Page MenuHomeDevCentral
Files F11726055

No OneTemporary
Actions

View Options

diff --git a/README.md b/README.md
index 3ed0e9a..960e3cd 100644
--- a/README.md
+++ b/README.md
@@ -1,84 +1,92 @@
Nasqueron operations
====================
Welcome to **[rOPS](https://devcentral.nasqueron.org/diffusion/OPS/)**,
the Nasqueron operations repository.
----------
Introduction
------------
Nasqueron infrastructure servers support our budding community
of creative people, writers, developers and thinkers.
Nasqueron follows the principle of "Infrastructure as Code"
to offer documentation, reproducibility, transparency and
to allow external contributions.
It contains:
- server configuration
- deployment information for our applications and services
We mainly rely on [SaltStack](https://docs.saltstack.com/en/latest/contents.html)
for deployment and automation.
Scope
-----
New services on our Docker engine (currently Dwellers) should be
deployed through this repository.
The [Eglide](http://www.eglide.org/) service is fully managed
through this repository.
Legacy services are in migration.
Structure
---------
Services are organized in roles and units.
* Roles: a role is a goal a service accomplishes (e.g. mailserver, paas-docker)
* Units: a unit is a component needed to achieve this goal
(e.g. an userland software collection, a nginx server)
Directories follow `roles/<role>/<unit>`.
If configuration files for a unit should be stored,
a subfolder `files` is created at unit level.
The `pillar/ ` folder contains data about Eglide users,
The repository contains a legacy scripts folder, not handled by Salt,
and a config/forum for one set of our Discourse configuration.
They can be migrated to the role/unit structure.
Contribute
----------
Contributions are welcome to this repository, especially if you wish to:
1. improve our infrastructure
2. install or configure something on a Nasqueron server
3. install or configure something on a project we manage (like Eglide)
4. help to migrate services to Salt
You can follow this [contributor guide](https://agora.nasqueron.org/How%20to%20contribute%20code)
to send a commit for review. This procedure is open to everyone.
Issues can be reported on the [#Servers component](https://devcentral.nasqueron.org/tag/servers/)
on DevCentral, the Nasqueron Phabricator instance.
Support for contributors is provided on Freenode #nasqueron-ops.
+Inclusive terminology
+---------------------
+
+The repository uses the following terminology:
+
+ - **Salt primary server**: server that issues commands to other servers, including itself
+ - **Node**: a server, baremetal or VM configured by Salt
+
License
-------
A lot of configuration as code is trivial, and so ineligible for copyright per
[threshold of originality](https://en.wikipedia.org/wiki/Threshold_of_originality)
When this is not the case, the code is licensed under
[BSD-2-Clause](https://opensource.org/licenses/BSD-2-Clause)
if not otherwise specified.
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
index 9c1ab2b..99fe807 100644
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -1,228 +1,228 @@
