瀏覽代碼

Merge "Secure salt minion files."

pull/73/head
Vasyl Saienko 6 年之前
父節點
當前提交
26b4ba58b7
共有 4 個文件被更改,包括 14 次插入1 次删除
  1. +3
    -1
      salt/files/userdata
  2. +2
    -0
      salt/master/minion.sls
  3. +3
    -0
      salt/minion/base.sls
  4. +6
    -0
      salt/minion/service.sls

+ 3
- 1
salt/files/userdata 查看文件

@@ -6,4 +6,6 @@ curl --insecure -L http://bootstrap.saltstack.org -o install_salt.sh
sh install_salt.sh
echo "id: {{ node_name }}.{{ cluster.domain }}" > /etc/salt/minion.d/minion.conf
echo "master: salt/master: {{ cluster.config.host }}" >> /etc/salt/minion.d/minion.conf
service salt-minion restart
chown root:root /etc/salt/minion.d/minion.conf
chmod 0600 /etc/salt/minion.d/minion.conf
service salt-minion restart

+ 2
- 0
salt/master/minion.sls 查看文件

@@ -8,6 +8,8 @@ include:
file.managed:
- source: salt://salt/files/_orchestration.conf
- user: root
- group: root
- mode: 600
- template: jinja
- makedirs: true
- require:

+ 3
- 0
salt/minion/base.sls 查看文件

@@ -32,6 +32,7 @@ salt_minion_dependency_packages:
- source: salt://salt/files/minion.conf
- user: root
- group: root
- mode: 600
- template: jinja
- require:
- {{ minion.install_state }}
@@ -42,6 +43,8 @@ salt_minion_dependency_packages:
file.managed:
- source: salt://salt/files/_renderer.conf
- user: root
- group: root
- mode: 600
- template: jinja
- require:
- {{ minion.install_state }}

+ 6
- 0
salt/minion/service.sls 查看文件

@@ -31,6 +31,7 @@ salt_minion_dependency_packages:
- source: salt://salt/files/minion.conf
- user: root
- group: root
- mode: 600
- template: jinja
- require:
- {{ minion.install_state }}
@@ -45,6 +46,9 @@ salt_minion_dependency_packages:
salt_minion_config_{{ service_name }}_{{ name }}:
file.managed:
- name: /etc/salt/minion.d/_{{ name }}.conf
- user: root
- group: root
- mode: 600
- contents: |
{{ conf|yaml(False)|indent(8) }}
- require:
@@ -99,6 +103,8 @@ salt_minion_{{ service_name }}_dependencies_pip:
file.managed:
- source: salt://salt/files/_renderer.conf
- user: root
- group: root
- mode: 600
- template: jinja
- require:
- {{ minion.install_state }}

Loading…
取消
儲存