From 973b29c03a4e6b7493f6b52cdfef05841fe88fd6 Mon Sep 17 00:00:00 2001
From: Christian Boltz <opensuse@cboltz.de>
Date: Mar 12 2019 19:25:58 +0000
Subject: add roles to narwal[5-7] and fill known_hosts file


narwal5 will become the "static master" (doing git pull and keeping all
narwals up to date), and also is one of the static.o.o webservers.

narwal6 and narwal7 will "only" be webservers.

Also add the SSH host pubkeys to known_hosts of static_master.

---

diff --git a/pillar/id/narwal5_infra_opensuse_org.sls b/pillar/id/narwal5_infra_opensuse_org.sls
index 90bfe39..f3f4d33 100644
--- a/pillar/id/narwal5_infra_opensuse_org.sls
+++ b/pillar/id/narwal5_infra_opensuse_org.sls
@@ -2,6 +2,10 @@ grains:
   city: nuremberg
   country: de
   hostusage:
-    - future static.o.o replacement
+    - static.o.o
+    - static.o.o master
+  roles:
+    - static_master
+    - web_static
   salt_cluster: opensuse
   virt_cluster: atreju
diff --git a/pillar/id/narwal6_infra_opensuse_org.sls b/pillar/id/narwal6_infra_opensuse_org.sls
index 90bfe39..c71e073 100644
--- a/pillar/id/narwal6_infra_opensuse_org.sls
+++ b/pillar/id/narwal6_infra_opensuse_org.sls
@@ -2,6 +2,8 @@ grains:
   city: nuremberg
   country: de
   hostusage:
-    - future static.o.o replacement
+    - static.o.o
+  roles:
+    - web_static
   salt_cluster: opensuse
   virt_cluster: atreju
diff --git a/pillar/id/narwal7_infra_opensuse_org.sls b/pillar/id/narwal7_infra_opensuse_org.sls
index 90bfe39..c71e073 100644
--- a/pillar/id/narwal7_infra_opensuse_org.sls
+++ b/pillar/id/narwal7_infra_opensuse_org.sls
@@ -2,6 +2,8 @@ grains:
   city: nuremberg
   country: de
   hostusage:
-    - future static.o.o replacement
+    - static.o.o
+  roles:
+    - web_static
   salt_cluster: opensuse
   virt_cluster: atreju
diff --git a/pillar/role/static_master.sls b/pillar/role/static_master.sls
index 6c2dfdb..e7e160f 100644
--- a/pillar/role/static_master.sls
+++ b/pillar/role/static_master.sls
@@ -37,6 +37,8 @@ profile:
       - narwal6.infra.opensuse.org
     # ssh_known_hosts: use   ssh-keyscan 192.168.122.x,narwalX.infra.opensuse.org | grep nist
     ssh_known_hosts: |
-        KNOWN_HOSTS_HERE - fill when narwal5 and narwal6 are available
+        192.168.47.68,narwal5.infra.opensuse.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCbQYnUEulrX3eOcDJB23gIlSUojFL1+s1ugd1t98EDgoc+fWGvT0qX5iMS3rDA6SRwsu20/lQMhLmsS8G0Gi3w=
+        192.168.47.69,narwal6.infra.opensuse.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOQE0iipddghKK64jQhTNzN+oUJrBDroWlA2QGZXGFm1qZtWyBdmtzU58bLJyceMW5urKBMLCPWCHZ1oyxtNtOA=
+        192.168.47.70,narwal7.infra.opensuse.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF210DU6QxFc4eelUjwJR8AnmdF/PjFmnRFU/A69LbGDqABql4sHWhl2n0pMJifrjBBCEyKeNt64apyIaTlDZ7M=
     # ssh_private_key included from pillar/secrets/role/static_master.sls
     # ssh_pubkey (for authorized_keys) is in pillar/role/web_static.sls