# -------------------------------------------------------------
# Salt — Nodes
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-20
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
nodes_aliases:
netmasks:
intranought: &intranought_netmask 255.255.255.240
nodes:
##
## Forest: Nasqueron
## Semantic field: https://devcentral.nasqueron.org/P27
##
cloudhugger:
forest: nasqueron-infra
hostname: cloudhugger.nasqueron.org
roles:
- opensearch
network:
ipv6_native: True
ipv6_tunnel: False
canonical_public_ipv4: 188.165.200.229
interfaces:
eno1:
device: eno1
ipv4:
address: 188.165.200.229
gateway: 188.165.200.254
ipv6:
address: fe80::ec4:7aff:fe6a:36e8
prefix: 64
gateway: fe80::ee30:91ff:fee0:df80
complector:
forest: nasqueron-infra
hostname: complector.nasqueron.org
roles:
- vault
- - saltmaster
+ - salt-primary
zfs:
pool: zroot
network:
ipv6_tunnel: False
interfaces:
intranought:
device: vmx0
ipv4:
address: 172.27.27.7
netmask: *intranought_netmask
gateway: 172.27.27.1
dwellers:
forest: nasqueron-infra
hostname: dwellers.nasqueron.org
roles:
- paas-lxc
- paas-docker
- mastodon
flags:
install_docker_devel_tools: True
network:
ipv6_tunnel: True
canonical_public_ipv4: 51.255.124.11
interfaces:
public:
device: ens192
uuid: 6e05ebea-f2fd-4ca1-a21f-78a778664d8c
ipv4:
address: 51.255.124.11
netmask: 255.255.255.252
gateway: 91.121.86.254
intranought:
device: ens224
uuid: 8e8ca793-b2eb-46d8-9266-125aba6d06c4
ipv4:
address: 172.27.27.4
netmask: *intranought_netmask
gateway: 172.27.27.1
docker-001:
forest: nasqueron-infra
hostname: docker-001.nasqueron.org
roles:
- paas-docker
network:
ipv6_tunnel: False
canonical_public_ipv4: 51.255.124.9
interfaces:
public:
device: ens192
uuid: ef7370c5-5060-4d89-82bb-dbeabf4a35f6
ipv4:
address: 51.255.124.9
netmask: 255.255.255.252
gateway: 91.121.86.254
intranought:
device: ens224
uuid: 3fd0b9f8-ecc3-400d-bc61-3ba21d0b6337
ipv4:
address: 172.27.27.6
netmask: *intranought_netmask
gateway: 172.27.27.1
router-001:
forest: nasqueron-infra
hostname: router-001.nasqueron.org
roles:
- router
network:
ipv6_tunnel: False
canonical_public_ipv4: 51.255.124.8
interfaces:
public:
device: vmx0
ipv4:
address: 51.255.124.8
netmask: 255.255.255.252
gateway: 91.121.86.254
flags:
- ipv4_ovh_failover
intranought:
device: vmx1
ipv4:
address: 172.27.27.1
netmask: *intranought_netmask
ysul:
forest: nasqueron-dev
hostname: ysul.nasqueron.org
roles:
- devserver
- - saltmaster
+ - salt-primary
- dbserver-mysql
- webserver-legacy
zfs:
pool: arcology
network:
ipv6_tunnel: True
ipv6_gateway: 2001:470:1f12:9e1::1
canonical_public_ipv4: 212.83.187.132
interfaces:
igb0:
device: igb0
ipv4:
address: 163.172.49.16
netmask: 255.255.255.255
gateway: 163.172.49.1
aliases:
- 212.83.187.132
windriver:
forest: nasqueron-dev
hostname: windriver.nasqueron.org
roles:
- devserver
- - saltmaster
+ - salt-primary
- dbserver-mysql
- webserver-legacy
zfs:
pool: arcology
network:
ipv6_native: True
ipv6_tunnel: False
canonical_public_ipv4: 51.159.18.59
interfaces:
igb0:
device: igb0
ipv4:
address: 51.159.18.59
netmask: 255.255.255.255
gateway: 51.159.18.1
ipv6:
address: 2001:0bc8:6005:0005:aa1e:84ff:fef3:5d9c
gateway: fe80::a293:51ff:feb7:5073
prefix: 128
##
## Forest: Eglide
## Semantic field: ? (P27 used for "Eglide" too)
##
## This forest is intended to separate credentials
## between Eglide and Nasqueron servers.
##
eglide:
forest: eglide
hostname: eglide.org
roles:
- shellserver
network:
ipv6_tunnel: True
canonical_public_ipv4: 51.159.150.221
interfaces:
ens2:
device: ens2
ipv4:
address: 51.159.150.221
gateway: ""
flags:
# This interface is configured by cloud-init
- skip_interface_configuration
fixes:
rsyslog_xconsole: True
diff --git a/roles/core/motd/files/complector b/roles/core/motd/files/complector
index dce82fc..f286e1e 100644
--- a/roles/core/motd/files/complector
+++ b/roles/core/motd/files/complector
@@ -1,24 +1,24 @@
_ _ _____,,,\//,,\\,/,
___ ___ _ __ ___ _ __ | | ___ ___| |_ ___ _ __ /-- --- --- -----
/ __/ _ \| '_ ` _ \| '_ \| |/ _ \/ __| __/ _ \| '__| ///--- --- -- - ----
| (_| (_) | | | | | | |_) | | __/ (__| || (_) | | o////- ---- --- --
\___\___/|_| |_| |_| .__/|_|\___|\___|\__\___/|_| !!//o/--- -- --
|_| o*) !///,~,,\\,\/,,/,//,,
o!*!o'(\ /\
Complector provides deployment services | ! o ",) \/\ /\ / \/\
for Nasqueron servers infrastructure: o !o! !!| \/ \/ /
( * ( o!'; |\ \ /
- Vault o o ! * !` | \ / \
- - Salt master o | o 'o| | : \ /
+ - Salt o | o 'o| | : \ /
* o !*!': |o| / /
Access is restricted for deployment purpose (o''| `| : / /
to Nasqueron Operations SIG members. ! *|'` \|/ \\
Please use dev servers for any other use. ' !o!':\ \\ \
( ('| \ `._______/
FreeBSD 13 ////\\\,,\///,,,,\,/oO._* o !*!'` `.________/
IP: {{ ipv4_address.ljust(16) }} ---- -- ------- - -oO*OoOo (o''| /
GW: {{ ipv4_gateway.ljust(16) }} -------- ------ 'oO*OoO!*|'o!! \
------- -- - ---- --* oO*OoO *!'| ' /
“Flow the secrets, the code --- - ----- ---- - oO*OoO!!':o!' /
Straight from the source - - ----- - -- - *--oO*OoOo!` /
The Complector waterfall.” \\\\\,,,\\,//////,\,,\\\/,,,\,,ejm/AMC
diff --git a/roles/core/motd/files/windriver b/roles/core/motd/files/windriver
index e63c3c9..9bd357e 100644
--- a/roles/core/motd/files/windriver
+++ b/roles/core/motd/files/windriver
@@ -1,11 +1,10 @@
__ __ _ _ __ _
/ / /\ \ (_)_ __ __| | /__(_)_ _____ _ __ Welcome to WindRiver,
\ \/ \/ / | '_ \ / _` |/ \// \ \ / / _ \ '__| a Nasqueron server.
\ /\ /| | | | | (_| / _ \ |\ V / __/ |
\/ \/ |_|_| |_|\__,_\/ \_/_| \_/ \___|_| Development | Staging area
- Management | Salt master
+ Management
[Haiku] Time forms the mountain. [News] 2019-11-22
Rain, wind, rivers, do their work. Server installed.
Shadows reveal depth. Tracking task: T1536
-
diff --git a/roles/core/motd/files/ysul b/roles/core/motd/files/ysul
index 7a560d6..038aad7 100644
--- a/roles/core/motd/files/ysul
+++ b/roles/core/motd/files/ysul
@@ -1,15 +1,14 @@
__________________________________________________________________________
_ _
| / / Welcome to Y'sul, a Nasqueron server.
----|---/----__----------/-
- | / (_ ` / / / Development | Staging area | Salt master
+ | / (_ ` / / / Development | Staging area
____|_/____(__)_(___(__/__________________________________________________
/
(_ / “Any theory which causes solipsism to seem just as likely an
explanation for the phenomena it seeks to describe ought to
be held in the utmost suspicion.” -- The Algebraist.
NEWS:
2017-10-20: Server has been reprovisioned. You can check the current
state & comment what you need @ https://devcentral.nasqueron.org/T1268
__________________________________________________________________________
-
diff --git a/roles/devserver/userland-home/repos.sls b/roles/devserver/userland-home/repos.sls
index 4fce2e0..18eb218 100644
--- a/roles/devserver/userland-home/repos.sls
+++ b/roles/devserver/userland-home/repos.sls
@@ -1,33 +1,33 @@
# -------------------------------------------------------------
# Deploy user repositories
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-09
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
# -------------------------------------------------------------
# Clone user repositories
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% for username, user in salt['forest.get_users']().items() %}
{% set repositories = salt['pillar.get']('user_repositories:' + username, {}) %}
{% for target, repo in repositories.items() %}
{{ target }}:
file.directory:
- user: {{ username }}
- group: {{ username }}
{{ repo['vcs'] | default('git') }}.latest:
- name: {{ repo['source'] }}
- target: {{ target }}
- update_head: False
- {% if salt['node.has_role']('saltmaster') %}
+ {% if salt['node.has_role']('salt-primary') %}
# TODO: find an alternative solution for other servers (suggest rSTAGING?)
- identity: /opt/salt/security/id_ed25519
{% endif %}
{% endfor %}
{% endfor %}
diff --git a/roles/paas-docker/wrappers/files/sentry.sh b/roles/paas-docker/wrappers/files/sentry.sh
index 7685fc8..49333fb 100644
--- a/roles/paas-docker/wrappers/files/sentry.sh
+++ b/roles/paas-docker/wrappers/files/sentry.sh
@@ -1,40 +1,40 @@
#!/bin/sh
# -------------------------------------------------------------
# PaaS Docker
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-11-11
# License: Trivial work, not eligible to copyright
# Source file: roles/paas-docker/wrappers/files/sentry.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
if [ "$#" -lt 2 ]; then
echo "Usage: $0 <realm> <command> [arguments]" 1>&2;
exit 1
fi
REALM=$1
shift
if [ ! -d "/srv/sentry/$REALM" ]; then
echo "Realm doesn't exist: $REALM" 1>&2;
exit 2
fi
DOCKER_RUN_SCRIPT=/srv/sentry/$REALM/bin/sentry
if [ ! -f "$DOCKER_RUN_SCRIPT" ]; then
echo "File doesn't exist: $DOCKER_RUN_SCRIPT" 1>&2;
- echo "You can generate it running 'deploy-container sentry' command on the Salt master. 1>&2;"
+ echo "You can generate it running 'deploy-container sentry' command on the Salt primary server. 1>&2;"
exit 4
fi
$DOCKER_RUN_SCRIPT "$@"
diff --git a/roles/saltmaster/account/files/deploy b/roles/salt-primary/account/files/deploy
similarity index 90%
rename from roles/saltmaster/account/files/deploy
rename to roles/salt-primary/account/files/deploy
index 4e1b1de..e6ebc3c 100644
--- a/roles/saltmaster/account/files/deploy
+++ b/roles/salt-primary/account/files/deploy
@@ -1,17 +1,17 @@
# -------------------------------------------------------------
# SaltStack deployment
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-09-28
# License: Trivial work, not eligible to copyright
-# Source file: roles/saltmaster/account/files/deploy
+# Source file: roles/salt-primary/account/files/deploy
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
%deploy ALL = (deploy) NOPASSWD: ALL
diff --git a/roles/saltmaster/account/files/salt b/roles/salt-primary/account/files/salt
similarity index 72%
rename from roles/saltmaster/account/files/salt
rename to roles/salt-primary/account/files/salt
index de421ab..c2535d8 100644
--- a/roles/saltmaster/account/files/salt
+++ b/roles/salt-primary/account/files/salt
@@ -1,20 +1,26 @@
# -------------------------------------------------------------
# SaltStack deployment
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-04-10
# License: Trivial work, not eligible to copyright
-# Source file: roles/saltmaster/account/files/salt
+# Source file: roles/salt-primary/account/files/salt
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
Cmnd_Alias SALT = /usr/local/bin/salt, /usr/local/bin/salt-api, /usr/local/bin/salt-call, /usr/local/bin/salt-cloud, /usr/local/bin/salt-cp, /usr/local/bin/salt-key, /usr/local/bin/salt-master, /usr/local/bin/salt-minion, /usr/local/bin/salt-proxy, /usr/local/bin/salt-run, /usr/local/bin/salt-ssh, /usr/local/bin/salt-syndic, /usr/local/etc/rc.d/salt_master
%salt ALL=(salt) NOPASSWD: SALT
%salt ALL=(ALL) NOPASSWD: /usr/local/bin/salt-call
+
+# -------------------------------------------------------------
+# Disclaimer: FreeBSD port for Salt still uses "salt_master".
+# This service name is kept for compatibility,
+# but isn't an endorsement of such terminology.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
diff --git a/roles/saltmaster/account/init.sls b/roles/salt-primary/account/init.sls
similarity index 92%
rename from roles/saltmaster/account/init.sls
rename to roles/salt-primary/account/init.sls
index 0065692..483420d 100644
--- a/roles/saltmaster/account/init.sls
+++ b/roles/salt-primary/account/init.sls
@@ -1,85 +1,85 @@
# -------------------------------------------------------------
-# Salt — Salt master configuration
+# Salt — Salt configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-04-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Accounts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Salt account
salt_account:
group.present:
- name: salt
- gid: 9001
user.present:
- name: salt
- - fullname: SaltStack master account
+ - fullname: SaltStack primary server account
- uid: 9001
- gid: 9001
- home: /var/run/salt
salt_account_ownership:
cmd.run:
- name: chown -R salt {{ dirs.etc }}/salt /var/cache/salt /var/log/salt /var/run/salt
- onchanges:
- user: salt_account
# Deployment account
deploy_account:
user.present:
- name: deploy
- fullname: Deployment and management of the Salt staging area
- uid: 9002
- gid: 3003
- home: /var/run/deploy
# -------------------------------------------------------------
# Directories
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/opt/salt:
file.directory
# -------------------------------------------------------------
# SSH key for deployment account
#
# This key should be added to:
#
# - zemke-rhyne account on devcentral
# https://devcentral.nasqueron.org/settings/user/zemke-rhyne/page/ssh/
#
# - alken-orin account on GitHub
# Credentials are stored in DevCentral passphrase application
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/opt/salt/security:
file.directory:
- user: deploy
- group: ops
- chmod: 770
deploy_account_ssh_key:
cmd.run:
- name: ssh-keygen -t ed25519 -N "" -f /opt/salt/security/id_ed25519
- runas: deploy
- creates: /opt/salt/security/id_ed25519
# -------------------------------------------------------------
# Sudo capabilities
#
# Ops should be able to sudo -u salt …
# Deployers should be able to sudo -u deploy <anything>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% for sudofile in ['salt', 'deploy'] %}
-saltmaster_sudo_capabilities_{{ sudofile }}:
+salt_sudo_capabilities_{{ sudofile }}:
file.managed:
- name: {{ dirs.etc }}/sudoers.d/{{ sudofile }}
- - source: salt://roles/saltmaster/account/files/{{ sudofile }}
+ - source: salt://roles/salt-primary/account/files/{{ sudofile }}
{% endfor %}
diff --git a/roles/saltmaster/cloud/files/providers/dwellers b/roles/salt-primary/cloud/files/providers/dwellers
similarity index 100%
rename from roles/saltmaster/cloud/files/providers/dwellers
rename to roles/salt-primary/cloud/files/providers/dwellers
diff --git a/roles/saltmaster/cloud/init.sls b/roles/salt-primary/cloud/init.sls
similarity index 83%
rename from roles/saltmaster/cloud/init.sls
rename to roles/salt-primary/cloud/init.sls
index da33951..88a652f 100644
--- a/roles/saltmaster/cloud/init.sls
+++ b/roles/salt-primary/cloud/init.sls
@@ -1,20 +1,20 @@
# -------------------------------------------------------------
-# Salt — Salt master configuration
+# Salt — Salt configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-04-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Providers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-saltmaster_cloud_providers:
+salt_cloud_providers:
file.recurse:
- name: {{ dirs.etc }}/salt/cloud.providers.d
- - source: salt://roles/saltmaster/cloud/files/providers
+ - source: salt://roles/salt-primary/cloud/files/providers
- dir_mode: 755
- file_mode: 644
diff --git a/roles/saltmaster/init.sls b/roles/salt-primary/init.sls
similarity index 89%
rename from roles/saltmaster/init.sls
rename to roles/salt-primary/init.sls
index 50d4af4..3593ae8 100644
--- a/roles/saltmaster/init.sls
