Переглянути джерело
Remove trailing whitespaces in config templates.
Signed-off-by: Rene Jochum <rene@jochums.at>master
Rene Jochum
8 роки тому
2 змінених файлів з 32 додано та 32 видалено
+ 25
- 25
salt/files/master.d/f_defaults.conf
Переглянути файл
| @@ -59,7 +59,7 @@ | |||
| # Directory to store job and cache data: | |||
| # This directory may contain sensitive data and should be protected accordingly. | |||
| # | |||
| # | |||
| {{ get_config('cachedir', '/var/cache/salt/master') }} | |||
| # Directory for custom modules. This directory can contain subdirectories for | |||
| @@ -133,7 +133,7 @@ module_dirs: | |||
| {{ get_config('minion_data_cache', 'True') }} | |||
| # Store all returns in the given returner. | |||
| # Setting this option requires that any returner-specific configuration also | |||
| # Setting this option requires that any returner-specific configuration also | |||
| # be set. See various returners in salt/returners for details on required | |||
| # configuration values. (See also, event_return_queue below.) | |||
| {{ get_config('event_return', 'mysql') }} | |||
| @@ -195,12 +195,12 @@ event_return_blacklist: | |||
| # the key rotation event as minions reconnect. Consider this carefully if this | |||
| # salt master is managing a large number of minions. | |||
| # | |||
| # If disabled, it is recommended to handle this event by listening for the | |||
| # If disabled, it is recommended to handle this event by listening for the | |||
| # 'aes_key_rotate' event with the 'key' tag and acting appropriately. | |||
| {{ get_config('ping_on_rotate', 'False') }} | |||
| # By default, the master deletes its cache of minion data when the key for that | |||
| # minion is removed. To preserve the cache after key deletion, set | |||
| # minion is removed. To preserve the cache after key deletion, set | |||
| # 'preserve_minion_cache' to True. | |||
| # | |||
| # WARNING: This may have security implications if compromised minions auth with | |||
| @@ -379,7 +379,7 @@ client_acl_blacklist: | |||
| {% endif %} | |||
| # Enforce client_acl & client_acl_blacklist when users have sudo | |||
| # access to the salt command. | |||
| # access to the salt command. | |||
| {{ get_config('sudo_acl', 'False') }} | |||
| # The external auth system uses the Salt auth modules to authenticate and | |||
| @@ -416,7 +416,7 @@ client_acl_blacklist: | |||
| # will cause minion to throw an exception and drop the message. | |||
| {{ get_config('sign_pub_message', 'False') }} | |||
| # Sign the master auth-replies with a cryptographic signature of the masters public key. | |||
| # Sign the master auth-replies with a cryptographic signature of the masters public key. | |||
| # Please see the tutorial how to use these settings in the Multimaster-PKI with Failover Tutorial | |||
| {{ get_config('master_sign_pubkey', 'False') }} | |||
| @@ -424,18 +424,18 @@ client_acl_blacklist: | |||
| # master_sign_key_name: <filename_without_suffix> | |||
| {{ get_config('master_sign', '{}') }} | |||
| # The name of the file in the masters pki-directory that holds the pre-calculated | |||
| # The name of the file in the masters pki-directory that holds the pre-calculated | |||
| # signature of the masters public-key. | |||
| # master_pubkey_signature: <filename> | |||
| {{ get_config('master_pubkey_signature', '{}') }} | |||
| # Instead of computing the signature for each auth-reply, use a pre-calculated signature. | |||
| # Instead of computing the signature for each auth-reply, use a pre-calculated signature. | |||
| # The master_pubkey_signature must also be set for this. | |||
| {{ get_config('master_use_pubkey_signature', 'False') }} | |||
| # Rotate the salt-masters AES-key when a minion-public is deleted with salt-key. | |||
| # This is a very important security-setting. Disabling it will enable deleted minions to still | |||
| # listen in on the messages published by the salt-master. | |||
| # Rotate the salt-masters AES-key when a minion-public is deleted with salt-key. | |||
| # This is a very important security-setting. Disabling it will enable deleted minions to still | |||
| # listen in on the messages published by the salt-master. | |||
| # Do not disable this unless it is absolutely clear what this does. | |||
| {{ get_config('rotate_aes_key', 'True') }} | |||
| @@ -453,16 +453,16 @@ client_acl_blacklist: | |||
| # The base DN under which users can be found in LDAP | |||
| {{ get_config('auth.ldap.basedn', '') }} | |||
| # The user Salt authenticates to search for a users' Distinguished Name and | |||
| # The user Salt authenticates to search for a users' Distinguished Name and | |||
| # group membership. | |||
| {{ get_config('auth.ldap.binddn', '') }} | |||
| # The bind password to go along with the bind dn (binddn). | |||
| # The bind password to go along with the bind dn (binddn). | |||
| {{ get_config('auth.ldap.bindpw', '') }} | |||
| # The filter used to find the DN associated with a user. For most LDAPs use | |||
| # the value {% raw %}'uid={{ username }}'{% endraw %}. For Active Directory use the value | |||
| # {% raw %}'sAMAccountName={{username}}'{% endraw %}. | |||
| # the value {% raw %}'uid={{ username }}'{% endraw %}. For Active Directory use the value | |||
| # {% raw %}'sAMAccountName={{username}}'{% endraw %}. | |||
| {{ get_config('auth.ldap.filter', '') }} | |||
| # The attribute used for user group membership. Defaults to 'memberOf' | |||
| @@ -475,7 +475,7 @@ client_acl_blacklist: | |||
| # Default value: 'Groups' | |||
| {{ get_config('auth.ldap.groupou', 'Groups') }} | |||
| # Allows the administrator to strip off a certain set of domain names | |||
| # Allows the administrator to strip off a certain set of domain names | |||
| # so the hostnames looked up in the directory service can match the minion IDs. | |||
| {{ get_config('auth.ldap.minion_stripdomains', []) }} | |||
| @@ -646,7 +646,7 @@ master_tops: | |||
| # When using multiple environments, each with their own top file, the | |||
| # default behaviour is an unordered merge. To prevent top files from | |||
| # being merged together and instead to only use the top file from the | |||
| # requested environment, set this value to 'same'. | |||
| # requested environment, set this value to 'same'. | |||
| {{ get_config('top_file_merging_stragety', 'merge') }} | |||
| # To specify the order in which environments are merged, set the ordering | |||
| @@ -663,7 +663,7 @@ master_tops: | |||
| # the master server. The default is md5, but sha1, sha224, sha256, sha384 | |||
| # and sha512 are also supported. | |||
| # | |||
| # Prior to changing this value, the master should be stopped and all Salt | |||
| # Prior to changing this value, the master should be stopped and all Salt | |||
| # caches should be cleared. | |||
| {{ get_config('hash_type', 'md5') }} | |||
| @@ -770,11 +770,11 @@ fileserver_backend: | |||
| # Along with gitfs_password, is used to authenticate to HTTPS remotes. | |||
| {{ get_config('gitfs_user', 'git') }} | |||
| # Along with gitfs_user, is used to authenticate to HTTPS remotes. | |||
| # Along with gitfs_user, is used to authenticate to HTTPS remotes. | |||
| # This parameter is not required if the repository does not use authentication. | |||
| {{ get_config('gitfs_password', '') }} | |||
| # By default, Salt will not authenticate to an HTTP (non-HTTPS) remote. | |||
| # By default, Salt will not authenticate to an HTTP (non-HTTPS) remote. | |||
| # This parameter enables authentication over HTTP. Enable this at your own risk. | |||
| {{ get_config('gitfs_insecure_auth', 'False') }} | |||
| @@ -973,9 +973,9 @@ ext_pillar: | |||
| # be used instead. | |||
| {{ get_config('git_pillar_branch', 'master') }} | |||
| # Environment to use for git_pillar remotes. This is normally derived from | |||
| # Environment to use for git_pillar remotes. This is normally derived from | |||
| # the branch/tag (or from a per-remote env parameter), but if set this will | |||
| # override the process of deriving the env from the branch/tag name. | |||
| # override the process of deriving the env from the branch/tag name. | |||
| {{ get_config('git_pillar_env', '') }} | |||
| # Path relative to the root of the repository where the git_pillar top file | |||
| @@ -983,12 +983,12 @@ ext_pillar: | |||
| {{ get_config('git_pillar_root', 'pillar') }} | |||
| # Specifies whether or not to ignore SSL certificate errors when contacting | |||
| # the remote repository. | |||
| # the remote repository. | |||
| {{ get_config('git_pillar_ssl_verify', True) }} | |||
| # When set to False, if there is an update/checkout lock for a git_pillar | |||
| # remote and the pid written to it is not running on the master, the lock | |||
| # file will be automatically cleared and a new lock will be obtained. | |||
| # file will be automatically cleared and a new lock will be obtained. | |||
| {{ get_config('git_pillar_global_lock', False) }} | |||
| # Git External Pillar Authentication Options | |||
| @@ -1379,4 +1379,4 @@ consul_config: | |||
| {%- for name, value in cfg_master['consul_config'].items() %} | |||
| {{ name }}: {{ value }} | |||
| {%- endfor %} | |||
| {%- endif %} | |||
| {%- endif %} | |||
+ 7
- 7
salt/files/minion.d/f_defaults.conf
Переглянути файл
| @@ -539,11 +539,11 @@ fileserver_backend: | |||
| # Along with gitfs_password, is used to authenticate to HTTPS remotes. | |||
| {{ get_config('gitfs_user', 'git') }} | |||
| # Along with gitfs_user, is used to authenticate to HTTPS remotes. | |||
| # Along with gitfs_user, is used to authenticate to HTTPS remotes. | |||
| # This parameter is not required if the repository does not use authentication. | |||
| {{ get_config('gitfs_password', '') }} | |||
| # By default, Salt will not authenticate to an HTTP (non-HTTPS) remote. | |||
| # By default, Salt will not authenticate to an HTTP (non-HTTPS) remote. | |||
| # This parameter enables authentication over HTTP. Enable this at your own risk. | |||
| {{ get_config('gitfs_insecure_auth', 'False') }} | |||
| @@ -735,9 +735,9 @@ ext_pillar: | |||
| # be used instead. | |||
| {{ get_config('git_pillar_branch', 'master') }} | |||
| # Environment to use for git_pillar remotes. This is normally derived from | |||
| # Environment to use for git_pillar remotes. This is normally derived from | |||
| # the branch/tag (or from a per-remote env parameter), but if set this will | |||
| # override the process of deriving the env from the branch/tag name. | |||
| # override the process of deriving the env from the branch/tag name. | |||
| {{ get_config('git_pillar_env', '') }} | |||
| # Path relative to the root of the repository where the git_pillar top file | |||
| @@ -745,12 +745,12 @@ ext_pillar: | |||
| {{ get_config('git_pillar_root', 'pillar') }} | |||
| # Specifies whether or not to ignore SSL certificate errors when contacting | |||
| # the remote repository. | |||
| # the remote repository. | |||
| {{ get_config('git_pillar_ssl_verify', True) }} | |||
| # When set to False, if there is an update/checkout lock for a git_pillar | |||
| # remote and the pid written to it is not running on the master, the lock | |||
| # file will be automatically cleared and a new lock will be obtained. | |||
| # file will be automatically cleared and a new lock will be obtained. | |||
| {{ get_config('git_pillar_global_lock', False) }} | |||
| # Git External Pillar Authentication Options | |||
| @@ -990,4 +990,4 @@ ext_pillar: | |||
| ############################################ | |||
| # Default match type for filtering events tags: startswith, endswith, find, regex, fnmatch | |||
| #event_match_type: startswith | |||
| {{ get_config('event_match_type', 'startswith') }} | |||
| {{ get_config('event_match_type', 'startswith') }} | |||
Завантаження…