Manage Salt roleproxy

Add role, profile and pillar for roleproxy. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-01-30 00:39:33 +01:00 · 2023-01-30 00:39:33 +01:00 · 83f698e18c
commit 83f698e18c
parent 81a37bf842
3 changed files with 48 additions and 0 deletions
--- a/pillar/role/salt/roleproxy.sls
+++ b/pillar/role/salt/roleproxy.sls
@ -0,0 +1,12 @@
+salt:
+  roleproxy:
+    nb_host: ${'secret_salt:roleproxy:nb_host'}
+    nb_token: ${'secret_salt:roleproxy:nb_token'}
+
+firewalld:
+  zones:
+    internal:
+      ports:
+        - comment: salt-roleproxy
+          port: 4580
+          protocol: tcp
--- a/salt/profile/salt/roleproxy.sls
+++ b/salt/profile/salt/roleproxy.sls
@ -0,0 +1,34 @@
+{%- set roleproxy_pillar = pillar['salt']['roleproxy'] -%}
+
+salt_roleproxy_packages:
+  pkg.installed:
+    - names:
+      - salt-netbox-roleproxy
+    - watch_in:
+      - service: salt_roleproxy_service
+
+salt_roleproxy_sysconfig:
+  file.keyvalue:
+    - name: /etc/sysconfig/roleproxy
+    - separator: '='
+    - show_changes: False
+    - key_values:
+        NB_HOST: {{ roleproxy_pillar['nb_host'] }}
+        NB_TOKEN: {{ roleproxy_pillar['nb_token'] }}
+    - require:
+      - pkg: salt_roleproxy_packages
+    - watch_in:
+      - service: salt_roleproxy_service
+
+salt_roleproxy_service_enable:
+  service.enabled:
+    - name: roleproxy
+    - require:
+      - pkg: salt_roleproxy_packages
+
+salt_roleproxy_service:
+  service.running:
+    - name: roleproxy
+    - watch:
+      - pkg: salt_roleproxy_packages
+      - file: salt_roleproxy_sysconfig
--- a/salt/role/salt/roleproxy.sls
+++ b/salt/role/salt/roleproxy.sls
@ -0,0 +1,2 @@
+include:
+  - profile.salt.roleproxy