Saltstack Official Salt Formula

11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
10 роки тому
8 роки тому
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287
  1. salt:
  2. # Set this to true to clean any non-salt-formula managed files out of
  3. # /etc/salt/{master,minion}.d ... You really don't want to do this on 2015.2
  4. # and up as it'll wipe out important files that Salt relies on.
  5. clean_config_d_dir: False
  6. # This state will remove "/etc/salt/minion" when you set this to true.
  7. minion_remove_config: True
  8. # This state will remove "/etc/salt/master" when you set this to true.
  9. master_remove_config: True
  10. # Set this to False to not have the formula install packages (in the case you
  11. # install Salt via git/pip/etc.)
  12. install_packages: True
  13. # to overwrite map.jinja salt packages
  14. lookup:
  15. salt-master: 'salt-master'
  16. salt-minion: 'salt-minion'
  17. salt-syndic: 'salt-syndic'
  18. salt-cloud: 'salt-cloud'
  19. salt-ssh: 'salt-ssh'
  20. # salt master config
  21. master:
  22. fileserver_backend:
  23. - git
  24. - s3fs
  25. - roots
  26. gitfs_remotes:
  27. - git://github.com/saltstack-formulas/salt-formula.git:
  28. - base: develop
  29. s3.keyid: GKTADJGHEIQSXMKKRBJ08H
  30. s3.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
  31. s3.buckets:
  32. - bucket1
  33. - bucket2
  34. - bucket3
  35. - bucket4
  36. file_roots:
  37. base:
  38. - /srv/salt
  39. pillar_roots:
  40. base:
  41. - /srv/pillar
  42. # for salt-api with tornado rest interface
  43. rest_tornado:
  44. port: 8000
  45. ssl_crt: /etc/pki/api/certs/server.crt
  46. ssl_key: /etc/pki/api/certs/server.key
  47. debug: False
  48. disable_ssl: False
  49. # for profile configuration as https://docs.saltstack.com/en/latest/topics/tutorials/lxc.html#tutorial-lxc-profiles
  50. lxc.container_profile:
  51. debian:
  52. template: download
  53. options:
  54. dist: debian
  55. release: jessie
  56. arch: amd64
  57. backing: lvm
  58. vgname: kimsufi
  59. size: 10G
  60. lxc.network_profile:
  61. basic:
  62. eth0:
  63. link: lxcbr0
  64. type: veth
  65. flags: up
  66. ## for external auth - LDAP
  67. # filter to use for Active Directory LDAP
  68. auth.ldap.filter: {% raw %}'sAMAccountName={{username}}'{% endraw %}
  69. # filter to use for Most other LDAP servers
  70. auth.ldap.filter: {% raw %}'uid={{ username }}'{% endraw %}
  71. # Define winrepo provider, by default support order is pygit2, gitpython
  72. # Set to gitpython for Debian & Ubuntu to get around saltstack/salt#35993
  73. # where pygit2 is not compiled with pygit2.GIT_FEATURE_HTTPS support
  74. winrepo_provider: gitpython
  75. # optional engine configuration
  76. engines:
  77. slack:
  78. token: xoxp-XXXXX-XXXXXXX
  79. control: True
  80. valid_users:
  81. - someuser
  82. - otheruser
  83. valid_commands:
  84. - test.ping
  85. - list_jobs
  86. aliases:
  87. list_jobs:
  88. type: runner
  89. cmd: jobs.list_jobs
  90. # salt minion config:
  91. minion:
  92. # single master setup
  93. master: salt
  94. # multi master setup
  95. #master:
  96. #- salt_master_1
  97. #- salt_master_2
  98. fileserver_backend:
  99. - git
  100. - roots
  101. gitfs_remotes:
  102. - git://github.com/saltstack-formulas/salt-formula.git:
  103. - base: develop
  104. file_roots:
  105. base:
  106. - /srv/salt
  107. pillar_roots:
  108. base:
  109. - /srv/pillar
  110. module_config:
  111. test: True
  112. test.foo: foo
  113. test.bar:
  114. - baz
  115. - quo
  116. test.baz:
  117. spam: sausage
  118. cheese: bread
  119. # salt mine setup
  120. mine_interval: 60
  121. # mine_functions can be set at the top level of the pillar, and
  122. # that is preferable because it doesn't affect the conf file and
  123. # doesn't require a minion restart. However, you can configure it
  124. # here instead if you really want to.
