@@ -186,6 +186,19 @@ Salt master peer setup for remote certificate signing | |||
".*": | |||
- x509.sign_remote_certificate | |||
Salt master backup configuration | |||
.. code-block:: yaml | |||
salt: | |||
master: | |||
backup: true | |||
initial_data: | |||
engine: backupninja | |||
source: backup-node-host | |||
host: original-salt-master-id | |||
Configure verbosity of state output (used for `salt` command) | |||
.. code-block:: yaml |
@@ -0,0 +1,10 @@ | |||
#!/bin/sh | |||
{%- from "salt/map.jinja" import master with context %} | |||
{%- if master.initial_data is defined %} | |||
mv /etc/salt/pki/* /etc/salt/pki.bak | |||
scp -r backupninja@{{ master.initial_data.source }}:/srv/backupninja/{{ master.initial_data.host }}/etc/salt/pki/pki.0/* /etc/salt/pki | |||
{%- if master.pillar.engine == 'reclass' or (master.pillar.engine == 'composite' and master.pillar.reclass is defined) %} | |||
scp -r backupninja@{{ master.initial_data.source }}:/srv/backupninja/{{ master.initial_data.host }}/srv/salt/reclass/nodes/_generated/_generated.0/* /srv/salt/reclass/nodes/_generated | |||
{%- endif %} | |||
{%- endif %} |
@@ -0,0 +1,30 @@ | |||
{%- from "salt/map.jinja" import master with context %} | |||
{%- if master.enabled %} | |||
{%- if master.initial_data is defined %} | |||
/srv/salt/restore.sh: | |||
file: | |||
- managed | |||
- source: salt://salt/files/restore.sh | |||
- mode: 700 | |||
- template: jinja | |||
salt_master_restore_state: | |||
cmd.run: | |||
- name: /srv/salt/restore.sh | |||
- unless: "test -e /srv/salt/master-restored" | |||
- cwd: /root | |||
- require: | |||
- file: /srv/salt/restore.sh | |||
salt_master_restore_completed: | |||
file.managed: | |||
- name: /srv/salt/master-restored | |||
- source: {} | |||
- require: | |||
- cmd: salt_master_restore_state | |||
{%- endif %} | |||
{%- endif %} |
@@ -2,8 +2,14 @@ | |||
{%- from "salt/map.jinja" import master with context %} | |||
backup: | |||
salt: | |||
{%- if master.get('backup', False) %} | |||
fs_includes: | |||
- /srv/salt | |||
- /etc/salt | |||
{%- if master.pillar.engine == 'reclass' or (master.pillar.engine == 'composite' and master.pillar.reclass is defined) %} | |||
- /srv/salt/reclass/nodes/_generated | |||
{%- endif %} | |||
- /etc/salt/pki | |||
{%- else %} | |||
fs_includes: [] | |||
{%- endif %} | |||
fs_excludes: [] | |||
{%- endif %} |
@@ -0,0 +1,22 @@ | |||
git: | |||
client: | |||
enabled: true | |||
linux: | |||
system: | |||
enabled: true | |||
salt: | |||
master: | |||
enabled: true | |||
source: | |||
engine: pkg | |||
pillar: | |||
engine: salt | |||
source: | |||
engine: local | |||
environment: | |||
prd: | |||
formula: {} | |||
initial_data: | |||
engine: backupninja | |||
source: backup-node-host | |||
host: original-salt-master-id |