Saltstack Official Salt Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

373 lines
10KB

  1. # This file managed by Salt, do not edit by hand!!
  2. # Based on salt version 0.17.4 default config
  3. {% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs'] -%}
  4. {% set cfg_salt = pillar.get('salt', {}) -%}
  5. {% set cfg_minion = cfg_salt.get('minion', {}) -%}
  6. {%- macro get_config(configname, default_value) -%}
  7. {%- if configname in cfg_minion -%}
  8. {{ configname }}: {{ cfg_minion[configname] }}
  9. {%- elif configname in cfg_salt and configname not in reserved_keys -%}
  10. {{ configname }}: {{ cfg_salt[configname] }}
  11. {%- else -%}
  12. #{{ configname }}: {{ default_value }}
  13. {%- endif -%}
  14. {%- endmacro -%}
  15. {%- from 'salt/formulas.jinja' import file_roots, formulas with context -%}
  16. ##### Primary configuration settings #####
  17. ##########################################
  18. # minion includes
  19. {{ get_config('default_include', 'minion.d/*.conf') }}
  20. # master configs
  21. {%- if 'master' in cfg_minion -%}
  22. {%- if cfg_minion['master'] is not string %}
  23. master:
  24. {% for name in cfg_minion['master'] -%}
  25. - {{ name }}
  26. {% endfor -%}
  27. {%- else %}
  28. {{ get_config('master', 'salt') }}
  29. {%- endif %}
  30. {% elif 'master' in cfg_salt -%}
  31. {%- if cfg_salt['master'] is not string %}
  32. master:
  33. {% for name in cfg_salt['master'] -%}
  34. - {{ name }}
  35. {% endfor -%}
  36. {%- else %}
  37. {{ get_config('master', 'salt') }}
  38. {%- endif -%}
  39. {%- endif %}
  40. # choose a random master
  41. {{ get_config('random_master', 'False') }}
  42. # use IPv6
  43. {{ get_config('ipv6', 'False') }}
  44. # name resolution retries
  45. {{ get_config('retry_dns', '30') }}
  46. # master port
  47. {{ get_config('master_port', '4506') }}
  48. # user to run salt.
  49. {{ get_config('user', 'root') }}
  50. # PID file
  51. {{ get_config('pidfile', '/var/run/salt-minion.pid') }}
  52. # root dir
  53. {{ get_config('root_dir', '/') }}
  54. # pki dir
  55. {{ get_config('pki_dir', '/etc/salt/pki/minion') }}
  56. # minion id
  57. {% if 'id' in cfg_minion -%}
  58. id: {{ cfg_minion['id'] }}
  59. {% else -%}
  60. #id:
  61. {%- endif %}
  62. # domain name for hostnames
  63. {{ get_config('append_domain', '') }}
  64. # custom grains
  65. {{ get_config('grains', '{}') }}
  66. # cache location
  67. {{ get_config('cachedir', '/var/cache/salt/minion') }}
  68. # environment verification
  69. {{ get_config('verify_env', 'True') }}
  70. # cache executed jobs
  71. {{ get_config('cache_jobs', 'False') }}
  72. # unix socket location
  73. {{ get_config('sock_dir', '/var/run/salt/minion') }}
  74. # output formatter
  75. {{ get_config('output', 'nested') }}
  76. # output color
  77. {{ get_config('color', 'True') }}
  78. # remove nested color
  79. {{ get_config('strip_colors', 'False') }}
  80. # backup modified files
  81. {{ get_config('backup_mode', 'minion') }}
  82. # key acceptance time
  83. {{ get_config('acceptance_wait_time', '10') }}
  84. # maximum acceptance wait
  85. {{ get_config('acceptance_wait_time_max', '0') }}
  86. # retry key
  87. {{ get_config('rejected_retry', 'False') }}
  88. # time to wait for trying reauth
  89. {{ get_config('random_reauth_delay', '60') }}
  90. # auth wait timeout
  91. {{ get_config('auth_timeout', '60') }}
  92. # auth retries
  93. {{ get_config('auth_tries', '7') }}
  94. # retry auth if ping failed
  95. {{ get_config('auth_safemode', 'False') }}
  96. # master ping interval
  97. {{ get_config('ping_interval', '0') }}
  98. # salt mine functions execution interval
  99. {{ get_config('mine_interval', '60') }}
  100. # mine functions
  101. {%- if 'mine_functions' in cfg_minion %}
  102. mine_functions:
  103. {%- for func, args in cfg_minion['mine_functions'].items() %}
  104. {{ func }}: {{ args }}
  105. {%- endfor %}
  106. {%- endif %}
  107. # reconnection parameters
