Saltstack Official Salt Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
пре 11 година
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574
  1. # This file managed by Salt, do not edit by hand!!
  2. # Based on salt version 0.17.4 default config
  3. {% set salt = pillar.get('salt', {}) -%}
  4. {% set minion = salt.get('minion', {}) -%}
  5. {%- macro get_config(configname, default_value) -%}
  6. {%- if configname in minion -%}
  7. {{ configname }}: {{ minion[configname] }}
  8. {%- elif configname in salt -%}
  9. {{ configname }}: {{ salt[configname] }}
  10. {%- else -%}
  11. #{{ configname }}: {{ default_value }}
  12. {%- endif -%}
  13. {%- endmacro -%}
  14. ##### Primary configuration settings #####
  15. ##########################################
  16. # Per default the minion will automatically include all config files
  17. # from minion.d/*.conf (minion.d is a directory in the same directory
  18. # as the main minion config file).
  19. {{ get_config('default_include', 'minion.d/*.conf') }}
  20. # Set the location of the salt master server, if the master server cannot be
  21. # resolved, then the minion will fail to start.
  22. {{ get_config('master', 'salt') }}
  23. # Set whether the minion should connect to the master via IPv6
  24. {{ get_config('ipv6', 'False') }}
  25. # Set the number of seconds to wait before attempting to resolve
  26. # the master hostname if name resolution fails. Defaults to 30 seconds.
  27. # Set to zero if the minion should shutdown and not retry.
  28. {{ get_config('retry_dns', '30') }}
  29. # Set the port used by the master reply and authentication server
  30. {{ get_config('master_port', '4506') }}
  31. # The user to run salt
  32. {{ get_config('user', 'root') }}
  33. # Specify the location of the daemon process ID file
  34. {{ get_config('pidfile', '/var/run/salt-minion.pid') }}
  35. # The root directory prepended to these options: pki_dir, cachedir, log_file,
  36. # sock_dir, pidfile.
  37. {{ get_config('root_dir', '/') }}
  38. # The directory to store the pki information in
  39. {{ get_config('pki_dir', '/etc/salt/pki/minion') }}
  40. # Explicitly declare the id for this minion to use, if left commented the id
  41. # will be the hostname as returned by the python call: socket.getfqdn()
  42. # Since salt uses detached ids it is possible to run multiple minions on the
  43. # same machine but with different ids, this can be useful for salt compute
  44. # clusters.
  45. {% if 'id' in minion -%}
  46. id: {{ minion['id'] }}
  47. {% else -%}
  48. #id:
  49. {%- endif %}
  50. # Append a domain to a hostname in the event that it does not exist. This is
  51. # useful for systems where socket.getfqdn() does not actually result in a
  52. # FQDN (for instance, Solaris).
  53. {{ get_config('append_domain', '') }}
  54. # Custom static grains for this minion can be specified here and used in SLS
  55. # files just like all other grains. This example sets 4 custom grains, with
  56. # the 'roles' grain having two values that can be matched against:
  57. #grains:
  58. # roles:
  59. # - webserver
  60. # - memcache
  61. # deployment: datacenter4
  62. # cabinet: 13
  63. # cab_u: 14-15
  64. {{ get_config('grains', '{}') }}
  65. # Where cache data goes
  66. {{ get_config('cachedir', '/var/cache/salt/minion') }}
  67. # Verify and set permissions on configuration directories at startup
  68. {{ get_config('verify_env', 'True') }}
  69. # The minion can locally cache the return data from jobs sent to it, this
  70. # can be a good way to keep track of jobs the minion has executed
  71. # (on the minion side). By default this feature is disabled, to enable
  72. # set cache_jobs to True
  73. {{ get_config('cache_jobs', 'False') }}
  74. # set the directory used to hold unix sockets
  75. {{ get_config('sock_dir', '/var/run/salt/minion') }}
  76. # Set the default outputter used by the salt-call command. The default is
  77. # "nested"
  78. {{ get_config('output', 'nested') }}
  79. #
  80. # By default output is colored, to disable colored output set the color value
  81. # to False
  82. {{ get_config('color', 'True') }}
  83. # Backup files that are replaced by file.managed and file.recurse under
  84. # 'cachedir'/file_backups relative to their original location and appended
  85. # with a timestamp. The only valid setting is "minion". Disabled by default.
