vxm2zKqZtDxNizNZi
-iyCggdzehIFuqiXWL1KWtuL8+qnh6tmNMpZ4pd/73Cvc6hBeofN01KYfq2FdqXAY
-h1CGVYu+zJcBf1tOxYc+i6UCgYEA1HIR5sPwm0ULYqPFsbdGDLmfy3v7/Bdmozg9
-IKypEPzTNYzy0187BrslZnt41zJTvDTq/UOEtFjpgLGWqQvFrVfADff1KKMRgp2I
-dhBXPBCIvLQNcSF/DOh/RGa2Dik8DhhpsP+6f4J1znRtU1+qORKM1ZrzKmi7OyTM
-urteozUCgYBM4hT++ppOP4Z6tF+fpw30JzkR3PSnB5vuxxlanYdz+Q4K5uj0V6T9
-UMUIuRijWhkOhFelQ142IxS1RaHI2FhmP3SosmmBP37BRx+rTybkCWgQ9MJNY0lb
-iZrOgXKv9aLPv72FdsExwarcQ4PLjU6hcMXpQQgXaCuirVA9qiwIqw==
+MIIEowIBAAKCAQEAuGZEQjyXj+NNtghHLI+LjdAEg7WY9KN5zrv7miHPLpJJDtWr
+CyK+IMRoMZG7c/570oWCiJa9CcqWYr5A2okqUJOkQRHW61KKXV2X9UnHKEA9LX3y
+JAbnyKtKKU3o1um1Hqmce3CwhI2sqfX7Awg1Wc7zQLksb3YUjOxy273bqhsnc7T+
+duuJfNAunNphzIOmy05bOwE3v0GlRgwBMwHOx6ccVKPMDSpcpSW07QQUgxeAIsst
+QuUdw/Xx+ry4sqC87KnJPFJyniZg3atfn7v4mqTJPqQR275ssTd0cWtoG/BPW8qk
+h+utoENiJGhnFV6dX0WFfX/Y/IcDYUjVWUG29QIDAQABAoIBAAJx/P7NduUOpDDn
+ozKEV/0lb24oOphbXle+JNHcBshhLyl/u1OXiyb30ajUfAiuAiw1khh/MeU3nGRA
+J3yLMm/rXuSjVpcRWN+Se8Iuz3paf7l0C3CjqgDLOghE2p4e94iybPbun1vRkN65
+tjGfCGC/s+/02gCp/DGlaZTGQziE5dQP9/YJm6ofPTT3b0fhIIOg0lLJc1efB+vF
+k7aVfiFG/1CiuzuibBqaAOPNPDxEUbi3SilHmK+/i5J0/UTEZ+VdtnTcMVWZz0aS
+JT7BYjDT96Btdf9J0T/gdNQOUawNiF5JeVSNOHM6lDXtwAfV2fy5IFqnI/ogfiuJ
+emm7QgECgYEAuWZksUHinM61Qh5ad5op2puAafx4uQ6YqCgyaLf+7GDE3qmAVOSV
+mrqIxssLzvX/xT164l1hMh+dhf1GbflkcP4FUYE7+uJ0A0GzUOLYAOSE7NWkxwOB
+iS4R1dlOGuiSciHUuYRGPZcD8SY2FEJVwWWn78kHYCUxfVKNRZ2sbSECgYEA/p5X
+NQz7immyBPETIF0esHifBaA9UnbGgH5Xbhf+vxoK1bITowAcVhPcPE9L6xahZTSC
+lQnqtyB3pmSDfahTMgm9f9lp8zzuRzA/rCAw574NCCAsc8j5kY4c7Z+XpbyYVvTD
+haK/YPqb550UNgAKSUSANA05zHCHUQa+1gifG1UCgYAGczF9mTUxD1/u9O9gydQ6
+7r4A8e+hQIi/EObwDbaospUmye7VBT7PKz4m7Fl00cocKo9j4KvI+qCYUL9qhAqi
+g7PbqgtUJxyyIE8EuV+aaFjXhHc/FTgkdZ3ZOr4k4YJ2xgaIjbmD2wUgFpw7CDPD
+jq3RAcVn6uNV4NFZYqrlAQKBgGD95lCCKov2aWbygouwjVFCEamt+c4hCsrF1f5N
+S7B2diwjUtGj6CduF1YuCsh57W9FCn1FstChoJKU9XX3mgGUrkg2hOKwkkAyA/9I
+n/iXcBVpVCWjKFanISPvyG/NIOb3BEgyz95ceOlI7/sGFuUEICYz55GWSCW4gRe9
+XwalAoGBALJ6T6elEVwNhPbcPdxOW387t8+pBIdoOPD9AFkUS5Xr22LxvQmnqC/v
+Hdc6rBZe0ocJv135E3400l+jH3T+lJvs8DmGaoLL0p7U8Bpf4F4455jzDZDAKohX
+1nNoQS6F9/hXEo6ax21lBZZUWNi2+kmrGcW7VMVz89hwad3Gb6zb
 -----END RSA PRIVATE KEY-----
\ No newline at end of file

