ExternalMirrors
/
linux-formula
mirror of https://github.com/salt-formulas/salt-formula-linux
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 8 Wiki Activity
Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
761 Commits
26 Branches
Tree: ba02477d8e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ba02477d8e'
${ noResults }
linux-formula/tests/pillar/system.sls

480 lines
14KB
Raw Blame History 

  1. linux:

  2.   network:

  3.     enabled: true

  4.     hostname: linux

  5.     fqdn: linux.ci.local

  6.   system:

  7.     enabled: true

  8.     at:

  9.       enabled: true

  10.       user:

  11.         root:

  12.           enabled: true

  13.         testuser:

  14.           enabled: true

  15.     cron:

  16.       enabled: true

  17.       user:

  18.         root:

  19.           enabled: true

  20.         testuser:

  21.           enabled: true

  22.     cluster: default

  23.     name: linux

  24.     domain: ci.local

  25.     environment: prd

  26.     purge_repos: true

  27.     selinux: permissive

  28.     directory:

  29.       /tmp/test:

  30.         makedirs: true

  31.     apparmor:

  32.       enabled: false

  33.     haveged:

  34.       enabled: true

  35.     prompt:

  36.       default: "linux.ci.local$"

  37.     kernel:

  38.       isolcpu: 1,2,3,4

  39.       elevator: deadline

  40.       transparent_hugepage: always

  41.       boot_options:

  42.         - pti=off

  43.         - spectre_v2=auto

  44.       module:

  45.         module_1:

  46.           install:

  47.             command: /bin/true

  48.           remove:

  49.             enabled: false

  50.             command: /bin/false

  51.         module_2:

  52.           install:

  53.             enabled: false

  54.             command: /bin/false

  55.           remove:

  56.             command: /bin/true

  57.         module_3:

  58.           blacklist: true

  59.         module_4:

  60.           blacklist: false

  61.           alias:

  62.             "module*":

  63.               enabled: true

  64.             "module_*":

  65.               enabled: false

  66.         module_5:

  67.           softdep:

  68.             pre:

  69.               1:

  70.                 value: module_1

  71.               2:

  72.                 value: module_2

  73.                 enabled: false

  74.             post:

  75.               1:

  76.                 value: module_3

  77.               2:

  78.                 value: module_4

  79.                 enabled: false

  80.         module_6:

  81.           option:

  82.             opt_1: 111

  83.             opt_2: 222

  84.         module_7:

  85.           option:

  86.             opt_3:

  87.               value: 333

  88.             opt_4:

  89.               enabled: true

  90.               value: 444

  91.             opt_5:

  92.               enabled: false

  93.     cgroup:

  94.       group:

  95.         group_1:

  96.           controller:

  97.             cpu:

  98.               shares:

  99.                 value: 250

  100.           mapping:

  101.             subjects:

  102.             - '@group1'

  103.     sysfs:

  104.       enable_apply: true

  105.       scheduler:

  106.         block/sda/queue/scheduler: deadline

  107.       power:

  108.         mode:

  109.           power/state: 0660

  110.         owner:

  111.           power/state: "root:power"

  112.         devices/system/cpu/cpu0/cpufreq/scaling_governor: powersave

  113.     motd:

  114.       - warning: |

  115.           #!/bin/sh

  116.           printf "WARNING: This is tcpcloud network.\n"

  117.           printf "  Unauthorized access is strictly prohibited.\n"

  118.           printf "\n"

  119.       - info: |

  120.           #!/bin/sh

  121.           printf -- "--[tcp cloud]---------------------------\n"

  122.           printf " Hostname  |  ${linux:system:name}\n"

  123.           printf " Domain    |  ${linux:system:domain}\n"

  124.           printf " System    |  %s\n" "$(lsb_release -s -d)"

  125.           printf " Kernel    |  %s\n" "$(uname -r)"

  126.           printf -- "----------------------------------------\n"

  127.           printf "\n"

  128.     user:

  129.       root:

  130.         enabled: true

  131.         home: /root

  132.         name: root

  133.         maxdays: 365

  134.       testuser:

  135.         enabled: true

  136.         name: testuser

  137.         password: passw0rd

  138.         sudo: true

  139.         uid: 9999

  140.         full_name: Test User

  141.         home: /home/test

  142.         unique: false

  143.         groups:

  144.           - db-ops

  145.           - salt-ops

  146.       salt_user1:

  147.         enabled: true

  148.         name: saltuser1

  149.         sudo: false

  150.         uid: 9991

  151.         full_name: Salt User1

  152.         home: /home/saltuser1

  153.         home_dir_mode: 755

  154.       salt_user2:

  155.         enabled: true

  156.         name: saltuser2

  157.         sudo: false

  158.         uid: 9992

  159.         full_name: Salt Sudo User2

  160.         home: /home/saltuser2

  161.         groups:

  162.           - sudogroup1

  163.     group:

  164.       testgroup:

  165.         enabled: true

  166.         name: testgroup

  167.         gid: 9999

  168.         system: true

  169.         addusers:

  170.           - salt_user1

  171.           - salt_user2

  172.       db-ops:

  173.         enabled: true

  174.         delusers:

  175.           - salt_user1

  176.           - dontexistatall

  177.       salt-ops:

  178.         enabled: true

  179.         name: salt-ops

  180.       sudogroup1:

  181.         enabled: true

  182.         name: sudogroup1

  183.       sudogroup2:

  184.         enabled: true

  185.         name: sudogroup2

  186.       sudogroup3:

  187.         enabled: false

  188.         name: sudogroup3

  189.     job:

  190.       test:

  191.         enabled: true

  192.         command: "/bin/sleep 3"

  193.         user: testuser

  194.         minute: 0

  195.         hour: 13

  196.     package:

  197.       htop:

  198.         version: latest

  199.     repo:

  200.       disabled_repo:

  201.         source: "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable"

  202.         enabled: false

  203.       disabled_repo_left_proxy:

  204.         source: "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable"

  205.         enabled: false

  206.         proxy:

  207.           enabled: true

  208.           https: https://127.0.5.1:443

  209.       saltstack:

  210.         source: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main"

  211.         key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub"

  212.         architectures: amd64

  213.         clean_file: true

  214.         pinning:

  215.           10:

  216.             enabled: true

  217.             pin: 'release o=SaltStack'

  218.             priority: 50

  219.             package: 'libsodium18'

  220.           20:

  221.             enabled: true

  222.             pin: 'release o=SaltStack'

  223.             priority: 1100

  224.             package: '*'

  225.       opencontrail:

  226.         source: "deb http://ppa.launchpad.net/tcpcloud/contrail-3.0/ubuntu xenial main"

  227.         keyid: E79EE90C

  228.         keyserver: keyserver.ubuntu.com

  229.         architectures: amd64

  230.         proxy:

  231.           enabled: true

  232.           https: https://127.0.5.1:443

  233.           #http: http://127.0.5.2:8080

  234.       apt-salt:

  235.         source: "deb http://apt.mirantis.com/xenial stable salt"

  236.         #key_url: http://apt.mirantis.com/public.gpg

  237.         # pub   4096R/A76882D3 2015-06-17

  238.         key: |

  239.           -----BEGIN PGP PUBLIC KEY BLOCK-----

  240.           Version: GnuPG v1

  241. 

  242.           mQINBFWBfCIBEADf6lnsY9v4rf/x0ribkFlnHnsv1/yD+M+YgZoQxYdf6b7M4/PY

  243.           zZ/c3uJt4l1vR3Yoocfc1VgtBNfA1ussBqXdmyRBMO1LKdQWnurNxWLW7CwcyNke

  244.           xeBfhjOqA6tIIXMfor7uUrwlIxJIxK+jc3C3nhM46QZpWX5d4mlkgxKh1G4ZRj4A

  245.           mEo2NduLUgfmF+gM1MmAbU8ekzciKet4TsM64WAtHyYllGKvuFSdBjsewO3McuhR

  246.           i1Desb5QdfIU4p3gkIa0EqlkkqX4rowo5qUnl670TNTTZHaz0MxCBoYaGbGhS7gZ

  247.           6/PLm8fJHmU/phst/QmOY76a5efZWbhhnlyYLIB8UjywN+VDqwkNk9jLUSXHTakh

  248.           dnL4OuGoNpIzms8juVFlnuOmx+FcfbHMbhAc7aPqFK+6J3YS4kJSfeHWJ6cTGoU1

  249.           cLWEhsbU3Gp8am5fnh72RJ7v2sTe/rvCuVtlNufi5SyBPcEUZoxFVWAC/hMeiWzy

  250.           drBIVC73raf+A+OjH8op9XfkVj6czxQ/451soe3jvCDGgTXPLlts+P5WhgWNpDPa

  251.           fOfTHn/2o7NwoM7Vp+BQYKAQ78phsolvNNhf+g51ntoLUbxAGKZYzQ5RPsKo+Hq6

  252.           96UCFkqhSABk0DvM0LtquzZ+sNoipd02w8EaxQzelDJxvPFGigo1uqGoiQARAQAB

  253.           tCx0Y3BjbG91ZCBzaWduaW5nIGtleSA8YXV0b2J1aWxkQHRjcGNsb3VkLmV1PokC

  254.           OwQTAQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlWj4K8CGQEACgkQ

  255.           JACFCadogtPm9xAAl1D1RUY1mttjKk+8KI3tUmgtqLaIGUcB4TPbIhQpFy23TJd6

  256.           BnnEaGZ+HSCj3lp/dBoq1xxCqHCziKA04IpPaLpGJf8cqaKOpQpW1ErlSxT6nCQW

  257.           FrHFxZreBTljKqW3fvRBXNAquj0krJEwv19/3SsQ+CJI2Zkq/HPDw9eJOCu0WcJM

  258.           PVtAq2SmaDigh1jtFcFoWZ7uFFMQPIWit/RCPkDfkFaf6lbYZ/nnvWON9OAgzWci

  259.           GJjCp5a7vMyCpTRy6bgNPqM61omCe0iQ4yIcqANXhRYS/DBnjKr9YaDKnlKNUgd1

  260.           WRE8QzErQznH/plgISQ+df+8Iunp3SBr/jj1604yyM1Wxppn1+dAoTBU1OPFGVd3

  261.           mCEYHUe+v0iTZ69C2c1ISmp2MjciGyE/UPbW9ejUIXtFJAJovZjn6P3glyIQB3wq

  262.           AW6JE+xEBWH7Ix+Uv6YNAFfj3UO6vNjtuGbTCWYDCEJRkdmeE7QdTYDo7PxgPl1t

  263.           6xMGPLOBdYNJTEojvRYBTt+6iw0eZ+MCUdUFNeaseQh0p1RgqM9/7t75QCNLl1oO

  264.           +Cfu4vNef/Tpd3LHcUoQhQ2OViOVFbq1/Yu/natWDPDcXb3peTcNHOjmXAoboWbz

  265.           rDkxj5z7vcJ9LMEXviP6Fb/iXDmJh74/o6Agc8efb0WTmFjPFFtMCHrinb+5Ag0E

  266.           VYF8IgEQALUVS2GESQ+F1S4b0JIO1M2tVBXiH4N56eUzcDXxXbSZgCgx4aWhk5vJ

  267.           Qu7M11gtqIoiRbmuFpUmDOG/kB7DxBZPn8WqcBKpky6GUP/A/emaAZTwNQdcDAhD

  268.           foBkJdhVz0D2jnkBffYL055p/r1Ers+iTTNOas/0uc50C32xR823rQ2Nl6/ffIM6

  269.           JqfQenhRvqUWPj9oqESHMsqEdceSwS/VC7RN4xQXJXfEWu2q4Ahs62RmvCXnTw1A

  270.           sPcpysoBoo8IW+V1MVQEZuAJRn2AGO/Q7uY9TR4guHb3wXRfZ3k0KVUsyqqdusJi

  271.           T3DxxBw6GcKdOH6t41Ys3eYgOrc+RcSdcHYSpxaLvEIhwzarZ+mqcp3gz/JkPlXS

  272.           2tx2l6NZHcgReOM7IhqMuxzBbpcrsbBmLBemC+u7hoPTjUdTHKEwvWaeXL4vgsqQ

  273.           BbEeKmXep5sZg3kHtpXzY9ZfPQrtGB8vHGrfaZIcCKuXwZWGL5GGWKw3TSP4fAIA

  274.           jLxLf5MyyXcsugbai2OY/H4sAuvJHsmGtergGknuR+iFdt5el1wgRKP1r1KdmvMm

  275.           wsSayc6eSEKd689x3zsmAtnhYM31oMkPdeYRbnN15gLG7vcsVe4jug0YTqQt2WGn

  276.           hwjBA0i2qfTorXemWChsxKllvY9aB3ST8I6RMat0kS08FMD+Ced/ABEBAAGJAh8E

  277.           GAECAAkFAlWBfCICGwwACgkQJACFCadogtNicA/9HOM402VGHlmuYPcrvEThHqMK

  278.           KOTtNFsrrPp67dGYaT8TGTgy1OG4Oys2y+hrwqnUK6dXJxX2/RBfRuO/gw65RCfC

  279.           9nWeMkqJTjHJCKNTYfXN4O4ag444UZPcOMq+IyiWF3/sh674zCkCm5DQ/FH8IJ8Y

  280.           n4jMoxe7G48PCGtgcJKXo8NBzxwXJH4DCdk7rNdrbrnCwObG8h6530WrmzKuyFCJ

  281.           QP5JA0MSx23J2OrK2YmVMhTeO0czJ8fRip9We9/qAfZGUEW+sey+nLmT5OJq04al

  282.           Va9g2a4nXxzDy84+hRXQNUeCRYn/ys8d8q9HZNv3K36HlILcuWazNTTh0cuWupBd

  283.           SlIEuWbIdbknYpGsmS1cPeGi0bdoLZv90BIVmdOS/vXP02fGUblyANciKcBPRhOI

  284.           +z6hzwdZ+QvjPbxZUig5XuvqBhIHoRtMBJdf24ysFuf/d4uZzTC8T4rUQO+L29bt

  285.           8riT0dg6cHVwC0VH89FaO1FduvsCtAwdAgxSzOMBECNOmVBThIiWdLnns107Rp4F

  286.           ECk+l2UCjl7zwGqJqcd1BQK+UgZwVG2UV11CrhopKU5oGL84n5DaO2n6Rv8wVdrt

  287.           MKvqi7EkgvZpY0IHJ7rp0Gzrv0qmwJaUFCWFogITNyijb1JVsUgDTMhAkEgEsIYy

  288.           jtcwJrHue5Xn8UPSLkE=

  289.           =SWiA

  290.           -----END PGP PUBLIC KEY BLOCK-----

  291.         architectures: amd64

  292.         proxy:

  293.           enabled: true

  294.       apt-salt-nightly:

  295.         source: "deb http://apt.mirantis.com/xenial nightly salt"

  296.         key_url: http://apt.mirantis.com/public.gpg

  297.         architectures: amd64

  298.         proxy:

  299.           enabled: false

  300.       apt-extra-nightly:

  301.         source: "deb http://apt.mirantis.com/xenial nightly extra"

  302.         key_url: http://apt.mirantis.com/public.gpg

  303.         architectures: amd64

  304.     locale:

  305.       en_US:

  306.         enabled: true

  307.         default: true

  308.       cs_CZ:

  309.         enabled: true

  310.     autoupdates:

  311.       enabled: true

  312.     sudo:

  313.       enabled: true

  314.       alias:

  315.         runas:

  316.           DBA:

  317.           - postgres

  318.           - mysql

  319.           SALT:

  320.           - root

  321.         host:

  322.           LOCAL:

  323.           - localhost

  324.           PRODUCTION:

  325.           - db1

  326.           - db2

  327.         command:

  328.           SUDO_RESTRICTED_SU:

  329.           - /bin/vi /etc/sudoers

  330.           - /bin/su - root

  331.           - /bin/su -

  332.           - /bin/su

  333.           - /usr/sbin/visudo

  334.           SUDO_SHELLS:

  335.           - /bin/sh

  336.           - /bin/ksh

  337.           - /bin/bash

  338.           - /bin/rbash

  339.           - /bin/dash

  340.           - /bin/zsh

  341.           - /bin/csh

  342.           - /bin/fish

  343.           - /bin/tcsh

  344.           - /usr/bin/login

  345.           - /usr/bin/su

  346.           - /usr/su

  347.           SUDO_SALT_SAFE:

  348.           - /usr/bin/salt state*

  349.           - /usr/bin/salt service*

  350.           - /usr/bin/salt pillar*

  351.           - /usr/bin/salt grains*

  352.           - /usr/bin/salt saltutil*

  353.           - /usr/bin/salt-call state*

  354.           - /usr/bin/salt-call service*

  355.           - /usr/bin/salt-call pillar*

  356.           - /usr/bin/salt-call grains*

  357.           - /usr/bin/salt-call saltutil*

  358.           SUDO_SALT_TRUSTED:

  359.           - /usr/bin/salt*

  360.       users:

  361.         saltuser1: {}

  362.         saltuser2:

  363.           hosts:

  364.           - LOCAL

  365.         # User Alias:

  366.         DBA:

  367.           hosts:

  368.           - ALL

  369.           commands:

  370.           - SUDO_SALT_SAFE

  371.       groups:

  372.         db-ops:

  373.           hosts:

  374.           - ALL

  375.           - '!PRODUCTION'

  376.           runas:

  377.           - DBA

  378.           commands:

  379.           - /bin/cat *

  380.           - /bin/less *

  381.           - /bin/ls *

  382.           - SUDO_SALT_SAFE

  383.           - '!SUDO_SHELLS'

  384.           - '!SUDO_RESTRICTED_SU'

  385.         salt-ops:

  386.           hosts:

  387.           - 'ALL'

  388.           runas:

  389.           - SALT

  390.           commands:

  391.           - SUDO_SALT_TRUSTED

  392.         salt-ops2:

  393.           name: salt-ops

  394.           runas:

  395.           - DBA

  396.           commands:

  397.           - SUDO_SHELLS

  398.         sudogroup1:

  399.           commands:

  400.             - ALL

  401.         sudogroup2:

  402.           commands:

  403.             - ALL

  404.           hosts:

  405.             - localhost

  406.           users:

  407.             - test

  408.           nopasswd: false

  409.         sudogroup3:

  410.           commands:

  411.             - ALL

  412.     env:

  413.       BOB_VARIABLE: Alice

  414.       BOB_PATH:

  415.         - /srv/alice/bin

  416.         - /srv/bob/bin

  417.       HTTPS_PROXY: https://127.0.4.1:443

  418.       http_proxy: http://127.0.4.2:80

  419.       ftp_proxy: ftp://127.0.4.3:2121

  420.       no_proxy:

  421.         - 192.168.0.1

  422.         - 192.168.0.2

  423.         - .saltstack.com

  424.         - .ubuntu.com

  425.         - .mirantis.com

  426.         - .launchpad.net

  427.         - .dummy.net

  428.         - .local

  429.       LANG: C

  430.       LC_ALL: C

  431.     login_defs:

  432.       PASS_MAX_DAYS:

  433.         value: 99

  434.     shell:

  435.       umask: '027'

  436.       timeout: 900

  437.     profile:

  438.       vi_flavors.sh: |

  439.         export PAGER=view

  440.         alias vi=vim

  441.       locales: |

  442.         export LANG=en_US

  443.         export LC_ALL=en_US.UTF-8

  444. 

  445.     # pillar for proxy configuration

  446.     proxy:

  447.       # for package managers

  448.       pkg:

  449.         enabled: true

  450.         https: https://127.0.2.1:4443

  451.         #http: http://127.0.2.2

  452.         ftp: none

  453.       # fallback, system defaults

  454.       https: https://127.0.1.1:443

  455.       #http: http://127.0.1.2

  456.       ftp: ftp://127.0.1.3

  457.       noproxy:

  458.         - host1

  459.         - host2

  460.         - .local

  461.     # pillars for netconsole setup

  462.     netconsole:

  463.       enabled: true

  464.       port: 514

  465.       loglevel: debug

  466.       target:

  467.         192.168.0.1:

  468.           mac: "ff:ff:ff:ff:ff:ff"

  469.           interface: bond0

  470.     atop:

  471.       enabled: true

  472.       interval: 20

  473.       logpath: "/var/mylog/atop"

  474.       outfile: "/var/mylog/atop/daily.log"

  475.     mcelog:

  476.       enabled: true

  477.       logging:

  478.         syslog: true

  479.         syslog_error: true