  86. #
  87. # Alternatively this can be specified for each file in state files:
  88. #
  89. # /etc/ssh/sshd_config:
  90. # file.managed:
  91. # - source: salt://ssh/sshd_config
  92. # - backup: minion
  93. #
  94. {{ get_config('backup_mode', 'minion') }}
  95. # When waiting for a master to accept the minion's public key, salt will
  96. # continuously attempt to reconnect until successful. This is the time, in
  97. # seconds, between those reconnection attempts.
  98. {{ get_config('acceptance_wait_time', '10') }}
  99. # If this is nonzero, the time between reconnection attempts will increase by
  100. # acceptance_wait_time seconds per iteration, up to this maximum. If this is
  101. # set to zero, the time between reconnection attempts will stay constant.
  102. {{ get_config('acceptance_wait_time_max', '0') }}
  103. # When the master key changes, the minion will try to re-auth itself to receive
  104. # the new master key. In larger environments this can cause a SYN flood on the
  105. # master because all minions try to re-auth immediately. To prevent this and
  106. # have a minion wait for a random amount of time, use this optional parameter.
  107. # The wait-time will be a random number of seconds between
  108. # 0 and the defined value.
  109. {{ get_config('random_reauth_delay', '60') }}
  110. # If you don't have any problems with syn-floods, dont bother with the
  111. # three recon_* settings described below, just leave the defaults!
  112. #
  113. # The ZeroMQ pull-socket that binds to the masters publishing interface tries
  114. # to reconnect immediately, if the socket is disconnected (for example if
  115. # the master processes are restarted). In large setups this will have all
  116. # minions reconnect immediately which might flood the master (the ZeroMQ-default
  117. # is usually a 100ms delay). To prevent this, these three recon_* settings
  118. # can be used.
  119. #
  120. # recon_default: the interval in milliseconds that the socket should wait before
  121. # trying to reconnect to the master (100ms = 1 second)
  122. #
  123. # recon_max: the maximum time a socket should wait. each interval the time to wait
  124. # is calculated by doubling the previous time. if recon_max is reached,
  125. # it starts again at recon_default. Short example:
  126. #
  127. # reconnect 1: the socket will wait 'recon_default' milliseconds
  128. # reconnect 2: 'recon_default' * 2
  129. # reconnect 3: ('recon_default' * 2) * 2
  130. # reconnect 4: value from previous interval * 2
  131. # reconnect 5: value from previous interval * 2
  132. # reconnect x: if value >= recon_max, it starts again with recon_default
  133. #
  134. # recon_randomize: generate a random wait time on minion start. The wait time will
  135. # be a random value between recon_default and recon_default +
  136. # recon_max. Having all minions reconnect with the same recon_default
  137. # and recon_max value kind of defeats the purpose of being able to
  138. # change these settings. If all minions have the same values and your
  139. # setup is quite large (several thousand minions), they will still
  140. # flood the master. The desired behaviour is to have timeframe within
  141. # all minions try to reconnect.
  142. # Example on how to use these settings:
  143. # The goal: have all minions reconnect within a 60 second timeframe on a disconnect
  144. #
  145. # The settings:
  146. #recon_default: 1000
  147. #recon_max: 59000
  148. #recon_randomize: True
  149. #
  150. # Each minion will have a randomized reconnect value between 'recon_default'
  151. # and 'recon_default + recon_max', which in this example means between 1000ms
  152. # 60000ms (or between 1 and 60 seconds). The generated random-value will be
  153. # doubled after each attempt to reconnect. Lets say the generated random
  154. # value is 11 seconds (or 11000ms).
  155. #
  156. # reconnect 1: wait 11 seconds
  157. # reconnect 2: wait 22 seconds
  158. # reconnect 3: wait 33 seconds
  159. # reconnect 4: wait 44 seconds
  160. # reconnect 5: wait 55 seconds
  161. # reconnect 6: wait time is bigger than 60 seconds (recon_default + recon_max)
  162. # reconnect 7: wait 11 seconds
  163. # reconnect 8: wait 22 seconds
  164. # reconnect 9: wait 33 seconds
  165. # reconnect x: etc.