+++ b/roles/salt-primary/init.sls
@@ -1,14 +1,14 @@
# -------------------------------------------------------------
-# Salt — Provision a salt master
+# Salt — Provision a salt primary server
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-21
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
include:
- .software
- .account
- .cloud
- .staging
- .salt-wrapper
diff --git a/roles/saltmaster/salt-wrapper/files/salt-wrapper.conf b/roles/salt-primary/salt-wrapper/files/salt-wrapper.conf
similarity index 84%
rename from roles/saltmaster/salt-wrapper/files/salt-wrapper.conf
rename to roles/salt-primary/salt-wrapper/files/salt-wrapper.conf
index d445511..0d10109 100644
--- a/roles/saltmaster/salt-wrapper/files/salt-wrapper.conf
+++ b/roles/salt-primary/salt-wrapper/files/salt-wrapper.conf
@@ -1,21 +1,21 @@
{
"comments": [
"This file is managed by our rOPS SaltStack repository.",
"Changes to this file may cause incorrect behavior",
"and will be lost if the state is redeployed.",
- "Source file: roles/saltmaster/salt-wrapper/files/salt-wrapper.conf"
+ "Source file: roles/salt-primary/salt-wrapper/files/salt-wrapper.conf"
],
"roots": [
{
"config": "/usr/local/etc/salt-woodscloud",
"states": "/opt/salt/woodscloud-operations"
},
{
"config": "/usr/local/etc/salt",
"states": "/opt/salt/nasqueron-operations"
}
]
}
diff --git a/roles/saltmaster/salt-wrapper/init.sls b/roles/salt-primary/salt-wrapper/init.sls
similarity index 93%
rename from roles/saltmaster/salt-wrapper/init.sls
rename to roles/salt-primary/salt-wrapper/init.sls
index e8f8fc3..4e6f290 100644
--- a/roles/saltmaster/salt-wrapper/init.sls
+++ b/roles/salt-primary/salt-wrapper/init.sls
@@ -1,49 +1,49 @@
# -------------------------------------------------------------
-# Salt — Salt master configuration
+# Salt — Salt configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-04
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Wrapper binaries
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ dirs.bin }}/salt-wrapper:
file.managed:
- mode: 755
- source: salt://software/salt-wrapper/salt-wrapper.sh
{{ dirs.bin }}/salt-get-config-dir:
file.managed:
- mode: 755
- source: salt://software/salt-wrapper/salt-get-config-dir.py
# -------------------------------------------------------------
# Wrapper configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ dirs.etc }}/salt-wrapper.conf:
file.managed:
- - source: salt://roles/saltmaster/salt-wrapper/files/salt-wrapper.conf
+ - source: salt://roles/salt-primary/salt-wrapper/files/salt-wrapper.conf
# -------------------------------------------------------------
# Wrapper manual
#
# TODO: gzip those files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ dirs.man }}/man1/salt-get-config-dir.1:
file.managed:
- source: salt://software/salt-wrapper/man/salt-get-config-dir.1
{{ dirs.man }}/man1/salt-wrapper.1:
file.managed:
- source: salt://software/salt-wrapper/man/salt-wrapper.1
{{ dirs.man }}/man5/salt-wrapper.conf.5:
file.managed:
- source: salt://software/salt-wrapper/man/salt-wrapper.conf.5
diff --git a/roles/saltmaster/service/files/rc.patch b/roles/salt-primary/service/files/rc.patch
similarity index 100%
rename from roles/saltmaster/service/files/rc.patch
rename to roles/salt-primary/service/files/rc.patch
diff --git a/roles/saltmaster/service/init.sls b/roles/salt-primary/service/init.sls
similarity index 69%
rename from roles/saltmaster/service/init.sls
rename to roles/salt-primary/service/init.sls
index 2563e2f..5f7c69d 100644
--- a/roles/saltmaster/service/init.sls
+++ b/roles/salt-primary/service/init.sls
@@ -1,22 +1,26 @@
# -------------------------------------------------------------
# Salt — Service
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-10-16
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs, services with context %}
# -------------------------------------------------------------
-# rc :: ensure master runs in UTF-8
+# rc :: ensure primary service runs in UTF-8
+#
+# Disclaimer: FreeBSD port for Salt still uses "salt_master".
