Browse Source

allow non-default config settings in master.d/f_defaults.conf (similar to PR#247)

master
Dafydd Jones 8 years ago
parent
commit
8e41067c69
1 changed files with 37 additions and 0 deletions
  1. +37
    -0
      salt/files/master.d/f_defaults.conf

+ 37
- 0
salt/files/master.d/f_defaults.conf View File

{% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs', 'engines'] -%} {% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs', 'engines'] -%}
{% set cfg_salt = pillar.get('salt', {}) -%} {% set cfg_salt = pillar.get('salt', {}) -%}
{% set cfg_master = cfg_salt.get('master', {}) -%} {% set cfg_master = cfg_salt.get('master', {}) -%}
{% set default_keys = [] -%}
{%- macro get_config(configname, default_value) -%} {%- macro get_config(configname, default_value) -%}
{%- do default_keys.append(configname) %}
{%- if configname in cfg_master -%} {%- if configname in cfg_master -%}
{{ configname }}: {{ cfg_master[configname]|json }} {{ configname }}: {{ cfg_master[configname]|json }}
{%- elif configname in cfg_salt and configname not in reserved_keys -%} {%- elif configname in cfg_salt and configname not in reserved_keys -%}
# "states", "returners", etc. # "states", "returners", etc.
# Like 'extension_modules' but can take an array of paths # Like 'extension_modules' but can take an array of paths
{% if 'module_dirs' in cfg_master -%} {% if 'module_dirs' in cfg_master -%}
{%- do default_keys.append('module_dirs') %}
module_dirs: module_dirs:
{%- for dir in cfg_master['module_dirs'] %} {%- for dir in cfg_master['module_dirs'] %}
- {{ dir}} - {{ dir}}


# Only events returns matching tags in a whitelist # Only events returns matching tags in a whitelist
{% if 'event_return_whitelist' in cfg_master -%} {% if 'event_return_whitelist' in cfg_master -%}
{%- do default_keys.append('event_return_whitelist') %}
event_return_whitelist: event_return_whitelist:
{%- for event_return in cfg_master['event_return_whitelist'] %} {%- for event_return in cfg_master['event_return_whitelist'] %}
- {{ event_return }} - {{ event_return }}


# Store all event returns _except_ the tags in a blacklist # Store all event returns _except_ the tags in a blacklist
{% if 'event_return_blacklist' in cfg_master -%} {% if 'event_return_blacklist' in cfg_master -%}
{%- do default_keys.append('event_return_blacklist') %}
event_return_blacklist: event_return_blacklist:
{%- for event_return in cfg_master['event_return_blacklist'] %} {%- for event_return in cfg_master['event_return_blacklist'] %}
- {{ event_return }} - {{ event_return }}
# capabilities to non root users. By default this capability is completely # capabilities to non root users. By default this capability is completely
# disabled. # disabled.
{% if 'client_acl' in cfg_master -%} {% if 'client_acl' in cfg_master -%}
{%- do default_keys.append('client_acl') %}
client_acl: client_acl:
{%- for name, user in cfg_master['client_acl']|dictsort %} {%- for name, user in cfg_master['client_acl']|dictsort %}
{{ name}}: {{ name}}:
# running any commands. It would also blacklist any use of the "cmd" # running any commands. It would also blacklist any use of the "cmd"
# module. This is completely disabled by default. # module. This is completely disabled by default.
{% if 'client_acl_blacklist' in cfg_master %} {% if 'client_acl_blacklist' in cfg_master %}
{%- do default_keys.append('client_acl_blacklist') %}
client_acl_blacklist: client_acl_blacklist:
users: users:
{% for user in cfg_master['client_acl_blacklist'].get('users', []) %} {% for user in cfg_master['client_acl_blacklist'].get('users', []) %}
# #
#master_tops: {} #master_tops: {}
{% if 'master_tops' in cfg_master %} {% if 'master_tops' in cfg_master %}
{%- do default_keys.append('master_tops') %}
master_tops: master_tops:
{%- for master in cfg_master['master_tops'] -%} {%- for master in cfg_master['master_tops'] -%}
{%- if cfg_master['master_tops'][master] is string %} {%- if cfg_master['master_tops'][master] is string %}
# - /srv/salt/prod/states # - /srv/salt/prod/states
# #
{% if 'file_roots' in cfg_master -%} {% if 'file_roots' in cfg_master -%}
{%- do default_keys.append('file_roots') %}
{{ file_roots(cfg_master['file_roots']) }} {{ file_roots(cfg_master['file_roots']) }}
{%- elif 'file_roots' in cfg_salt -%} {%- elif 'file_roots' in cfg_salt -%}
{{ file_roots(cfg_salt['file_roots']) }} {{ file_roots(cfg_salt['file_roots']) }}
# and don't want all the '.svn' folders and content synced to your minions, # and don't want all the '.svn' folders and content synced to your minions,
# you could set this to '/\.svn($|/)'. By default nothing is ignored. # you could set this to '/\.svn($|/)'. By default nothing is ignored.
{% if 'file_ignore_regex' in cfg_master %} {% if 'file_ignore_regex' in cfg_master %}
{%- do default_keys.append('file_ignore_regex') %}
file_ignore_regex: file_ignore_regex:
{% for regex in cfg_master['file_ignore_regex'] %} {% for regex in cfg_master['file_ignore_regex'] %}
- {{ regex }} - {{ regex }}
# to file_ignore_regex above, but works on globs instead of regex. By default # to file_ignore_regex above, but works on globs instead of regex. By default
# nothing is ignored. # nothing is ignored.
{% if 'file_ignore_glob' in cfg_master %} {% if 'file_ignore_glob' in cfg_master %}
{%- do default_keys.append('file_ignore_glob') %}
file_ignore_glob: file_ignore_glob:
{% for glob in cfg_master['file_ignore_glob'] %} {% for glob in cfg_master['file_ignore_glob'] %}
- {{ glob }} - {{ glob }}
# - git # - git
# - roots # - roots
{% if 'fileserver_backend' in cfg_master -%} {% if 'fileserver_backend' in cfg_master -%}
{%- do default_keys.append('fileserver_backend') %}
fileserver_backend: fileserver_backend:
{%- for backend in cfg_master['fileserver_backend'] %} {%- for backend in cfg_master['fileserver_backend'] %}
- {{ backend }} - {{ backend }}
# Note: file:// repos will be treated as a remote, so refs you want used must # Note: file:// repos will be treated as a remote, so refs you want used must
# exist in that repo as *local* refs. # exist in that repo as *local* refs.
{% if 'gitfs_remotes' in cfg_master -%} {% if 'gitfs_remotes' in cfg_master -%}
{%- do default_keys.append('gitfs_remotes') %}
gitfs_remotes: gitfs_remotes:
{%- for remote in cfg_master['gitfs_remotes'] %} {%- for remote in cfg_master['gitfs_remotes'] %}
{%- if remote is iterable and remote is not string %} {%- if remote is iterable and remote is not string %}
# The gitfs_env_whitelist and gitfs_env_blacklist parameters allow for greater # The gitfs_env_whitelist and gitfs_env_blacklist parameters allow for greater
# control over which branches/tags are exposed as fileserver environments. # control over which branches/tags are exposed as fileserver environments.
{% if 'gitfs_env_whitelist' in cfg_master -%} {% if 'gitfs_env_whitelist' in cfg_master -%}
{%- do default_keys.append('gitfs_env_whitelist') %}
gitfs_env_whitelist: gitfs_env_whitelist:
{%- for git_env in cfg_master['gitfs_env_whitelist'] %} {%- for git_env in cfg_master['gitfs_env_whitelist'] %}
- {{ git_env }} - {{ git_env }}
{% endif %} {% endif %}


{% if 'gitfs_env_blacklist' in cfg_master -%} {% if 'gitfs_env_blacklist' in cfg_master -%}
{%- do default_keys.append('gitfs_env_blacklist') %}
gitfs_env_blacklist: gitfs_env_blacklist:
{%- for git_env in cfg_master['gitfs_env_blacklist'] %} {%- for git_env in cfg_master['gitfs_env_blacklist'] %}
- {{ git_env }} - {{ git_env }}
# a top file and sls files. However, pillar data does not need to be in the # a top file and sls files. However, pillar data does not need to be in the
# highstate format, and is generally just key/value pairs. # highstate format, and is generally just key/value pairs.
{% if 'pillar_roots' in cfg_master -%} {% if 'pillar_roots' in cfg_master -%}
{%- do default_keys.append('pillar_roots') %}
pillar_roots: pillar_roots:
{%- for name, roots in cfg_master['pillar_roots']|dictsort %} {%- for name, roots in cfg_master['pillar_roots']|dictsort %}
{{ name }}: {{ name }}:
{%- endif %} {%- endif %}


{% if 'ext_pillar' in cfg_master %} {% if 'ext_pillar' in cfg_master %}
{%- do default_keys.append('ext_pillar') %}
ext_pillar: ext_pillar:
{%- for pillar in cfg_master['ext_pillar'] -%} {%- for pillar in cfg_master['ext_pillar'] -%}
{%- for key in pillar -%} {%- for key in pillar -%}
# This is not recommended, since it would allow anyone who gets root on any # This is not recommended, since it would allow anyone who gets root on any
# single minion to instantly have root on all of the minions! # single minion to instantly have root on all of the minions!
{% if 'peer' in cfg_master %} {% if 'peer' in cfg_master %}
{%- do default_keys.append('peer') %}
peer: peer:
{% for name, roots in cfg_master['peer'].items() %} {% for name, roots in cfg_master['peer'].items() %}
{{ name }}: {{ name }}:
# foo.example.com: # foo.example.com:
# - manage.up # - manage.up
{% if 'peer_run' in cfg_master %} {% if 'peer_run' in cfg_master %}
{%- do default_keys.append('peer_run') %}
peer_run: peer_run:
{% for name, roots in cfg_master['peer_run'].items() %} {% for name, roots in cfg_master['peer_run'].items() %}
{{ name }}: {{ name }}:
# data only, minions web* to get all network.* and disk.* mine data and all other # data only, minions web* to get all network.* and disk.* mine data and all other
# minions won't get any mine data. # minions won't get any mine data.
{% if 'mine_get' in cfg_master -%} {% if 'mine_get' in cfg_master -%}
{%- do default_keys.append('mine_get') %}
mine_get: mine_get:
{%- for minion, data in cfg_master['mine_get']|dictsort %} {%- for minion, data in cfg_master['mine_get']|dictsort %}
{{ minion }}: {{ minion }}:
# 'salt.modules': 'debug' # 'salt.modules': 'debug'
# #
{% if 'log_granular_levels' in cfg_master %} {% if 'log_granular_levels' in cfg_master %}
{%- do default_keys.append('log_granular_levels') %}
log_granular_levels: log_granular_levels:
{% for name, lvl in cfg_master['log_granular_levels'].items() %} {% for name, lvl in cfg_master['log_granular_levels'].items() %}
{{ name }}: {{ lvl }} {{ name }}: {{ lvl }}
# group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com' # group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com'
# group2: 'G@os:Debian and foo.domain.com' # group2: 'G@os:Debian and foo.domain.com'
{%- if 'nodegroups' in cfg_master %} {%- if 'nodegroups' in cfg_master %}
{%- do default_keys.append('nodegroups') %}
nodegroups: nodegroups:
{%- for name, lvl in cfg_master['nodegroups'].items() %} {%- for name, lvl in cfg_master['nodegroups'].items() %}
{{ name }}: {{ lvl }} {{ name }}: {{ lvl }}


# List of git repositories to include with the local repo: # List of git repositories to include with the local repo:
{% if 'winrepo_remotes_ng' in cfg_master %} {% if 'winrepo_remotes_ng' in cfg_master %}
{%- do default_keys.append('winrepo_remotes_ng') %}
winrepo_remotes_ng: winrepo_remotes_ng:
{% for repo in cfg_master['winrepo_remotes_ng'] %} {% for repo in cfg_master['winrepo_remotes_ng'] %}
- {{ repo }} - {{ repo }}


# List of git repositories to include with the local repo: # List of git repositories to include with the local repo:
{% if 'winrepo_remotes' in cfg_master %} {% if 'winrepo_remotes' in cfg_master %}
{%- do default_keys.append('winrepo_remotes') %}
winrepo_remotes: winrepo_remotes:
{% for repo in cfg_master['winrepo_remotes'] %} {% for repo in cfg_master['winrepo_remotes'] %}
- {{ repo }} - {{ repo }}


# List of git repositories to include with the local repo: # List of git repositories to include with the local repo:
{% if 'win_gitrepos' in cfg_master %} {% if 'win_gitrepos' in cfg_master %}
{%- do default_keys.append('win_gitrepos') %}
win_gitrepos: win_gitrepos:
{% for repo in cfg_master['win_gitrepos'] %} {% for repo in cfg_master['win_gitrepos'] %}
- {{ repo }} - {{ repo }}
{{ get_config('event_match_type', 'startswith') }} {{ get_config('event_match_type', 'startswith') }}


{%- if 'halite' in cfg_master %} {%- if 'halite' in cfg_master %}
{%- do default_keys.append('halite') %}
##### Halite ##### ##### Halite #####
########################################## ##########################################
halite: halite:
{%- endif %} {%- endif %}


{%- if 'rest_cherrypy' in cfg_master %} {%- if 'rest_cherrypy' in cfg_master %}
{%- do default_keys.append('rest_cherrypy') %}
##### rest_cherrypy ##### ##### rest_cherrypy #####
########################################## ##########################################
rest_cherrypy: rest_cherrypy:
{%- endif %} {%- endif %}


{%- if 'rest_tornado' in cfg_master %} {%- if 'rest_tornado' in cfg_master %}
{%- do default_keys.append('rest_tornado') %}
##### rest_tornado ##### ##### rest_tornado #####
########################################### ###########################################
rest_tornado: rest_tornado:
{%- endif %} {%- endif %}


{%- if 'consul_config' in cfg_master %} {%- if 'consul_config' in cfg_master %}
{%- do default_keys.append('consul_config') %}
##### consul_config ##### ##### consul_config #####
########################################## ##########################################
consul_config: consul_config:
{%- endif %} {%- endif %}


{% if 'mongo' in cfg_master -%} {% if 'mongo' in cfg_master -%}
{%- do default_keys.append('mongo') %}
##### mongodb connection settings ##### ##### mongodb connection settings #####
########################################## ##########################################
{%- for name, value in cfg_master['mongo'].items() %} {%- for name, value in cfg_master['mongo'].items() %}
{%- endfor %} {%- endfor %}


{% if 'alternative.mongo' in cfg_master -%} {% if 'alternative.mongo' in cfg_master -%}
{%- do default_keys.append('alternative.mongo') %}
{%- for name, value in cfg_master['alternative.mongo'].items() %} {%- for name, value in cfg_master['alternative.mongo'].items() %}
alternative.mongo.{{ name }}: {{ value }} alternative.mongo.{{ name }}: {{ value }}
{%- endfor %} {%- endfor %}
{% endif %} {% endif %}
{%- endif %} {%- endif %}

{%- for configname in cfg_master %}
{%- if configname not in reserved_keys and configname not in default_keys %}
{{ configname }}: {{ cfg_master[configname]|json }}
{%- endif %}
{%- endfor %}

Loading…
Cancel
Save