* Update file.sls
add replace
* Update file.sls
update replace
* Update job.sls
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
https://docs.saltstack.com/en/master/ref/states/all/salt.states.cron.html
* Update README.rst
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
* Update README.rst
* fix(deprecation): update to new method (#214)
Signed-off-by: Felipe Zipitria <fzipitria@perceptyx.com>
* Allow swap to be completely disabled
* sort repos so they do not change order every run
* allow use of new state syntax for module.run
The new syntax has been supported since ~2017.
From the docs, in case they change:
! New Style
test.random_hash:
module.run:
- test.random_hash:
- size: 42
- hash_type: sha256
! Legacy Style
test.random_hash:
module.run:
- size: 42
- hash_type: sha256
* Update map.jinja
Add support fpr Ubuntu Focal.
* Update file.sls
added possibility to delete files
* Network resolf.conf handling
the handling as the Resolv.conf is generated and adapted, adapted.
previously the Resolv.conf was created and then through
Overwrite "network.system" in the interface.sls again.
With two search servers that should actually be included.
"search example.com. sudomain.example.com"
but it always became that
search ['example.com.', 'sudomain.example.com']
The resolv.conf was first created correctly but then overwritten again in the interface.sls.
The problem only arises if you don't want to have a "Domain:" in resov.conf
* rewrite LVM lv_present
Since salt now also supports LV extend and reduce, the option Force must be used with care.
The changes include that force is only set if the corresponding LV does not yet exist (check via Grains) in order to overwrite any FS signatures (Wiping fs signature).
If the LV already exists (check via Grains), Force is set to False unless this is explicitly set to True in the pillars.
* Network resolf.conf handling (#220) (#8)
* Update file.sls
add replace
* Update file.sls
update replace
* Update job.sls
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
https://docs.saltstack.com/en/master/ref/states/all/salt.states.cron.html
* Update README.rst
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
* Update README.rst
* fix(deprecation): update to new method (#214)
Signed-off-by: Felipe Zipitria <fzipitria@perceptyx.com>
* Allow swap to be completely disabled
* sort repos so they do not change order every run
* allow use of new state syntax for module.run
The new syntax has been supported since ~2017.
From the docs, in case they change:
! New Style
test.random_hash:
module.run:
- test.random_hash:
- size: 42
- hash_type: sha256
! Legacy Style
test.random_hash:
module.run:
- size: 42
- hash_type: sha256
* Update map.jinja
Add support fpr Ubuntu Focal.
* Update file.sls
added possibility to delete files
* Network resolf.conf handling
the handling as the Resolv.conf is generated and adapted, adapted.
previously the Resolv.conf was created and then through
Overwrite "network.system" in the interface.sls again.
With two search servers that should actually be included.
"search example.com. sudomain.example.com"
but it always became that
search ['example.com.', 'sudomain.example.com']
The resolv.conf was first created correctly but then overwritten again in the interface.sls.
The problem only arises if you don't want to have a "Domain:" in resov.conf
Co-authored-by: Felipe Zipitría <fzipi@fing.edu.uy>
Co-authored-by: Kyle Gullion <kgullion@gmail.com>
Co-authored-by: Matthew Thode <thode@fsi.io>
Co-authored-by: Matthew Thode <mthode@mthode.org>
Co-authored-by: Felipe Zipitría <fzipi@fing.edu.uy>
Co-authored-by: Kyle Gullion <kgullion@gmail.com>
Co-authored-by: Matthew Thode <thode@fsi.io>
Co-authored-by: Matthew Thode <mthode@mthode.org>
* Network resolf.conf handling (#220) (#9)
* Update file.sls
add replace
* Update file.sls
update replace
* Update job.sls
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
https://docs.saltstack.com/en/master/ref/states/all/salt.states.cron.html
* Update README.rst
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
* Update README.rst
* fix(deprecation): update to new method (#214)
Signed-off-by: Felipe Zipitria <fzipitria@perceptyx.com>
* Allow swap to be completely disabled
* sort repos so they do not change order every run
* allow use of new state syntax for module.run
The new syntax has been supported since ~2017.
From the docs, in case they change:
! New Style
test.random_hash:
module.run:
- test.random_hash:
- size: 42
- hash_type: sha256
! Legacy Style
test.random_hash:
module.run:
- size: 42
- hash_type: sha256
* Update map.jinja
Add support fpr Ubuntu Focal.
* Update file.sls
added possibility to delete files
* Network resolf.conf handling
the handling as the Resolv.conf is generated and adapted, adapted.
previously the Resolv.conf was created and then through
Overwrite "network.system" in the interface.sls again.
With two search servers that should actually be included.
"search example.com. sudomain.example.com"
but it always became that
search ['example.com.', 'sudomain.example.com']
The resolv.conf was first created correctly but then overwritten again in the interface.sls.
The problem only arises if you don't want to have a "Domain:" in resov.conf
Co-authored-by: Felipe Zipitría <fzipi@fing.edu.uy>
Co-authored-by: Kyle Gullion <kgullion@gmail.com>
Co-authored-by: Matthew Thode <thode@fsi.io>
Co-authored-by: Matthew Thode <mthode@mthode.org>
Co-authored-by: Felipe Zipitría <fzipi@fing.edu.uy>
Co-authored-by: Kyle Gullion <kgullion@gmail.com>
Co-authored-by: Matthew Thode <thode@fsi.io>
Co-authored-by: Matthew Thode <mthode@mthode.org>
* Update mount.sls
added the possibility to set the dump and pass option
dump
The dump value to be passed into the fstab, Default is 0
pass_num
The pass value to be passed into the fstab, Default is 0
* Update mount.sls
correction, wrong line.
added the possibility to set the dump and pass option
dump
The dump value to be passed into the fstab, Default is 0
pass_num
The pass value to be passed into the fstab, Default is 0
* Add Bind Mount Option
Add Bind Mount Option
* Add support for template defaults/context args
* Add IPv6 Interface Support
Add IPv6 Interface Support
First Version
* Fix warning in salt v3003
The 'gid_from_name' argument in the user.present state has been replaced
with 'usergroup'. Update your SLS file to get rid of this warning.
* Update map.jinja
add Jammy Support
---------
Signed-off-by: Felipe Zipitria <fzipitria@perceptyx.com>
Co-authored-by: Felipe Zipitría <fzipi@fing.edu.uy>
Co-authored-by: Kyle Gullion <kgullion@gmail.com>
Co-authored-by: Matthew Thode <thode@fsi.io>
Co-authored-by: Matthew Thode <mthode@mthode.org>
Co-authored-by: Bruno Binet <bruno.binet@gmail.com>
* Update file.sls
add replace
* Update file.sls
update replace
* Update job.sls
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
https://docs.saltstack.com/en/master/ref/states/all/salt.states.cron.html
* Update README.rst
Added the opportunity to set a job with a special keyword like '@reboot' or '@hourly'. Quotes must be used, otherwise PyYAML will strip the '@' sign.
* Update README.rst
* Added journal settings
* Fixed error:
----------
ID: package_duo
Function: pkg.installed
Name: duo-unix
Result: False
Comment: Problem encountered installing package(s). Additional info follows:
errors:
- E: There were unauthenticated packages and -y was used without --allow-unauthenticated
* Removed 2016 system checks as it doesn't support path_join and added 2019 version checks
Issue description:
PXE interfaces, which are used by salt should not be restarted
during salt calls, otherwise communication between salt master and
salt minion would be interrupted.
Therefore it is possible to specify "noifupdown: True" in pillars
for this interface or group of interfaces, which are used for PXE
network.
This pillar structure will remain until one removes it manualy.
It is not possible to remove it during deploy and enforce network
state without touching the model.
It is possible to override pillars from CLI like:
# salt ctl01* state.apply linux.network.interface \
pillar='{"linux":{"network":{"interface":{"ens3":{"noifupdown":True}}}}}'
However it is not easy/possible to predict all interfaces for PXE
network.
Solution:
Provide global noifupdown pillar value check.
If it exists, noifupdown will take effect and not otherwise.
So our deployment would have next steps:
- Execute: linux.network.interface pillar='{"linux":{"network":{"noifupdown":True}}}'
- Reboot node to enable kernel params like hugepages etc.
