Saltstack Official Salt Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

pillar.example 12KB

11 jaren geleden
11 jaren geleden
11 jaren geleden
11 jaren geleden
11 jaren geleden
11 jaren geleden
11 jaren geleden
11 jaren geleden
7 jaren geleden
7 jaren geleden
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407
  1. salt:
  2. # Set this to true to clean any non-salt-formula managed files out of
  3. # /etc/salt/{master,minion}.d ... You really don't want to do this on 2015.2
  4. # and up as it'll wipe out important files that Salt relies on.
  5. clean_config_d_dir: False
  6. # This state will remove "/etc/salt/minion" when you set this to true.
  7. minion_remove_config: True
  8. # This state will remove "/etc/salt/master" when you set this to true.
  9. master_remove_config: True
  10. # Set this to 'py3' to install the Python 3 packages.
  11. # If this is not set, the Python 2 packages will be installed by default.
  12. py_ver: 'py3'
  13. # Set this to False to not have the formula install packages (in the case you
  14. # install Salt via git/pip/etc.)
  15. install_packages: True
  16. # Optional: set salt version (if install_packages is set to True)
  17. version: 2017.7.2-1.el7
  18. # to overwrite map.jinja salt packages
  19. lookup:
  20. salt_master: 'salt-master'
  21. salt_minion: 'salt-minion'
  22. salt_syndic: 'salt-syndic'
  23. salt_cloud: 'salt-cloud'
  24. salt_ssh: 'salt-ssh'
  25. pyinotify: 'python-pyinotify' # the package to be installed for pyinotify
  26. # Set which release of SaltStack to use, default to 'latest'
  27. # To get the available releases:
  28. # * http://repo.saltstack.com/yum/redhat/7/x86_64/
  29. # * http://repo.saltstack.com/apt/debian/8/amd64/
  30. release: '2018.3'
  31. # MacOS has no package management.
  32. # Instead, we use file.managed to download an appropriate .pkg file and macpackage.installed to install it
  33. # 'version', if set (see above), will be used to check the .pkg version to determine if it should be installed
  34. #
  35. # NOTE: if 'version' is not set version comparison will not occur and the .pkg WILL NOT be installed if a salt
  36. # .pkg is already installed
  37. # NOTE: salt_minion_pkg_hash, if set, will be passed into file.managed's source_hash, use URL or hash string
  38. salt_minion_pkg_source: 'https://repo.saltstack.com/osx/salt-2017.7.4-py3-x86_64.pkg'
  39. salt_minion_pkg_hash: 'https://repo.saltstack.com/osx/salt-2017.7.4-py3-x86_64.pkg.md5'
  40. # salt master config
  41. master:
  42. fileserver_backend:
  43. - git
  44. - s3fs
  45. - roots
  46. gitfs_remotes:
  47. - git://github.com/saltstack-formulas/salt-formula.git:
  48. - base: develop
  49. s3.keyid: GKTADJGHEIQSXMKKRBJ08H
  50. s3.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
  51. s3.buckets:
  52. - bucket1
  53. - bucket2
  54. - bucket3
  55. - bucket4
  56. file_roots:
  57. base:
  58. - /srv/salt
  59. pillar_roots:
  60. base:
  61. - /srv/pillar
  62. # for salt-api with tornado rest interface
  63. rest_tornado:
  64. port: 8000
  65. ssl_crt: /etc/pki/api/certs/server.crt
  66. ssl_key: /etc/pki/api/certs/server.key
  67. debug: False
  68. disable_ssl: False
  69. # for profile configuration as https://docs.saltstack.com/en/latest/topics/tutorials/lxc.html#tutorial-lxc-profiles
  70. lxc.container_profile:
  71. debian:
  72. template: download
  73. options:
  74. dist: debian
  75. release: jessie
  76. arch: amd64
  77. backing: lvm
  78. vgname: kimsufi
  79. size: 10G
  80. lxc.network_profile:
  81. basic:
  82. eth0:
  83. link: lxcbr0
  84. type: veth
  85. flags: up
  86. ## for external auth - LDAP
  87. # filter to use for Active Directory LDAP
  88. auth.ldap.filter: {% raw %}'sAMAccountName={{username}}'{% endraw %}
  89. # filter to use for Most other LDAP servers
  90. auth.ldap.filter: {% raw %}'uid={{ username }}'{% endraw %}
  91. # Define winrepo provider, by default support order is pygit2, gitpython
  92. # Set to gitpython for Debian & Ubuntu to get around saltstack/salt#35993
  93. # where pygit2 is not compiled with pygit2.GIT_FEATURE_HTTPS support
