Page MenuHomeDevCentral
Files F8321841

init.sls
No OneTemporary
Actions

init.sls
View Options

# -------------------------------------------------------------
# Salt — Salt master configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-04-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Accounts
# -------------------------------------------------------------
# Salt account
salt_account:
group.present:
- name: salt
- gid: 9001
- system: True
user.present:
- name: salt
- fullname: SaltStack master account
- uid: 9001
- gid: 9001
- home: /var/run/salt
salt_account_ownership:
cmd.run:
- name: chown -R salt {{ dirs.etc }}/salt /var/cache/salt /var/log/salt /var/run/salt
- onchanges:
- user: salt_account
# Deployment account
deploy_account:
group.present:
- name: deploy
- gid: 9002
- system: True
user.present:
- name: deploy
- fullname: Deployment and management of the Salt staging area
- uid: 9002
- gid: 9002
- home: /var/run/deploy
# Allow to repair ownership if the account is created after the staging
deploy_account_ownership:
cmd.run:
- name: chown -R salt /opt/salt/staging /opt/salt/private/staging
- onchanges:
- user: deploy_account
# -------------------------------------------------------------
# Sudo capabilities
#
# Ops should be able to sudo -u salt …
# Deployers should be able to sudo -u deploy <anything>
# -------------------------------------------------------------
{% for sudofile in ['salt', 'deploy'] %}
saltmaster_sudo_capabilities_{{ sudofile }}:
file.managed:
- name: {{ dirs.etc }}/sudoers.d/{{ sudofile }}
- source: salt://roles/saltmaster/account/files/{{ sudofile }}
{% endfor %}

File Metadata

Mime Type
text/plain
Expires
Tue, May 13, 16:53 (21 h, 23 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2625737
Default Alt Text
init.sls (1 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator