Tree - heroes/salt - Pagure for openSUSE

heroes / salt

Source
Stats

Blame pillar/role/saltmaster.sls

Blob History Raw

	90d918	`{%- set fqdn = grains['fqdn'] -%}`
	90d918	`{%- set address = grains['fqdn_ip6'][0] -%}`
	90d918
	efbbb0	`{%- set ssldir = '/etc/ssl/services/' ~ fqdn ~ '/' -%}`
	efbbb0	`{%- set crt = ssldir ~ 'fullchain.pem' -%}`
	efbbb0	`{%- set key = ssldir ~ 'privkey.pem' -%}`
	90d918
Theo Chatzimichos	d12b82	`include:`
	0bedc0	`- infra.nodegroups`
	0bedc0	`{% if salt['grains.get']('include_secrets', True) %}`
Theo Chatzimichos	d12b82	`- secrets.role.saltmaster`
Theo Chatzimichos	754b1a	`{% endif %}`
Theo Chatzimichos	d12b82
Theo Chatzimichos	16b8a6	`salt:`
	445ba4	`master_remove_config: True`
Christian Boltz	e1c333	`master:`
	08b6ef	`auth.ldap.accountattributename: spn`
	08b6ef	`auth.ldap.basedn: o=heroes`
	08b6ef	`auth.ldap.binddn: uid=salt,o=heroes`
	08b6ef	`auth.ldap.filter:`
	08b6ef	`{%- raw %}`
	08b6ef	`'(&(spn={{ username }})(objectClass=person)(memberOf=spn=idm_all_persons@infra.opensuse.org,o=heroes))'`
	08b6ef	`{%- endraw %}`
	08b6ef	`auth.ldap.groupattribute: memberof`
	08b6ef	`auth.ldap.groupclass: account`
	08b6ef	`auth.ldap.groupou: null`
	08b6ef	`auth.ldap.port: 636`
	08b6ef	`auth.ldap.scope: 1`
	08b6ef	`auth.ldap.server: ldap.infra.opensuse.org`
	08b6ef	`auth.ldap.tls: True`
	548af6	`cache: redis`
	548af6	`cache.redis.unix_socket_path: /run/redis/salt.sock`
Christian Boltz	e1c333	`cli_summary: True`
Christian Boltz	e1c333	`default_top: production`
Christian Boltz	e1c333	`ext_pillar_first: True`
	08b6ef	`external_auth:`
	08b6ef	`ldap:`
	2e05ba	`salt-deploy@infra.opensuse.org:`
	2e05ba	`- mine.update`
	2e05ba	`- saltutil.refresh_pillar`
	2e05ba	`- state.highstate`
	2e05ba	`- state.sls`
	2e05ba	`- test.ping`
	08b6ef	`wheel@infra.opensuse.org%:`
	08b6ef	`- .*`
	08b6ef	`- '@jobs'`
	08b6ef	`- '@runner'`
	08b6ef	`- '@wheel'`
Christian Boltz	e1c333	`fileserver_backend:`
Christian Boltz	e1c333	`- git`
	3fd44f	`- roots`
	3fd44f	`file_roots:`
	8e8460	`# consider changing back to __env__ after a solution for https://github.com/saltstack/salt/issues/62967`
	8e8460	`production:`
	3c439d	`- /srv/salt`
	3fd44f	`- /usr/share/salt-formulas/states`
	6e8cbb	`- /srv/formulas`
	f7d5f3	`gather_job_timeout: 10`
	eab9bd	`ipc_write_buffer: dynamic`
	f7d5f3	`timeout: 15`
Christian Boltz	e1c333	`gitfs_ssl_verify: True`
Christian Boltz	e1c333	`hash_type: sha512`
	51cf18	`{%- if grains.get('country') == 'cz' %}`
	51cf18	`{#- _needs_ to align with the "ipv6" setting in pillar.common! #}`
	91952c	`interface: '::'`
	51cf18	`{%- endif %}`
	f7d5f3	`key_cache: sched`
	d9d5bc	`netapi_enable_clients:`
	d9d5bc	`- local`
	f7d5f3	`ping_on_rotate: True`
	f7d5f3	`pillar_cache: True`
	2fc95c	`pillar_cache_backend: memory`
	f7d5f3	`pillar_cache_ttl: 1800`
Christian Boltz	e1c333	`pillar_gitfs_ssl_verify: True`
Christian Boltz	e1c333	`pillar_merge_lists: True`
	3c439d	`pillar_roots:`
	3c439d	`__env__:`
	3c439d	`- /srv/pillar`
Christian Boltz	e1c333	`pillar_source_merging_strategy: smart`
	90d918	`rest_cherrypy:`
	90d918	`host: {{ address }}`
	90d918	`port: 4550`
	90d918	`ssl_crt: {{ crt }}`
	90d918	`ssl_key: {{ key }}`
	cd5c73	`show_jid: True`
	eab9bd	`sock_pool_size: 30`
	d69167	`state_aggregate: True`
	26c1c7	`state_compress_ids: True`
Christian Boltz	e1c333	`state_output: changes`
Christian Boltz	e1c333	`state_verbose: False`
Christian Boltz	e1c333	`top_file_merging_strategy: same`
Christian Boltz	e1c333	`user: salt`
	f7d5f3	`worker_threads: {{ grains['num_cpus'] }}`
	eab9bd	`zmq_backlog: 10000`
	eab9bd	`pub_hwm: 10000`
Christian Boltz	af69ac
	564158	`infrastructure:`
	564158	`salt:`
	564158	`formulas:`
	c215e0	`{%- for formula in [`
	b90027	`'backupscript',`
	c215e0	`'bootloader',`
	c215e0	`'grains',`
	f1990c	`'infrastructure',`
	c215e0	`'juniper_junos',`
	c215e0	`'libvirt',`
	f1990c	`'lock',`
	c215e0	`'lunmap',`
	1423d2	`'mtail',`
	c215e0	`'multipath',`
	c215e0	`'network',`
	c215e0	`'os_update',`
	c215e0	`'rebootmgr',`
	c215e0	`'redis',`
	f1990c	`'redmine',`
	c215e0	`'rsync',`
	c215e0	`'suse_ha',`
	0009a6	`'sysconfig',`
	c215e0	`'zypper',`
	c215e0	`]`
	c215e0	`%}`
	564158	`- {{ formula }}-formula`
	564158	`{%- endfor %}`
	d03f9e	`git:`
	d03f9e	`formulas:`
	d03f9e	`repository: https://gitlab.infra.opensuse.org/infra/salt-formulas-git.git`
	3fd44f
	e2a2b0	`profile:`
	e2a2b0	`salt:`
	d3cca0	`saline:`
	d3cca0	`restapi:`
	90d918	`host: {{ address }}`
	90d918	`ssl_crt: {{ crt }}`
	90d918	`ssl_key: {{ key }}`
	d3cca0	`log_access_file: /var/log/salt/saline-api-access.log`
	d3cca0	`log_error_file: /var/log/salt/saline-api-error.log`
	706790
	745011	`redis:`
	745011	`salt:`
	745011	`acllog-max-len: 64`
	745011	`databases: 1`
	745011	`port: 0`
	745011	`tcp-backlog: 511`
	745011	`timeout: 0`
	745011
	706790	`rsync:`
	706790	`modules:`
	706790	`salt-push:`
	706790	`path: /srv/salt-git/`
	706790	`comment: /srv/salt-git/`
	706790	`list: 'false'`
	706790	`uid: root`
	706790	`gid: salt`
	bf212c	`auth users: saltpush`
	bf212c	`read only: false`
	bf212c	`hosts allow:`
	4ffa56	`{%- if grains.get('country') == 'cz' %}`
	786b6b	`- 2a07:de40:b27e:1203::126 # gitlab-runner1`
	786b6b	`- 2a07:de40:b27e:1203::127 # gitlab-runner2`
	4ffa56	`{%- else %}`
	4ffa56	`- 172.16.164.126`
	4ffa56	`- 172.16.164.127`
	4ffa56	`{%- endif %}`
	745011
	70c6ac	`groups:`
	745011	`redis:`
	169fd0	`system: true`
	745011	`members:`
	745011	`- salt`
	745011
	745011	`zypper:`
	745011	`packages:`
	08b6ef	`python3-ldap: {}`
	745011	`python3-redis: {}`
	d3cca0	`saline: {}`

heroes / salt

Source Code

Blame pillar/role/saltmaster.sls