  125. mine_functions:
  126. network.interface_ip: [eth0]
  127. # other 'non-default' config
  128. auth_keytab: /root/auth.keytab
  129. auth_principal: kadmin/admin
  130. # optional engine configuration
  131. engines:
  132. slack:
  133. token: xoxp-XXXXX-XXXXXXX
  134. control: True
  135. valid_users:
  136. - someuser
  137. - otheruser
  138. valid_commands:
  139. - test.ping
  140. - list_jobs
  141. aliases:
  142. list_jobs:
  143. type: runner
  144. cmd: jobs.list_jobs
  145. # salt cloud config
  146. cloud:
  147. master: salt
  148. # For non-templated custom cloud provider/profile/map files
  149. providers:
  150. provider-filename1.conf:
  151. vmware-prod:
  152. driver: vmware
  153. user: myusernameprod
  154. password: mypassword
  155. vmware-nonprod:
  156. driver: vmware
  157. user: myusernamenonprod
  158. password: mypassword
  159. profiles:
  160. profile-filename1.conf:
  161. server-non-prod:
  162. clonefrom: rhel6xtemplatenp
  163. grains:
  164. platform:
  165. name: salt
  166. realm: lab
  167. subscription_level: standard
  168. memory: 8GB
  169. num_cpus: 4
  170. password: sUpErsecretey
  171. provider: vmware-nonprod
  172. maps:
  173. map-filename1.map:
  174. server-non-prod:
  175. - host.mycompany.com:
  176. grains:
  177. environment: dev1
  178. # You can take profile and map templates from an alternate location
  179. # if you want to write your own.
  180. template_sources:
  181. providers: salt://salt/files/cloud.providers.d
  182. profiles: salt://salt/files/cloud.profiles.d
  183. maps: salt://salt/files/cloud.maps.d
  184. # These settings are used by the default provider templates and
  185. # only need to be set for the ones you're using.
  186. aws_key: AWSKEYIJSHJAIJS6JSH
  187. aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
  188. gce_project: test
  189. gce_service_account_email_address: 867543072364-orl4h2tpp8jcn1tr9ipj@developer.gserviceaccount.com
  190. rsos_user: afeawofghob
  191. rsos_tenant: tenant_id_number
  192. rsos_apikey: WFJIOJEOIGHSOFHESO
  193. rsos_regions:
  194. - ORD
  195. - DFW
  196. - IAD
  197. - SYD
  198. - HKG
  199. reactor:
  200. - 'deploy':
  201. - /srv/salt/reactors/deploy.sls
  202. ssh_roster:
  203. prod1:
  204. host: host.example.com
  205. user: ubuntu
  206. sudo: True
  207. priv: /etc/salt/ssh_keys/sshkey.pem
  208. gitfs:
  209. keys:
  210. global:
  211. # key and pub end up being the extension used on the key file. values other than key and pub are possible
  212. key: |
  213. -----BEGIN RSA PRIVATE KEY-----
  214. ...........
  215. -----END RSA PRIVATE KEY-----
  216. pub: |
  217. ...........
  218. salt_cloud_certs:
  219. aws:
  220. pem: |
  221. -----BEGIN RSA PRIVATE KEY-----
  222. ...........
  223. -----END RSA PRIVATE KEY-----
  224. gce:
  225. pem: |
  226. -----BEGIN RSA PRIVATE KEY-----
  227. ...........
  228. -----END RSA PRIVATE KEY-----
  229. salt_formulas:
  230. git_opts:
  231. # The Git options can be customized differently for each
  232. # environment, if an option is missing in a given environment, the
  233. # value from "default" is used instead.
  234. default:
  235. # URL where the formulas git repositories are downloaded from
  236. # it will be suffixed with <formula-name>.git
  237. baseurl: https://github.com/saltstack-formulas
  238. # Directory where Git repositories are downloaded
  239. basedir: /srv/formulas
  240. # Update the git repository to the latest version (False by default)
  241. update: False
  242. # Options passed directly to the git.latest state
  243. options:
  244. rev: master
  245. dev:
  246. basedir: /srv/formulas/dev
  247. update: True
  248. options:
  249. rev: develop
  250. # Options of the file.directory state that creates the directory where
  251. # the git repositories of the formulas are stored
  252. basedir_opts:
  253. makedirs: True
  254. user: root
  255. group: root
  256. mode: 755
  257. # List of formulas to enable in each environment
  258. list:
  259. base:
  260. - salt-formula
  261. - postfix-formula
  262. dev:
  263. - salt-formula
  264. - postfix-formula
  265. - openssh-formula