Configure Redis for Salt master

Add Redis configuration to salt.master profile for caching on Salt masters. To-Do: move configuration to a formula based approach. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-01-22 13:47:42 +01:00 · 2023-01-22 13:47:42 +01:00 · 689eb5c676
commit 689eb5c676
parent bcac69683b
1 changed files with 65 additions and 0 deletions
--- a/salt/profile/salt/master.sls
+++ b/salt/profile/salt/master.sls
@ -1,2 +1,67 @@
+{%- set master_pillar = pillar['salt']['master'] -%}
+{%- set redis_config = '/etc/redis/salt.conf' -%}
+{%- set redis_service = 'redis@salt' -%}
+
 include:
  - salt.master
+
+salt_master_extra_packages:
+  pkg.installed:
+    - names:
+      - python3-pynetbox
+      - python3-redis
+      - redis
+    - watch_in:
+      - service: salt-master
+
+# to-do: move Redis configuration to a formula
+{{ redis_config }}:
+  file.managed:
+    - contents:
+      - port 0
+      - tcp-backlog 511
+      - unixsocket /run/redis/salt.sock
+      - unixsocketperm 460
+      - timeout 0
+      - supervised systemd
+      - pidfile /run/redis/salt.pid
+      - logfile /var/log/redis/salt.log
+      - databases 1
+      - dir /var/lib/redis/salt/
+      - acllog-max-len 64
+      - requirepass {{ master_pillar['cache.redis.password'] }}
+    - user: root
+    - group: redis
+    - mode: 0640
+    - require:
+      - pkg: redis
+
+/var/lib/redis/salt:
+  file.directory:
+    - user: redis
+    - group: redis
+    - mode: 0750
+    - require:
+      - pkg: redis
+
+salt_redis_membership:
+  group.present:
+    - name: redis
+    - addusers:
+      - {{ master_pillar['user'] }}
+    - require:
+      - pkg: redis
+
+salt_redis_service_enable:
+  service.enabled:
+    - name: {{ redis_service }}
+    - require:
+      - pkg: redis
+
+salt_redis_service_start:
+  service.running:
+    - name: {{ redis_service }}
+    - require:
+      - pkg: redis
+    - watch:
+      - file: {{ redis_config }}