添加用户
useradd -M -s /sbin/nologin saltapi
passwd saltapi
新增配置文件
# cat /etc/salt/master.d/eauth.conf
external_auth:
pam:
saltapi: # 用户
- .* # 该配置文件给予saltapi用户所有模块使用权限,出于安全考虑一般只给予特定模块使用权限
- '@runner'
- '@runner'
# cat /etc/salt/master.d/api.conf
rest_cherrypy:
host: 55.3.107.74
port: 8002
disable_ssl: True
collect_stats: True
socket_queue_size: 500
thread_poll: 300
log_error_file: /var/log/salt/api_err.log
log_access_file: /var/log/salt/api_acc.log
stats_disable_auth: True
重启服务
systemctl restart salt-api
systemctl restart salt-master
获取token
curl -sk http://55.3.107.74:8002/login -H 'Accept: application/x-yaml' -d username='xxx' -d password='xxxx' -d eauth='pam'
测试test.ping
curl -sk http://55.3.107.74:8002 -H 'Accept: application/json' -H 'X-Auth-Token: 70cfdbe04a9ddfd722f125f81fb8826114d48d23' -d client='local' -d tgt='pcloud-test-redis2024-1-0' -d fun='test.ping'|jq