- Execute: linux.network.interface with no params to ensure PXE.
Pipelines may pass this parameter to control noifupdown behavior.
Change-Id: I8863f972c7805e4bf4f9e104d6c0ddf055c39cb1
The following parameters defined in /etc/login.defs can
be overridden per-user:
* PASS_MAX_DAYS
* PASS_MIN_DAYS
* PASS_WARN_DAYS
* INACTIVE
Related-Prod: PROD-18386
Change-Id: I5b182128f9dd8a043b48fb86e61febb2fd5c7e0a
* Ubuntu pinning params allow to be used
multiply times. In same time, old `list`
format now allowing to be predictable
iterated inside jinja
Related-Bug: PROD-21604 (PROD:21604)
Change-Id: If1c0f0f834a296b9a19d0af5fc7673c9229a7ac5
- Add possibility to remove prereq. packages installation BEFORE
* Crucial logic violation - if we don't have any repo\
have them configured in wrong way - stage will always fail.
* install prereq. packages after all - sounds stupid, but correct.
* By default - it will still try to install prereq. We don't want to
broke OLD logic.See readme, how-to overide such behaviour.
- don't update cache per-repo - it's simply useless and may fail due p1.
Run update only once - after all repos configured\reconfigured
- Add new option at system:refresh_repos_meta - for case, when update
should not be run in any case. By default - true.
- remove 99proxies-salt-{{ name }} along with disabled repo
- fix duplicate 'clean_file' option
Closes-Bug: PROD-15992 (PROD:15992)
Change-Id: I4b312f82f65be80e7726f62482978f68c25746a3
This is also covers the following CIS items
* CIS 1.7.1.5 Ensure permissions on /etc/issue are configured (Scored)
Change-Id: If8c237ff4db7e9ab7ee244278d28f632e73ecb56
Related-Prod: PROD-19166
This patch unifies /etc/motd managing approach for both RedHat and
Ubuntu systems. Providing a string value via linux:system:motd
pillar will configure static /etc/motd and remove dynamic scripts
from /etc/update-motd.d (if present).
update-motd can safely be removed because Ubuntu supports dynamic
motd by pam_motd means since 2009.
Related-Prod: PROD-17287
Change-Id: Ic9b7e18abb12cfe8704717b14dc1237e40715319
The 'system.kernel.elevator' and 'system.kernel.isolcpu' options
have been kept for backward compatibility and should be used in new
fashion way with system.kernel.boot_options parameter.
Change-Id: I51f7167b8b8946500df2065ee6b02bcf21809bc9
This patch implements pam ldap integration for linux host.
Related Prod: PROD-16022
Customer-Found
Change-Id: I2a05cfb4821d176724f03c61253700ef1f4d0bd8
* This merge request gives the ability to add shared libaries without set LD_LIBRARY_PATH variable.
1. Generate file in /etc/ld.so.conf.d/
2. update /etc/ld.so.cache with ldconfig command
example pillars:
linux:
system:
enabled: True
ld:
libraries:
java:
- /usr/lib/jvm/jre-openjdk/lib/amd64/server
- /opt/java/jre/lib/amd64/server
* fix format in README.rst for Shared Libraries
* Fix for #137 - change pillar libraries key to library
If ovs port is virtual, we use OVSIntPort to create it.
Otherwise it should be OVSPort.
I've added new key: ovs_port_type to not intersect with current
deployments and not hurt anyone.
I've updated doc to have an example of ovs peering patch.
Customer-Found
Change-Id: Ieddb5fcc02d410c3cc14c89737992690cb5f3975
preussal
stratusjerry
Timothy Mullican
marek-knappe
Nick Metz
Tomas Pipota
Gleb Galkin
Dzmitry Stremkouski
Gabor Orosz
Dmitry Teselkin
azvyagintsev
Martin Polreich
OlgaGusarenko
Ondrej Smola
Oleksii Chupryn
Bruno Binet
Michael Polenchuk
Richard Felkl
Jiri Broulik
Nick Metz
Piotr Kruk
Filip Pytloun
Serhiy Ovsianikov
Ales Komarek
Jakub Pavlik