+# This service name is kept for compatibility,
+# but isn't an endorsement of such terminology.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% if services['manager'] == "rc" %}
{{ dirs.etc }}/rc.d/salt_master:
file.patch:
- - source: salt://roles/saltmaster/service/files/rc.patch
+ - source: salt://roles/salt-primary/service/files/rc.patch
- hash: 08559af1d8b2d24f762085421a563602
{% endif %}
diff --git a/roles/saltmaster/software/files/staging-commit-message.py b/roles/salt-primary/software/files/staging-commit-message.py
similarity index 100%
rename from roles/saltmaster/software/files/staging-commit-message.py
rename to roles/salt-primary/software/files/staging-commit-message.py
diff --git a/roles/saltmaster/software/init.sls b/roles/salt-primary/software/init.sls
similarity index 87%
rename from roles/saltmaster/software/init.sls
rename to roles/salt-primary/software/init.sls
index 4651d67..3a33aa8 100644
--- a/roles/saltmaster/software/init.sls
+++ b/roles/salt-primary/software/init.sls
@@ -1,26 +1,26 @@
# -------------------------------------------------------------
-# Salt — Provision a salt master
+# Salt — Provision a salt primary server
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-10-04
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs, packages_prefixes with context %}
# -------------------------------------------------------------
# Additional software
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
install_salt_extra_software:
pkg.installed:
- pkgs:
# Jenkins execution module
- {{ packages_prefixes.python3 }}python-jenkins
# For staging-commit-message
- {{ packages_prefixes.python3 }}GitPython
{{ dirs.bin }}/staging-commit-message:
file.managed:
- - source: salt://roles/saltmaster/software/files/staging-commit-message.py
+ - source: salt://roles/salt-primary/software/files/staging-commit-message.py
- mode: 755
diff --git a/roles/saltmaster/staging/init.sls b/roles/salt-primary/staging/init.sls
similarity index 96%
rename from roles/saltmaster/staging/init.sls
rename to roles/salt-primary/staging/init.sls
index 902283d..8e0e2f7 100644
--- a/roles/saltmaster/staging/init.sls
+++ b/roles/salt-primary/staging/init.sls
@@ -1,41 +1,41 @@
# -------------------------------------------------------------
-# Salt — Provision a salt master
+# Salt — Provision a salt primary server
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-21
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
# -------------------------------------------------------------
# Git repositories for the staging area
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
staging_public_repository:
file.directory:
- name: /opt/salt/staging
- user: deploy
- group: deployment
- dir_mode: 775
- makedirs: True
git.latest:
- name: https://devcentral.nasqueron.org/source/staging.git
- target: /opt/salt/staging
- user: deploy
- update_head: False
- submodules: True
- identity: /opt/salt/security/id_ed25519
staging_private_repository:
file.directory:
- name: /opt/salt/private/staging
- user: deploy
- group: deployment
- dir_mode: 770
- makedirs: True
git.latest:
- name: ssh://vcs@devcentral.nasqueron.org:5022/source/private-staging.git
- target: /opt/salt/private/staging
- user: deploy
- identity: /opt/salt/security/id_ed25519
- update_head: False
- submodules: True
diff --git a/roles/saltmaster/zemke-rhyne/account.sls b/roles/salt-primary/zemke-rhyne/account.sls
similarity index 100%
rename from roles/saltmaster/zemke-rhyne/account.sls
rename to roles/salt-primary/zemke-rhyne/account.sls
diff --git a/roles/saltmaster/zemke-rhyne/data.sls b/roles/salt-primary/zemke-rhyne/data.sls
