Saltstack Official Salt Formula

248 line
6.5KB

  1. salt:
  2. # Set this to true to clean any non-salt-formula managed files out of
  3. # /etc/salt/{master,minion}.d ... You really don't want to do this on 2015.2
  4. # and up as it'll wipe out important files that Salt relies on.
  5. clean_config_d_dir: False
  6. # Set this to False to not have the formula install packages (in the case you
  7. # install Salt via git/pip/etc.)
  8. install_packages: True
  9. # to overwrite map.jinja salt packages
  10. lookup:
  11. salt-master: 'salt-master'
  12. salt-minion: 'salt-minion'
  13. salt-syndic: 'salt-syndic'
  14. salt-cloud: 'salt-cloud'
  15. salt-ssh: 'salt-ssh'
  16. # salt master config
  17. master:
  18. fileserver_backend:
  19. - git
  20. - roots
  21. gitfs_remotes:
  22. - git://github.com/saltstack-formulas/salt-formula.git:
  23. - base: develop
  24. file_roots:
  25. base:
  26. - /srv/salt
  27. pillar_roots:
  28. base:
  29. - /srv/pillar
  30. # for salt-api with tornado rest interface
  31. rest_tornado:
  32. port: 8000
  33. ssl_crt: /etc/pki/api/certs/server.crt
  34. ssl_key: /etc/pki/api/certs/server.key
  35. debug: False
  36. disable_ssl: False
  37. # for profile configuration as https://docs.saltstack.com/en/latest/topics/tutorials/lxc.html#tutorial-lxc-profiles
  38. lxc.container_profile:
  39. debian:
  40. template: download
  41. options:
  42. dist: debian
  43. release: jessie
  44. arch: amd64
  45. backing: lvm
  46. vgname: kimsufi
  47. size: 10G
  48. lxc.network_profile:
  49. basic:
  50. eth0:
  51. link: lxcbr0
  52. type: veth
  53. flags: up
  54. ## for external auth - LDAP
  55. # filter to use for Active Directory LDAP
  56. auth.ldap.filter: {% raw %}'sAMAccountName={{username}}'{% endraw %}
  57. # filter to use for Most other LDAP servers
  58. auth.ldap.filter: {% raw %}'uid={{ username }}'{% endraw %}
  59. # optional engine configuration
  60. engines:
  61. slack:
  62. token: xoxp-XXXXX-XXXXXXX
  63. control: True
  64. valid_users:
  65. - someuser
  66. - otheruser
  67. valid_commands:
  68. - test.ping
  69. - list_jobs
  70. aliases:
  71. list_jobs:
  72. type: runner
  73. cmd: jobs.list_jobs
  74. # salt minion config:
  75. minion:
  76. # single master setup
  77. master: salt
  78. # multi master setup
  79. #master:
  80. #- salt_master_1
  81. #- salt_master_2
  82. fileserver_backend:
  83. - git
  84. - roots
  85. gitfs_remotes:
  86. - git://github.com/saltstack-formulas/salt-formula.git:
  87. - base: develop
  88. file_roots:
  89. base:
  90. - /srv/salt
  91. pillar_roots:
  92. base:
  93. - /srv/pillar
  94. module_config:
  95. test: True
  96. test.foo: foo
  97. test.bar:
  98. - baz
  99. - quo
  100. test.baz:
  101. spam: sausage
  102. cheese: bread
  103. # salt mine setup
  104. mine_interval: 60
  105. # mine_functions can be set at the top level of the pillar, and
  106. # that is preferable because it doesn't affect the conf file and
  107. # doesn't require a minion restart. However, you can configure it
  108. # here instead if you really want to.
  109. mine_functions:
  110. network.interface_ip: [eth0]
  111. # salt cloud config
  112. cloud:
  113. master: salt
  114. # For non-templated custom cloud provider/profile/map files
  115. providers:
  116. provider-filename1.conf:
  117. vmware-prod:
  118. driver: vmware
  119. user: myusernameprod
  120. password: mypassword
  121. vmware-nonprod:
  122. driver: vmware
  123. user: myusernamenonprod
  124. password: mypassword
  125. profiles:
  126. profile-filename1.conf:
  127. server-non-prod:
  128. clonefrom: rhel6xtemplatenp
  129. grains:
  130. platform:
  131. name: salt
  132. realm: lab
  133. subscription_level: standard
  134. memory: 8GB
  135. num_cpus: 4
  136. password: sUpErsecretey
  137. provider: vmware-nonprod
  138. maps:
  139. map-filename1.map:
  140. server-non-prod:
  141. - host.mycompany.com:
  142. grains:
  143. environment: dev1
  144. # You can take profile and map templates from an alternate location
  145. # if you want to write your own.
  146. template_sources:
  147. providers: salt://salt/files/cloud.providers.d
  148. profiles: salt://salt/files/cloud.profiles.d
  149. maps: salt://salt/files/cloud.maps.d
  150. # These settings are used by the default provider templates and
  151. # only need to be set for the ones you're using.
  152. aws_key: AWSKEYIJSHJAIJS6JSH
  153. aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
  154. gce_project: test
  155. gce_service_account_email_address: 867543072364-orl4h2tpp8jcn1tr9ipj@developer.gserviceaccount.com
  156. rsos_user: afeawofghob
  157. rsos_tenant: tenant_id_number
  158. rsos_apikey: WFJIOJEOIGHSOFHESO
  159. rsos_regions:
  160. - ORD
  161. - DFW
  162. - IAD
  163. - SYD
  164. - HKG
  165. reactor:
  166. - 'deploy':
  167. - /srv/salt/reactors/deploy.sls
  168. ssh_roster:
  169. prod1:
  170. host: host.example.com
  171. user: ubuntu
  172. sudo: True
  173. priv: /etc/salt/ssh_keys/sshkey.pem
  174. gitfs:
  175. keys:
  176. global:
  177. # key and pub end up being the extension used on the key file. values other than key and pub are possible
  178. key: |
  179. -----BEGIN RSA PRIVATE KEY-----
  180. ...........
  181. -----END RSA PRIVATE KEY-----
  182. pub: |
  183. ...........
  184. salt_cloud_certs:
  185. aws:
  186. pem: |
  187. -----BEGIN RSA PRIVATE KEY-----
  188. ...........
  189. -----END RSA PRIVATE KEY-----
  190. gce:
  191. pem: |
  192. -----BEGIN RSA PRIVATE KEY-----
  193. ...........
  194. -----END RSA PRIVATE KEY-----
  195. salt_formulas:
  196. git_opts:
  197. # The Git options can be customized differently for each
  198. # environment, if an option is missing in a given environment, the
  199. # value from "default" is used instead.
  200. default:
  201. # URL where the formulas git repositories are downloaded from
  202. # it will be suffixed with <formula-name>.git
  203. baseurl: https://github.com/saltstack-formulas
  204. # Directory where Git repositories are downloaded
  205. basedir: /srv/formulas
  206. # Update the git repository to the latest version (False by default)
  207. update: False
  208. # Options passed directly to the git.latest state
  209. options:
  210. rev: master
  211. dev:
  212. basedir: /srv/formulas/dev
  213. update: True
  214. options:
  215. rev: develop
  216. # Options of the file.directory state that creates the directory where
  217. # the git repositories of the formulas are stored
  218. basedir_opts:
  219. makedirs: True
  220. user: root
  221. group: root
  222. mode: 755
  223. # List of formulas to enable in each environment
  224. list:
  225. base:
  226. - salt-formula
  227. - postfix-formula
  228. dev:
  229. - salt-formula
  230. - postfix-formula
  231. - openssh-formula