  108. {{ get_config('recon_default', '100') }}
  109. {{ get_config('recon_max', '5000') }}
  110. {{ get_config('recon_randomize', 'False') }}
  111. # minion scheduler interval
  112. {{ get_config('loop_interval', '60') }}
  113. # grain refresh interval
  114. {{ get_config('grains_refresh_every', '1') }}
  115. # cache grains in minion
  116. {{ get_config('grains_cache', 'False') }}
  117. # grains cache expiration interval
  118. {{ get_config('grains_cache_expiration', '300') }}
  119. # ipc method
  120. {{ get_config('ipc_mode', 'ipc') }}
  121. # ipc tcp ports
  122. {{ get_config('tcp_pub_port', '4510') }}
  123. {{ get_config('tcp_pull_port', '4511') }}
  124. # max event size in minion bus
  125. {{ get_config('max_event_size', '1048576') }}
  126. # master check alive interval
  127. {{ get_config('master_alive_interval', '30') }}
  128. # verify_master_pubkey_sign
  129. {{ get_config('verify_master_pubkey_sign', 'False') }}
  130. # include extra config
  131. {% if 'include' in cfg_minion -%}
  132. {% if isinstance(cfg_minion['include'], list) -%}
  133. include:
  134. {% for include in cfg_minion['include'] -%}
  135. - {{ include }}
  136. {% endfor -%}
  137. {% else -%}
  138. include: cfg_minion['include']
  139. {% endif -%}
  140. {% elif 'include' in cfg_salt -%}
  141. {% if isinstance(cfg_salt['include'], list) -%}
  142. include:
  143. {% for include in cfg_salt['include'] -%}
  144. - {{ include }}
  145. {% endfor -%}
  146. {% else -%}
  147. include: cfg_salt['include']
  148. {% endif -%}
  149. {% endif -%}
  150. ##### Minion module management #####
  151. ##########################################
  152. # disable modules
  153. {{ get_config('disable_modules', '[cmd,test]') }}
  154. {{ get_config('disable_returners', '[]') }}
  155. #
  156. # minion modules search paths
  157. {{ get_config('module_dirs', '[]') }}
  158. {{ get_config('returner_dirs', '[]') }}
  159. {{ get_config('states_dirs', '[]') }}
  160. {{ get_config('render_dirs', '[]') }}
  161. {{ get_config('utils_dirs', '[]') }}
  162. # module overrides
  163. {{ get_config('providers', '{}') }}
  164. # enable cython modules
  165. {{ get_config('cython_enable', 'False') }}
  166. # max module size
  167. {{ get_config('modules_max_memory', '-1') }}
  168. ##### State Management Settings #####
  169. ###########################################
  170. # renderer selection
  171. {{ get_config('renderer', 'yaml_jinja') }}
  172. # fail on first failure
  173. {{ get_config('failhard', 'False') }}
  174. # auto reload dynamic modules
  175. {{ get_config('autoload_dynamic_modules', 'True') }}
  176. # sync dynamic modules with deletion
  177. {{ get_config('clean_dynamic_modules', 'True') }}
  178. # minion accepted environment
  179. {{ get_config('environment', 'None') }}
  180. # top state file
  181. {{ get_config('state_top', 'top.sls') }}
  182. # states to run in minion daemon
  183. {{ get_config('startup_states', "''") }}
  184. # sls states to run
  185. {{ get_config('sls_list', '[]') }}
  186. # top file to run
  187. {{ get_config('top_file', "''") }}
  188. ##### File Directory Settings #####
  189. ##########################################
  190. # file client location
  191. {%- if standalone %}
  192. file_client: local
  193. {%- else %}
  194. {{ get_config('file_client', 'remote') }}
  195. {%- endif %}
  196. # environment file roots
  197. {% if 'file_roots' in cfg_minion -%}
  198. {{ file_roots(cfg_minion['file_roots']) }}
  199. {%- elif 'file_roots' in cfg_salt -%}
  200. {{ file_roots(cfg_salt['file_roots']) }}
  201. {%- elif formulas|length -%}
  202. {{ file_roots({'base': ['/srv/salt']}) }}
  203. {%- endif %}
  204. # limit fileserver traversal
  205. {{ get_config('fileserver_limit_traversal', 'False') }}
  206. # gitfs provider
  207. {{ get_config('gitfs_provider', 'pygit2') }}
  208. # gitfs remotes
  209. {% if 'gitfs_remotes' in cfg_minion -%}
  210. gitfs_remotes:
  211. {%- for remote in cfg_minion['gitfs_remotes'] %}
  212. {%- if remote is iterable and remote is not string %}
  213. {%- for repo, children in remote.items() %}
  214. - {{ repo }}:
  215. {%- for child in children %}
  216. {%- for key, value in child.items() %}
  217. - {{ key }}: {{ value }}
  218. {%- endfor -%}
  219. {%- endfor -%}
  220. {%- endfor -%}
  221. {%- else %}
  222. - {{ remote }}
  223. {%- endif -%}
  224. {%- endfor -%}
  225. {%- endif %}
  226. # verify git ssl errors
  227. {{ get_config('gitfs_ssl_verify', 'True') }}
  228. # gitfs root dir
  229. {{ get_config('gitfs_root', 'somefolder/otherfolder') }}
  230. # file hash method
  231. {{ get_config('hash_type', 'md5') }}
  232. # pillar roots
  233. {% if 'pillar_roots' in cfg_minion -%}
  234. pillar_roots:
  235. {%- for name, roots in cfg_minion['pillar_roots']|dictsort %}
  236. {{ name }}:
  237. {%- for dir in roots %}
  238. - {{ dir }}
  239. {%- endfor -%}
  240. {%- endfor -%}
  241. {% elif 'pillar_roots' in cfg_salt -%}
  242. pillar_roots:
  243. {%- for name, roots in cfg_salt['pillar_roots']|dictsort %}
  244. {{ name }}:
  245. {%- for dir in roots %}
  246. - {{ dir }}
  247. {%- endfor -%}
  248. {%- endfor -%}
  249. {%- endif %}
  250. ###### Security settings #####
  251. ###########################################
  252. # disable authentication
  253. {{ get_config('open_mode', 'False') }}
  254. # allow access to pki dir
  255. {{ get_config('permissive_pki_access', 'False') }}
  256. # print verbose changes
  257. {{ get_config('state_verbose', 'True') }}
  258. # multi line output
  259. {{ get_config('state_output', 'full') }}
  260. # output diff
  261. {{ get_config('state_output_diff', 'False') }}
  262. # master fingerprint
  263. {{ get_config('master_finger', "''") }}
  264. ###### Thread settings #####
  265. ###########################################
  266. # enable multiprocessing
  267. {{ get_config('multiprocessing', 'True') }}
  268. ##### Logging settings #####
  269. ##########################################
  270. # log file and log lock file location
  271. {{ get_config('log_file', '/var/log/salt/minion') }}
  272. {{ get_config('key_logfile', ' /var/log/salt/key') }}
  273. # console log level
  274. {{ get_config('log_level', 'warning') }}
  275. # logfile log level
  276. {{ get_config('log_level_logfile', '') }}
  277. # datetime format for console and logfile
  278. {{ get_config('log_datefmt', "'%H:%M:%S'") }}
  279. {{ get_config('log_datefmt_logfile', "'%Y-%m-%d %H:%M:%S'") }}
  280. # log format for console and logfiles
  281. {{ get_config('log_fmt_console', "'[%(levelname)-8s] %(message)s'") }}
  282. {{ get_config('log_fmt_logfile', "'%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'") }}
  283. # log particular modules
  284. {{ get_config('log_granular_levels', '{}') }}
  285. ###### Module configuration #####
  286. ###########################################
  287. # module parameters
  288. {%- if 'module_config' in cfg_minion %}
  289. {%- for modkey, modval in cfg_minion.module_config.items() %}
  290. {{ modkey }}: {{ modval }}
  291. {%- endfor %}
  292. {%- endif %}
  293. ###### Update settings ######
  294. ###########################################
  295. # update url
  296. {{ get_config('update_url', 'False') }}
  297. # services to restart after update
  298. {{ get_config('update_restart_services', '[]') }}
  299. ###### Keepalive settings ######
  300. ############################################
  301. # use tcp keepalive
  302. {{ get_config('tcp_keepalive', 'True') }}
  303. # first keepalive from idle
  304. {{ get_config('tcp_keepalive_idle', '300') }}
  305. # keepalive number for connection lost
  306. {{ get_config('tcp_keepalive_cnt', '-1') }}
  307. # keepalive interval
  308. {{ get_config('tcp_keepalive_intvl', '-1') }}
  309. ###### Windows Software settings ######
  310. ############################################
  311. # windows repo cache
  312. {{ get_config('win_repo_cachefile', 'salt://win/repo/winrepo.p') }}