salt-minion/pki/minion/minion.pub

 -----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvkG6jgnecMZisMwHe9V
-bKOrv/QBhPnwAuoKWonEy43iBmgS5Oi5TNWd8HYsAI+x4P+iVDkt+Hd9czndzK+G
-GDdChOkHz0ZWxtllSZ2nUsJN035lE+R44A9AmvZpyuNbouvzd9ng2QoYwIlHVxod
-35cYZoN4hxXiYUcBuWrowGg947JDPdBhxyVqmVpPjyqeaibhrs4Yz4wXGPFjXljV
-NczPE+giowEXiWtEkc7v6UK7wpkIX8mzLVgQBKlQbCLGokJr8tFwumZAPK36tthQ
-r4h9r5yyPOA4so70gVrLbY8xm/Hmg1/maEVWFOlhy1zbgVp3dOUfuwefVo0l+K1q
-GQIDAQAB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGZEQjyXj+NNtghHLI+L
+jdAEg7WY9KN5zrv7miHPLpJJDtWrCyK+IMRoMZG7c/570oWCiJa9CcqWYr5A2okq
+UJOkQRHW61KKXV2X9UnHKEA9LX3yJAbnyKtKKU3o1um1Hqmce3CwhI2sqfX7Awg1
+Wc7zQLksb3YUjOxy273bqhsnc7T+duuJfNAunNphzIOmy05bOwE3v0GlRgwBMwHO
+x6ccVKPMDSpcpSW07QQUgxeAIsstQuUdw/Xx+ry4sqC87KnJPFJyniZg3atfn7v4
+mqTJPqQR275ssTd0cWtoG/BPW8qkh+utoENiJGhnFV6dX0WFfX/Y/IcDYUjVWUG2
+9QIDAQAB
 -----END PUBLIC KEY-----
\ No newline at end of file

salt-minion/pki/minion/minion_master.pub

 -----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodb1vyaWUNDRTKQC1Cbj
-cPILzuODOmsVYZ4e9+V+gTVbLzbz+GMhgbiu97QAflBIR9GyaMgExhTucJfP8uCD
-BGYvKVO0sy3JfTbPD/cBy+1fTl64iEP11cZVh2xrLzHWyt4mhV1zWYTo4cTgWoLh
-xqn2S6MyzGxWYayPJkw/7GZ51fAJ35i18wKXhVwQ7pELGtAydUn4eoUuDh5gTx2m
-DjQHOSMeP2UwEGV934wXLctZP0rIc6qNGpgeEKYDsehOcw5d95e0f1JjQkr/c6uV
-K+s7DiD1ruPwjCX4nfUQ2hNCaKMvTIU/Kd0fhYpq1Gr9jh3bEPUQQoy9pi0Uj5oy
-mQIDAQAB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Lt9TqbvRU6qwXYjTc53
+iDV0Xn7xB+yqpsvGxvdqitf3OjExPmBVGgxv93wzQUeLjgnT30/GPQ+yb9JH84oY
+oPNfQWXc9/AED71keXP/UEtHOjsosemphoj8hsuBkk7pveaOM8bh3iE2qvXEypey
+7afI8MSOubm1d0Grq220bjMyuPwLyViV2DUMDCcXMMIwrOm9WHhiYtW+WiBfBGNC
+LiKR08eFaZj8G3VeDobPiyDOF87AL02bBeIYLJaHa8/Lp6VdDBpSk3PDgPYppyHb
+qGQNxykZA/D7fgWCQZdEJNTlvkwzbYCbHGXt8T/IsUijRKzNfpZnvrFiam4JB8aQ
+0wIDAQAB
 -----END PUBLIC KEY-----
\ No newline at end of file

salt-minion/privkey.pem

+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgaqeCaQenvbyY4yvK
+J8b1ye9IY2/MtlY/A3PkHp7ijluhRANCAAQHt0AgI1rDls68iMo2AwIP1hAtR+y/
+eOCdIhx05+HdgseMi5fzf9mL9eolf7UxASm3tRsyYhY2/vmRVUJpmEhD
+-----END PRIVATE KEY-----