frebib/salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: frebib:eab6e1b85fb79a0fd67876d477fe178b161606c5
Branches Tags
frebib:master frebib:empty-pillar frebib:dev
..
compare: frebib:master
Branches Tags
frebib:empty-pillar frebib:master frebib:dev

5 Commits
eab6e1b85f ... master

Author SHA1 Message Date
Joe Groocock
8024449e2b salt/minion: only restart salt-minion on config/pkg change 
Signed-off-by: Joe Groocock <me@frebib.net>
 2020-07-19 15:21:09 +01:00
Joe Groocock
37e659cfc3 users: add Docker group to admin users 
Signed-off-by: Joe Groocock <me@frebib.net>
 2020-07-19 15:13:34 +01:00
Joe Groocock
05d7cef80c users: manage ssh authorised keys 
Signed-off-by: Joe Groocock <me@frebib.net>
 2020-07-19 15:10:01 +01:00
Joe Groocock
6d843a0b65 users/frebib: add frebib-Cf SSH public key 
Signed-off-by: Joe Groocock <me@frebib.net>
 2020-07-19 15:00:06 +01:00
Joe Groocock
2b9420afa9 Manage salt-minion package, service and config 
Restart the service after upgrading the package or modifying the minion
configuration file.

Signed-off-by: Joe Groocock <me@frebib.net>
 2020-07-12 17:09:28 +01:00
4 changed files with 20 additions and 9 deletions
Expand all files Collapse all files

18
states/salt/minion/init.sls
View File

@ -10,11 +10,11 @@ salt-minion:
- file: /etc/salt/minion
restart-salt-minion:
service.restart:
- name: salt-minion
cmd.run:
- name: sleep 10 && systemctl restart salt-minion
- bg: true
- order: last
- no_block: true
- watch:
- onchanges:
- pkg: salt-minion
- file: /etc/salt/minion
- require:
@ -22,17 +22,19 @@ restart-salt-minion:
/etc/salt/minion:
file.managed:
- source: salt://{{ slspath }}/minion.jinja
- source: salt://{{ slspath }}/templates/minion.jinja
- template: jinja
- user: root
- group: root
- mode: 644
- context:
- masters: {{ masters|json }}
masters: {{ masters|json }}
- require:
- pkg: salt-minion
check-minion-config:
cmd.run:
- name: sudo salt-call --local --skip-grains test.ping
- watch:
- name: sudo salt-call --local --skip-grains test.true
- onchanges:
- pkg: salt-minion
- file: /etc/salt/minion

2
states/salt/minion/templates/minion → states/salt/minion/templates/minion.jinja
View File

@ -1,4 +1,4 @@
id: {{ minion_id }}
id: {{ grains.id|lower }}
log_level: info
ipv6: true
ssl: true

5
states/users/init.sls
View File

@ -16,4 +16,9 @@
{%- if user.shell is defined %}
- shell: {{ user.shell }}
{%- endif %}
ssh_auth.manage:
- user: {{ name }}
{%- if user['ssh-keys'] is defined %}
- ssh_keys: {{ user['ssh-keys']|json }}
{%- endif %}
{%- endfor %}

4
states/users/users.jinja
View File

@ -4,6 +4,9 @@
{%- do admin_groups.append('systemd-journal') %}
{%- endif %}
{# FIXME(frebib): manage Docker group instead of blindly adding it #}
{%- do admin_groups.append('docker') %}
frebib:
groups:
{%- for group in admin_groups %}
@ -12,6 +15,7 @@ frebib:
ssh-keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINk+sOUEXKsGqITyMhna9v77ADGagkr3YMpgZFkrvqcd frebib@frebib-PC
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIGxhZPQM/3Ck+DNNM0CoIZTsvKqQLKq8fqQoO6fXzX frebib@frebib-OnePlus3
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+T8ChEU9YmpE2BY77oEtKzedB8HWDSM5bErDN9gcvj frebib@frebib-Cf
adam:
groups: