Saltstack Official Linux Formula

255 lines
6.7KB

  1. {%- from "linux/map.jinja" import network with context %}
  2. {%- from "linux/map.jinja" import system with context %}
  3. {%- if network.enabled %}
  4. {%- macro set_param(param_name, param_dict) -%}
  5. {%- if param_dict.get(param_name, False) -%}
  6. - {{ param_name }}: {{ param_dict[param_name] }}
  7. {%- endif -%}
  8. {%- endmacro -%}
  9. {%- if network.bridge != 'none' %}
  10. linux_network_bridge_pkgs:
  11. pkg.installed:
  12. {%- if network.bridge == 'openvswitch' %}
  13. - names: {{ network.ovs_pkgs }}
  14. {%- else %}
  15. - names: {{ network.bridge_pkgs }}
  16. {%- endif %}
  17. {%- endif %}
  18. {%- for interface_name, interface in network.interface.iteritems() %}
  19. {%- set interface_name = interface.get('name', interface_name) %}
  20. {%- if interface.get('managed', True) %}
  21. {%- if grains.os_family in ['RedHat', 'Debian'] %}
  22. {%- if interface.type == 'ovs_bridge' %}
  23. ovs_bridge_{{ interface_name }}:
  24. openvswitch_bridge.present:
  25. - name: {{ interface_name }}
  26. {%- elif interface.type == 'ovs_port' %}
  27. {#
  28. ovs_port_{{ interface_name }}:
  29. openvswitch_port.present:
  30. - name: {{ interface_name }}
  31. - bridge: {{ interface.bridge }}
  32. - require:
  33. - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
  34. #}
  35. linux_interfaces_include:
  36. file.prepend:
  37. - name: /etc/network/interfaces
  38. - text: 'source /etc/network/interfaces.d/*'
  39. ovs_port_{{ interface_name }}:
  40. file.managed:
  41. - name: /etc/network/interfaces.d/ifcfg-{{ interface_name }}
  42. - source: salt://linux/files/ovs_port
  43. - defaults:
  44. port: {{ interface|yaml }}
  45. port_name: {{ interface_name }}
  46. - template: jinja
  47. ovs_port_{{ interface_name }}_line1:
  48. file.replace:
  49. - name: /etc/network/interfaces
  50. - pattern: auto {{ interface_name }}
  51. - repl: ""
  52. ovs_port_{{ interface_name }}_line2:
  53. file.replace:
  54. - name: /etc/network/interfaces
  55. - pattern: iface {{ interface_name }} inet manual
  56. - repl: ""
  57. ovs_port_up_{{ interface_name }}:
  58. cmd.run:
  59. - name: ifup {{ interface_name }}
  60. - require:
  61. - file: ovs_port_{{ interface_name }}
  62. - file: ovs_port_{{ interface_name }}_line1
  63. - file: ovs_port_{{ interface_name }}_line2
  64. - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
  65. {%- else %}
  66. linux_interface_{{ interface_name }}:
  67. network.managed:
  68. - enabled: {{ interface.enabled }}
  69. - name: {{ interface_name }}
  70. - type: {{ interface.type }}
  71. {%- if interface.address is defined %}
  72. {%- if grains.os_family == 'Debian' %}
  73. - unless: grep -q "iface {{ interface_name }} " /etc/network/interfaces
  74. - proto: {{ interface.get('proto', 'static') }}
  75. {% endif %}
  76. {%- if grains.os_family == 'RedHat' %}
  77. {%- if interface.get('proto', 'none') == 'manual' %}
  78. - proto: 'none'
  79. {%- else %}
  80. - proto: {{ interface.get('proto', 'none') }}
  81. {%- endif %}
  82. {% endif %}
  83. - ipaddr: {{ interface.address }}
  84. - netmask: {{ interface.netmask }}
  85. {%- else %}
  86. - proto: {{ interface.get('proto', 'dhcp') }}
  87. {%- endif %}
  88. {%- if interface.name_servers is defined %}
  89. - dns: {{ interface.name_servers }}
  90. {%- endif %}
  91. {%- if interface.wireless is defined and grains.os_family == 'Debian' %}
  92. {%- if interface.wireless.security == "wpa" %}
  93. - wpa-ssid: {{ interface.wireless.essid }}
  94. - wpa-psk: {{ interface.wireless.key }}
  95. {%- else %}
  96. - wireless-ssid: {{ interface.wireless.essid }}
  97. - wireless-psk: {{ interface.wireless.key }}
  98. {%- endif %}
  99. {%- endif %}
