What is a good way to produce a random "site salt" to be used in creating password retrieval tokens?

To start with, your not talking about a salt. You're talking about a Cryptographic Nonce, and when you salt a password you should use a Cryptographic Nonce. In the case of resetting passwords, it should be a random number that is stored in the database. It is not advantageous to have have a "site salt".

First and foremost I don't like uniqid() because it's a time heavy calculation and time is a very weak seed. rand() vs mt_rand(), spoiler: rand() is total crap.

In a web application a good source for secure secrets is non-blocking access to an entropy pool such as /dev/urandom. As of PHP 5.3, PHP applications can use openssl_random_pseudo_bytes(), and the Openssl library will choose the best entropy source based on your operating system, under Linux this means the application will use /dev/urandom. This code snip from Scott is pretty good:

function crypto_rand_secure($min, $max) {        $range = $max - $min;        if ($range < 0) return $min; // not so random...        $log = log($range, 2);        $bytes = (int) ($log / 8) + 1; // length in bytes        $bits = (int) $log + 1; // length in bits        $filter = (int) (1 << $bits) - 1; // set all lower bits to 1        do {            $rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes)));            $rnd = $rnd & $filter; // discard irrelevant bits        } while ($rnd >= $range);        return $min + $rnd;}function getToken($length=32){    $token = "";    $codeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";    $codeAlphabet.= "abcdefghijklmnopqrstuvwxyz";    $codeAlphabet.= "0123456789";    for($i=0;$i<$length;$i++){        $token .= $codeAlphabet[crypto_rand_secure(0,strlen($codeAlphabet))];    }    return $token;}