  166. #
  167. # In a setup with ~6000 thousand hosts these settings would average the reconnects
  168. # to about 100 per second and all hosts would be reconnected within 60 seconds.
  169. {{ get_config('recon_default', '100') }}
  170. {{ get_config('recon_max', '5000') }}
  171. {{ get_config('recon_randomize', 'False') }}
  172. # The loop_interval sets how long in seconds the minion will wait between
  173. # evaluating the scheduler and running cleanup tasks. This defaults to a
  174. # sane 60 seconds, but if the minion scheduler needs to be evaluated more
  175. # often lower this value
  176. {{ get_config('loop_interval', '60') }}
  177. # When healing, a dns_check is run. This is to make sure that the originally
  178. # resolved dns has not changed. If this is something that does not happen in
  179. # your environment, set this value to False.
  180. {{ get_config('dns_check', 'True') }}
  181. # Windows platforms lack posix IPC and must rely on slower TCP based inter-
  182. # process communications. Set ipc_mode to 'tcp' on such systems
  183. {{ get_config('ipc_mode', 'ipc') }}
  184. #
  185. # Overwrite the default tcp ports used by the minion when in tcp mode
  186. {{ get_config('tcp_pub_port', '4510') }}
  187. {{ get_config('tcp_pull_port', '4511') }}
  188. # The minion can include configuration from other files. To enable this,
  189. # pass a list of paths to this option. The paths can be either relative or
  190. # absolute; if relative, they are considered to be relative to the directory
  191. # the main minion configuration file lives in (this file). Paths can make use
  192. # of shell-style globbing. If no files are matched by a path passed to this
  193. # option then the minion will log a warning message.
  194. #
  195. #
  196. # Include a config file from some other path:
  197. # include: /etc/salt/extra_config
  198. #
  199. # Include config from several files and directories:
  200. #include:
  201. # - /etc/salt/extra_config
  202. # - /etc/roles/webserver
  203. {% if 'include' in minion -%}
  204. {% if isinstance(minion['include'], list) -%}
  205. include:
  206. {% for include in minion['include'] -%}
  207. - {{ include }}
  208. {% endfor -%}
  209. {% else -%}
  210. include: minion['include']
  211. {% endif -%}
  212. {% elif 'include' in salt -%}
  213. {% if isinstance(salt['include'], list) -%}
  214. include:
  215. {% for include in salt['include'] -%}
  216. - {{ include }}
  217. {% endfor -%}
  218. {% else -%}
  219. include: salt['include']
  220. {% endif -%}
  221. {% endif -%}
  222. ##### Minion module management #####
  223. ##########################################
  224. # Disable specific modules. This allows the admin to limit the level of
  225. # access the master has to the minion
  226. {{ get_config('disable_modules', '[cmd,test]') }}
  227. {{ get_config('disable_returners', '[]') }}
  228. #
  229. # Modules can be loaded from arbitrary paths. This enables the easy deployment
  230. # of third party modules. Modules for returners and minions can be loaded.
  231. # Specify a list of extra directories to search for minion modules and
  232. # returners. These paths must be fully qualified!
  233. {{ get_config('module_dirs', '[]') }}
  234. {{ get_config('returner_dirs', '[]') }}
  235. {{ get_config('states_dirs', '[]') }}
  236. {{ get_config('render_dirs', '[]') }}
  237. #
  238. # A module provider can be statically overwritten or extended for the minion
  239. # via the providers option, in this case the default module will be
  240. # overwritten by the specified module. In this example the pkg module will
  241. # be provided by the yumpkg5 module instead of the system default.
  242. #
  243. #providers:
  244. # pkg: yumpkg5
  245. {{ get_config('providers', '{}') }}
  246. #
  247. # Enable Cython modules searching and loading. (Default: False)
  248. {{ get_config('cython_enable', 'False') }}
  249. #
  250. ##### State Management Settings #####
  251. ###########################################
  252. # The state management system executes all of the state templates on the minion
  253. # to enable more granular control of system state management. The type of
  254. # template and serialization used for state management needs to be configured
  255. # on the minion, the default renderer is yaml_jinja. This is a yaml file
  256. # rendered from a jinja template, the available options are:
  257. # yaml_jinja
  258. # yaml_mako
  259. # yaml_wempy
  260. # json_jinja
  261. # json_mako
  262. # json_wempy
  263. #
  264. {{ get_config('renderer', 'yaml_jinja') }}
  265. #
  266. # The failhard option tells the minions to stop immediately after the first
  267. # failure detected in the state execution, defaults to False
  268. {{ get_config('failhard', 'False') }}
  269. #
  270. # autoload_dynamic_modules Turns on automatic loading of modules found in the
  271. # environments on the master. This is turned on by default, to turn of
  272. # autoloading modules when states run set this value to False
  273. {{ get_config('autoload_dynamic_modules', 'True') }}
  274. #
  275. # clean_dynamic_modules keeps the dynamic modules on the minion in sync with
  276. # the dynamic modules on the master, this means that if a dynamic module is
  277. # not on the master it will be deleted from the minion. By default this is
  278. # enabled and can be disabled by changing this value to False
  279. {{ get_config('clean_dynamic_modules', 'True') }}
  280. #
  281. # Normally the minion is not isolated to any single environment on the master
  282. # when running states, but the environment can be isolated on the minion side
  283. # by statically setting it. Remember that the recommended way to manage
  284. # environments is to isolate via the top file.
  285. {{ get_config('environment', 'None') }}
  286. #
  287. # If using the local file directory, then the state top file name needs to be
  288. # defined, by default this is top.sls.
  289. {{ get_config('state_top', 'top.sls') }}
  290. #
  291. # Run states when the minion daemon starts. To enable, set startup_states to:
  292. # 'highstate' -- Execute state.highstate
  293. # 'sls' -- Read in the sls_list option and execute the named sls files
  294. # 'top' -- Read top_file option and execute based on that file on the Master
  295. {{ get_config('startup_states', "''") }}
  296. #
  297. # list of states to run when the minion starts up if startup_states is 'sls'
  298. #sls_list:
  299. # - edit.vim
  300. # - hyper
  301. {{ get_config('sls_list', '[]') }}
  302. # top file to execute if startup_states is 'top'
  303. {{ get_config('top_file', "''") }}
  304. ##### File Directory Settings #####
  305. ##########################################
  306. # The Salt Minion can redirect all file server operations to a local directory,
  307. # this allows for the same state tree that is on the master to be used if
  308. # copied completely onto the minion. This is a literal copy of the settings on
  309. # the master but used to reference a local directory on the minion.
  310. # Set the file client. The client defaults to looking on the master server for
  311. # files, but can be directed to look at the local file directory setting
  312. # defined below by setting it to local.
  313. {{ get_config('file_client', 'remote') }}
  314. # The file directory works on environments passed to the minion, each environment
  315. # can have multiple root directories, the subdirectories in the multiple file
  316. # roots cannot match, otherwise the downloaded files will not be able to be
  317. # reliably ensured. A base environment is required to house the top file.
  318. # Example:
  319. # file_roots:
  320. # base:
  321. # - /srv/salt/
  322. # dev:
  323. # - /srv/salt/dev/services
  324. # - /srv/salt/dev/states
  325. # prod:
  326. # - /srv/salt/prod/services
  327. # - /srv/salt/prod/states
  328. #
  329. # Default:
  330. {% if 'file_roots' in minion -%}
  331. file_roots:
  332. {% for name, roots in minion['file_roots'].items() -%}
  333. {{ name }}:
  334. {% for dir in roots -%}
  335. - {{ dir }}
  336. {% endfor -%}
  337. {% endfor -%}
  338. {% elif 'file_roots' in salt -%}
  339. file_roots:
  340. {% for name, roots in salt['file_roots'].items() -%}
  341. {{ name }}:
  342. {% for dir in roots -%}
  343. - {{ dir }}
  344. {% endfor -%}
  345. {% endfor -%}
  346. {% else -%}
  347. #file_roots:
  348. # base:
  349. # - /srv/salt
  350. {%- endif %}
  351. # By default, the Salt fileserver recurses fully into all defined environments
  352. # to attempt to find files. To limit this behavior so that the fileserver only
  353. # traverses directories with SLS files and special Salt directories like _modules,
  354. # enable the option below. This might be useful for installations where a file root
  355. # has a very large number of files and performance is negatively impacted.
  356. #
  357. # Default is False.
  358. #
  359. {{ get_config('fileserver_limit_traversal', 'False') }}
  360. # The hash_type is the hash to use when discovering the hash of a file in
  361. # the local fileserver. The default is md5, but sha1, sha224, sha256, sha384
  362. # and sha512 are also supported.
  363. {{ get_config('hash_type', 'md5') }}
  364. # The Salt pillar is searched for locally if file_client is set to local. If
  365. # this is the case, and pillar data is defined, then the pillar_roots need to
  366. # also be configured on the minion:
  367. {% if 'pillar_roots' in minion -%}
  368. pillar_roots:
  369. {% for name, roots in minion['pillar_roots'].items() -%}
  370. {{ name }}:
  371. {% for dir in roots -%}
  372. - {{ dir }}
  373. {% endfor -%}
  374. {% endfor -%}
  375. {% elif 'pillar_roots' in salt -%}
  376. pillar_roots:
  377. {% for name, roots in salt['pillar_roots'].items() -%}
  378. {{ name }}:
  379. {% for dir in roots -%}
  380. - {{ dir }}
  381. {% endfor -%}
  382. {% endfor -%}
  383. {% else %}
  384. #pillar_roots:
  385. # base:
  386. # - /srv/pillar
  387. {%- endif %}
  388. ###### Security settings #####
  389. ###########################################
  390. # Enable "open mode", this mode still maintains encryption, but turns off
  391. # authentication, this is only intended for highly secure environments or for
  392. # the situation where your keys end up in a bad state. If you run in open mode
  393. # you do so at your own risk!
  394. {{ get_config('open_mode', 'False') }}
  395. # Enable permissive access to the salt keys. This allows you to run the
  396. # master or minion as root, but have a non-root group be given access to
  397. # your pki_dir. To make the access explicit, root must belong to the group
  398. # you've given access to. This is potentially quite insecure.
  399. {{ get_config('permissive_pki_access', 'False') }}
  400. # The state_verbose and state_output settings can be used to change the way
  401. # state system data is printed to the display. By default all data is printed.
  402. # The state_verbose setting can be set to True or False, when set to False
  403. # all data that has a result of True and no changes will be suppressed.
  404. {{ get_config('state_verbose', 'True') }}
  405. #
  406. # The state_output setting changes if the output is the full multi line
  407. # output for each changed state if set to 'full', but if set to 'terse'
  408. # the output will be shortened to a single line.
  409. {{ get_config('state_output', 'full') }}
  410. #
  411. # Fingerprint of the master public key to double verify the master is valid,
  412. # the master fingerprint can be found by running "salt-key -F master" on the
  413. # salt master.
  414. {{ get_config('master_finger', "''") }}
  415. ###### Thread settings #####
  416. ###########################################
  417. # Disable multiprocessing support, by default when a minion receives a
  418. # publication a new process is spawned and the command is executed therein.
  419. {{ get_config('multiprocessing', 'True') }}
  420. ##### Logging settings #####
  421. ##########################################
  422. # The location of the minion log file
  423. # The minion log can be sent to a regular file, local path name, or network
  424. # location. Remote logging works best when configured to use rsyslogd(8) (e.g.:
  425. # ``file:///dev/log``), with rsyslogd(8) configured for network logging. The URI
  426. # format is: <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
  427. #log_file: /var/log/salt/minion
  428. #log_file: file:///dev/log
  429. #log_file: udp://loghost:10514
  430. #
  431. {{ get_config('log_file', '/var/log/salt/minion') }}
  432. {{ get_config('key_logfile', ' /var/log/salt/key') }}
  433. #
  434. # The level of messages to send to the console.