  100. {%- for param in network.interface_params %}
  101. {{ set_param(param, interface) }}
  102. {%- endfor %}
  103. {%- if interface.type == 'bridge' %}
  104. - bridge: {{ interface_name }}
  105. - delay: 0
  106. - bypassfirewall: True
  107. - use:
  108. {%- for network in interface.use_interfaces %}
  109. - network: linux_interface_{{ network }}
  110. {%- endfor %}
  111. - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}
  112. - require:
  113. {%- for network in interface.get('use_interfaces', []) %}
  114. - network: linux_interface_{{ network }}
  115. {%- endfor %}
  116. {%- for network in interface.get('use_ovs_ports', []) %}
  117. - cmd: ovs_port_up_{{ network }}
  118. {%- endfor %}
  119. {%- endif %}
  120. {%- if interface.type == 'bond' %}
  121. - slaves: {{ interface.slaves }}
  122. - mode: {{ interface.mode }}
  123. {%- endif %}
  124. {%- for network in interface.get('use_ovs_ports', []) %}
  125. remove_interface_{{ network }}_line1:
  126. file.replace:
  127. - name: /etc/network/interfaces
  128. - pattern: auto {{ network }}
  129. - repl: ""
  130. remove_interface_{{ network }}_line2:
  131. file.replace:
  132. - name: /etc/network/interfaces
  133. - pattern: iface {{ network }} inet manual
  134. - repl: ""
  135. {%- endfor %}
  136. {%- if interface.gateway is defined %}
  137. linux_system_network:
  138. network.system:
  139. - enabled: {{ interface.enabled }}
  140. - hostname: {{ network.fqdn }}
  141. {%- if interface.gateway is defined %}
  142. - gateway: {{ interface.gateway }}
  143. - gatewaydev: {{ interface_name }}
  144. {%- endif %}
  145. - nozeroconf: True
  146. - nisdomain: {{ system.domain }}
  147. - require_reboot: False
  148. {%- endif %}
  149. {%- endif %}
  150. {%- endif %}
  151. {%- if interface.wireless is defined %}
  152. {%- if grains.os_family == 'Arch' %}
  153. linux_network_packages:
  154. pkg.installed:
  155. - names: {{ network.pkgs }}
  156. /etc/netctl/network_{{ interface.wireless.essid }}:
  157. file.managed:
  158. - source: salt://linux/files/wireless
  159. - mode: 755
  160. - template: jinja
  161. - require:
  162. - pkg: linux_network_packages
  163. - defaults:
  164. interface_name: {{ interface_name }}
  165. switch_profile_{{ interface.wireless.essid }}:
  166. cmd.run:
  167. - name: netctl switch-to network_{{ interface.wireless.essid }}
  168. - cwd: /root
  169. - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'"
  170. - require:
  171. - file: /etc/netctl/network_{{ interface.wireless.essid }}
  172. enable_profile_{{ interface.wireless.essid }}:
  173. cmd.run:
  174. - name: netctl enable network_{{ interface.wireless.essid }}
  175. - cwd: /root
  176. - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service
  177. - require:
  178. - file: /etc/netctl/network_{{ interface.wireless.essid }}
  179. {%- endif %}
  180. {%- endif %}
  181. {%- endif %}
  182. {%- if interface.route is defined %}
  183. linux_network_{{ interface_name }}_routes:
  184. network.routes:
  185. - name: {{ interface_name }}
  186. - routes:
  187. {%- for route_name, route in interface.route.iteritems() %}
  188. - name: {{ route_name }}
  189. ipaddr: {{ route.address }}
  190. netmask: {{ route.netmask }}
  191. gateway: {{ route.gateway }}
  192. {%- endfor %}
  193. {%- endif %}
  194. {%- endfor %}
  195. {%- if network.bridge != 'none' %}
  196. linux_interfaces_final_include:
  197. file.prepend:
  198. - name: /etc/network/interfaces
  199. - text: 'source /etc/network/interfaces.d/*'
  200. {%- endif %}
  201. {%- endif %}
  202. {%- if network.network_manager.disable is defined and network.network_manager.disable == True %}
  203. NetworkManager:
  204. service.dead:
  205. - enable: false
  206. {%- endif %}