  94. winrepo_provider: gitpython
  95. # optional engine configuration
  96. engines:
  97. - slack:
  98. token: xoxp-XXXXX-XXXXXXX # use Slack's legacy API token
  99. control: True
  100. valid_users:
  101. - someuser
  102. - otheruser
  103. valid_commands:
  104. - test.ping
  105. - list_jobs
  106. aliases:
  107. list_jobs:
  108. type: runner
  109. cmd: jobs.list_jobs
  110. # optional: these reactors will be configured on the master
  111. # They override reactors configured in
  112. # 'salt:reactors' or the old 'salt:reactor' parameters
  113. reactors:
  114. - 'master/deploy':
  115. - /srv/salt/reactors/deploy.sls
  116. # salt minion config:
  117. minion:
  118. # single master setup
  119. master: salt
  120. # multi master setup
  121. #master:
  122. #- salt_master_1
  123. #- salt_master_2
  124. fileserver_backend:
  125. - git
  126. - roots
  127. gitfs_remotes:
  128. - git://github.com/saltstack-formulas/salt-formula.git:
  129. - base: develop
  130. file_roots:
  131. base:
  132. - /srv/salt
  133. pillar_roots:
  134. base:
  135. - /srv/pillar
  136. module_config:
  137. test: True
  138. test.foo: foo
  139. test.bar:
  140. - baz
  141. - quo
  142. test.baz:
  143. spam: sausage
  144. cheese: bread
  145. # salt mine setup
  146. mine_interval: 60
  147. # mine_functions can be set at the top level of the pillar, and
  148. # that is preferable because it doesn't affect the conf file and
  149. # doesn't require a minion restart. However, you can configure it
  150. # here instead if you really want to.
  151. mine_functions:
  152. network.interface_ip: [eth0]
  153. # Define a minion scheduler
  154. schedule:
  155. - highstate:
  156. - function: state.apply
  157. - minutes: 60
  158. - returner: redis
  159. # other 'non-default' config
  160. auth_keytab: /root/auth.keytab
  161. auth_principal: kadmin/admin
  162. # optional engine configuration
  163. engines:
  164. - slack:
  165. token: xoxp-XXXXX-XXXXXXX # use Slack's legacy API token
  166. control: True
  167. valid_users:
  168. - someuser
  169. - otheruser
  170. valid_commands:
  171. - test.ping
  172. - list_jobs
  173. aliases:
  174. list_jobs:
  175. type: runner
  176. cmd: jobs.list_jobs
  177. # optional beacons configuration
  178. beacons:
  179. load:
  180. 1m:
  181. - 0.0
  182. - 2.0
  183. 5m:
  184. - 0.0
  185. - 1.5
  186. 15m:
  187. - 0.1
  188. - 1.0
  189. interval: 10
  190. # Optional reactors: these reactors will be configured on the minion
  191. # They override reactors configured in
  192. # 'salt:reactors' or the old 'salt:reactor' parameters
  193. reactors:
  194. - 'minion/deploy':
  195. - /srv/salt/reactors/deploy.sls
  196. # Optional: Configure an elasticsearch returner
  197. return: elasticsearch
  198. elasticsearch:
  199. hosts:
  200. - example.elasticsearch.host:9200
  201. - example.elasticsearch.host2:9200
  202. index_date: True
  203. index: salt
  204. number_of_shards: 5
  205. number_of_replicas: 2
  206. debug_returner_payload: True
  207. states_count: True
  208. states_order_output: True
  209. states_single_index: True
  210. functions_blacklist:
  211. - test.ping
  212. - saltutil.find_job
  213. # salt cloud config
  214. cloud:
  215. master: salt
  216. # For non-templated custom cloud provider/profile/map files
  217. providers:
  218. provider-filename1.conf:
  219. vmware-prod:
  220. driver: vmware
  221. user: myusernameprod
  222. password: mypassword
  223. vmware-nonprod:
  224. driver: vmware
  225. user: myusernamenonprod
  226. password: mypassword
  227. profiles:
  228. profile-filename1.conf:
  229. server-non-prod:
  230. clonefrom: rhel6xtemplatenp
  231. grains:
  232. platform:
  233. name: salt
  234. realm: lab
  235. subscription_level: standard
  236. memory: 8GB
  237. num_cpus: 4
  238. password: sUpErsecretey
  239. provider: vmware-nonprod
  240. maps:
  241. map-filename1.map:
  242. server-non-prod:
  243. - host.mycompany.com:
  244. grains:
  245. environment: dev1
  246. # You can take profile and map templates from an alternate location
  247. # if you want to write your own.
  248. template_sources:
  249. providers: salt://salt/files/cloud.providers.d
  250. profiles: salt://salt/files/cloud.profiles.d
  251. maps: salt://salt/files/cloud.maps.d
  252. # These settings are used by the default provider templates and
  253. # only need to be set for the ones you're using.
  254. aws_key: AWSKEYIJSHJAIJS6JSH
  255. aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
  256. gce_project: test
  257. gce_service_account_email_address: 867543072364-orl4h2tpp8jcn1tr9ipj@developer.gserviceaccount.com
  258. rsos_user: afeawofghob
  259. rsos_tenant: tenant_id_number
  260. rsos_apikey: WFJIOJEOIGHSOFHESO
  261. rsos_regions:
  262. - ORD
  263. - DFW
  264. - IAD
  265. - SYD
  266. - HKG
  267. ssh_roster:
  268. prod1:
  269. host: host.example.com
  270. user: ubuntu
  271. sudo: True
  272. priv: /etc/salt/ssh_keys/sshkey.pem
  273. gitfs:
  274. keys:
  275. global:
  276. # key and pub end up being the extension used on the key file. values other than key and pub are possible
  277. key: |
  278. -----BEGIN RSA PRIVATE KEY-----
  279. ...........
  280. -----END RSA PRIVATE KEY-----
  281. pub: |
  282. ...........
  283. # These reactors will be configured both in the minion and the master
  284. reactors:
  285. - 'deploy':
  286. - /srv/salt/reactors/deploy.sls
  287. salt_cloud_certs:
  288. aws:
  289. pem: |
  290. -----BEGIN RSA PRIVATE KEY-----
  291. ...........
  292. -----END RSA PRIVATE KEY-----
  293. gce:
  294. pem: |
  295. -----BEGIN RSA PRIVATE KEY-----
  296. ...........
  297. -----END RSA PRIVATE KEY-----
  298. salt_formulas:
  299. git_opts:
  300. # The Git options can be customized differently for each
  301. # environment, if an option is missing in a given environment, the
  302. # value from "default" is used instead.
  303. default:
  304. # URL where the formulas git repositories are downloaded from
  305. # it will be suffixed with <formula-name>.git
  306. baseurl: https://github.com/saltstack-formulas
  307. # Directory where Git repositories are downloaded
  308. basedir: /srv/formulas
  309. # Update the git repository to the latest version (False by default)
  310. update: False
  311. # Options passed directly to the git.latest state
  312. options:
  313. rev: master
  314. user: username
  315. identity: /path/to/.ssh/id_rsa_github_username
  316. dev:
  317. basedir: /srv/formulas/dev
  318. update: True
  319. options:
  320. rev: develop
  321. # Alternatively, a single directory with multiple branches can be used
  322. # E.g. It is strongly recommended to fork saltstack-formula repositories
  323. # to avoid unexpected changes to your infrastructure
  324. # Then upstream changes can be merged in manually with due consideration
  325. # Specific values for `rev`, `user` & `identity` will override the defaults
  326. production:
  327. baseurl: git@github.com:username
  328. options:
  329. branch: master
  330. remote: origin
  331. staging:
  332. baseurl: git@github.com:username
  333. options:
  334. branch: staging
  335. remote: origin
  336. rev: staging
  337. upstream:
  338. baseurl: git@github.com:saltstack-formulas
  339. update: True
  340. options:
  341. branch: upstream
  342. remote: upstream
  343. # Options of the file.directory state that creates the directory where
  344. # the git repositories of the formulas are stored
  345. basedir_opts:
  346. makedirs: True
  347. user: root
  348. group: root
  349. mode: 755
  350. # Explicitly checkout the original branch for repos after the
  351. # git.latest states have been processed (False by default)
  352. # Enable if using the alternative method (single directory, multiple branches)
  353. checkout_orig_branch: True
  354. # List of formulas to enable in each environment
  355. list:
  356. base:
  357. - salt-formula
  358. - postfix-formula
  359. dev:
  360. - salt-formula
  361. - postfix-formula
  362. - openssh-formula
  363. # Likewise for the alternative method (single directory, multiple branches)
  364. production:
  365. - salt-formula
  366. - openssh-formula
  367. staging:
  368. - salt-formula
  369. - postfix-formula
  370. - openssh-formula
  371. upstream:
  372. - salt-formula
  373. - postfix-formula
  374. - openssh-formula