  435. # One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
  436. # Default: 'warning'
  437. {{ get_config('log_level', 'warning') }}
  438. #
  439. # The level of messages to send to the log file.
  440. # One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
  441. # Default: 'warning'
  442. {{ get_config('log_level_logfile', '') }}
  443. # The date and time format used in log messages. Allowed date/time formating
  444. # can be seen here: http://docs.python.org/library/time.html#time.strftime
  445. {{ get_config('log_datefmt', "'%H:%M:%S'") }}
  446. {{ get_config('log_datefmt_logfile', "'%Y-%m-%d %H:%M:%S'") }}
  447. #
  448. # The format of the console logging messages. Allowed formatting options can
  449. # be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
  450. {{ get_config('log_fmt_console', "'[%(levelname)-8s] %(message)s'") }}
  451. {{ get_config('log_fmt_logfile', "'%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'") }}
  452. #
  453. # This can be used to control logging levels more specificically. This
  454. # example sets the main salt library at the 'warning' level, but sets
  455. # 'salt.modules' to log at the 'debug' level:
  456. # log_granular_levels:
  457. # 'salt': 'warning',
  458. # 'salt.modules': 'debug'
  459. #
  460. {{ get_config('log_granular_levels', '{}') }}
  461. ###### Module configuration #####
  462. ###########################################
  463. # Salt allows for modules to be passed arbitrary configuration data, any data
  464. # passed here in valid yaml format will be passed on to the salt minion modules
  465. # for use. It is STRONGLY recommended that a naming convention be used in which
  466. # the module name is followed by a . and then the value. Also, all top level
  467. # data must be applied via the yaml dict construct, some examples:
  468. #
  469. # You can specify that all modules should run in test mode:
  470. #test: True
  471. #
  472. # A simple value for the test module:
  473. #test.foo: foo
  474. #
  475. # A list for the test module:
  476. #test.bar: [baz,quo]
  477. #
  478. # A dict for the test module:
  479. #test.baz: {spam: sausage, cheese: bread}
  480. {%- if 'module_config' in minion %}
  481. {%- for modkey, modval in minion.module_config.items() %}
  482. {{ modkey }}: {{ modval }}
  483. {%- endfor %}
  484. {%- endif %}
  485. ###### Update settings ######
  486. ###########################################
  487. # Using the features in Esky, a salt minion can both run as a frozen app and
  488. # be updated on the fly. These options control how the update process
  489. # (saltutil.update()) behaves.
  490. #
  491. # The url for finding and downloading updates. Disabled by default.
  492. {{ get_config('update_url', 'False') }}
  493. #
  494. # The list of services to restart after a successful update. Empty by default.
  495. {{ get_config('update_restart_services', '[]') }}
  496. ###### Keepalive settings ######
  497. ############################################
  498. # ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by
  499. # the OS. If connections between the minion and the master pass through
  500. # a state tracking device such as a firewall or VPN gateway, there is
  501. # the risk that it could tear down the connection the master and minion
  502. # without informing either party that their connection has been taken away.
  503. # Enabling TCP Keepalives prevents this from happening.
  504. #
  505. # Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
  506. # or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
  507. {{ get_config('tcp_keepalive', 'True') }}
  508. #
  509. # How long before the first keepalive should be sent in seconds. Default 300
  510. # to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
  511. # on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
  512. {{ get_config('tcp_keepalive_idle', '300') }}
  513. #
  514. # How many lost probes are needed to consider the connection lost. Default -1
  515. # to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
  516. {{ get_config('tcp_keepalive_cnt', '-1') }}
  517. #
  518. # How often, in seconds, to send keepalives after the first one. Default -1 to
  519. # use OS defaults, typically 75 seconds on Linux, see
  520. # /proc/sys/net/ipv4/tcp_keepalive_intvl.
  521. {{ get_config('tcp_keepalive_intvl', '-1') }}
  522. ###### Windows Software settings ######
  523. ############################################
  524. # Location of the repository cache file on the master
  525. {{ get_config('win_repo_cachefile', 'salt://win/repo/winrepo.p') }}