ca-easy-rsa-build:
  pkg.installed:
    - name: easy-rsa

#temporary - easy-rsa package is broken and uses wrong working direcotry
easy-rsa-vars-build:
  file.managed:
    - name: "/etc/easy-rsa/vars"
    - source: salt://roles/maintain/ca/vars

#--vars=./vars is temporary until package is fixed
gen-ca-key:
  cmd.run:
    - name: "easyrsa --vars=./vars init-pki;easyrsa --batch --vars=./vars build-ca nopass batch"
    - cwd: "/etc/easy-rsa"