similarity index 91%
rename from roles/saltmaster/zemke-rhyne/data.sls
rename to roles/salt-primary/zemke-rhyne/data.sls
index a91d6d0..b607c92 100644
--- a/roles/saltmaster/zemke-rhyne/data.sls
+++ b/roles/salt-primary/zemke-rhyne/data.sls
@@ -1,29 +1,29 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-09-08
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set zr_home = "/home/zr" %}
# If we pass the JSON as contents, it will be converted into Python,
# so we've a template to call directly the method.
{{ zr_home }}/data/servers.json:
file.managed:
- - source: salt://roles/saltmaster/zemke-rhyne/files/servers.json.jinja
+ - source: salt://roles/salt-primary/zemke-rhyne/files/servers.json.jinja
- template: jinja
- user: zr
zr_authorized_keys:
cmd.run:
- runas: zr
- cwd: {{ zr_home }}
- name: make clean all
- onchanges:
- file: {{ zr_home }}/data/servers.json
- require:
- user: zr_account
- file: {{ zr_home }}/Makefile
diff --git a/roles/saltmaster/zemke-rhyne/files/dot.arcrc.json b/roles/salt-primary/zemke-rhyne/files/dot.arcrc.json
similarity index 100%
rename from roles/saltmaster/zemke-rhyne/files/dot.arcrc.json
rename to roles/salt-primary/zemke-rhyne/files/dot.arcrc.json
diff --git a/roles/saltmaster/zemke-rhyne/files/servers.json.jinja b/roles/salt-primary/zemke-rhyne/files/servers.json.jinja
similarity index 100%
rename from roles/saltmaster/zemke-rhyne/files/servers.json.jinja
rename to roles/salt-primary/zemke-rhyne/files/servers.json.jinja
diff --git a/roles/saltmaster/zemke-rhyne/init.sls b/roles/salt-primary/zemke-rhyne/init.sls
similarity index 100%
rename from roles/saltmaster/zemke-rhyne/init.sls
rename to roles/salt-primary/zemke-rhyne/init.sls
diff --git a/roles/saltmaster/zemke-rhyne/software.sls b/roles/salt-primary/zemke-rhyne/software.sls
similarity index 100%
rename from roles/saltmaster/zemke-rhyne/software.sls
rename to roles/salt-primary/zemke-rhyne/software.sls
diff --git a/top.sls b/top.sls
index e7ebc4b..8ff434b 100644
--- a/top.sls
+++ b/top.sls
@@ -1,39 +1,39 @@
# -------------------------------------------------------------
# Salt configuration for Nasqueron servers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-04-10
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
base:
'*':
- roles/core
- roles/webserver-content
'local':
- - roles/saltmaster
+ - roles/salt-primary
'ysul':
- roles/builder
- roles/dbserver-mysql
- roles/devserver
- roles/viperserv
- roles/webserver-core
- roles/webserver-legacy
- roles/webserver-varnish
'windriver':
- roles/builder
- roles/dbserver-mysql
- roles/dbserver-pgsql
- roles/devserver
- roles/webserver-core
- roles/webserver-legacy
'cloudhugger':
- roles/opensearch
'docker-001':
- roles/paas-docker
'dwellers':
- roles/paas-docker/docker
- roles/paas-lxc/lxc
'eglide':
- roles/webserver-core
- roles/shellserver

File Metadata

Mime Type
text/x-diff
Expires
Fri, Sep 19, 00:01 (23 h, 37 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2984628
Default Alt Text
(35 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator