85 Commits

Author	SHA1	Message	Date
Georg Pfuetzenreuter	950b308546	Relay via static zz0.email host ... Split horizon for the complete .email zone is not feasible for all sites, and TLS certificate currently does not cover any of the internal hostnames. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-27 12:45:01 +01:00
Georg Pfuetzenreuter	698234c040	Manage common SSH server ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-26 23:05:21 +01:00
Georg Pfuetzenreuter	f949c0aba0	mta.postfix->global.mta pillar; remove mta profile ... This is more a MTA configuration for system email on all hosts instead of a dedicated email server role. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-26 20:54:09 +01:00
Georg Pfuetzenreuter	286bd5d20b	Repository: remove comment, add priority ... LibertaCasa RPM repsitory: - comment was not added by Salt, it attempted to re-add it every time - set lower priority Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-25 21:31:40 +01:00
Georg Pfuetzenreuter	4bf9ac9413	Include Postfix pillar via role ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-24 23:16:56 +01:00
Georg Pfuetzenreuter	6c7aaa08e1	Manage common Postfix ... Add configuration for global client MTA's. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> Enable Postfix management Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-24 21:17:55 +01:00
Georg Pfuetzenreuter	dc3c0dd6a9	Include users in common.suse ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 22:56:39 +01:00
Georg Pfuetzenreuter	0c2ea3ef95	Add common_packages to common.suse ... Add ID and initialize with fish and system-group wheel packages. More packages to be added later on. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 21:32:45 +01:00
Georg Pfuetzenreuter	3226b4113c	Remove release from RPM key check ... Release tag can be different from machine to machine. Checking for the version tag should be good enough. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 20:55:56 +01:00
Georg Pfuetzenreuter	5bda75100a	Manage LC repository + ca-certificates ... manage - home:crameleon:LibertaCasa repository - ca-certificates-syscid in common SUSE state. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 20:44:39 +01:00
Georg Pfuetzenreuter	2e08c3cf36	Connect syndic minions to syndic master ... Syndics are generally the masters assigned to their region. We want the minions on syndics to connect to their upstream master ("master of masters") instead of to themselves. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 19:28:28 +01:00
Georg Pfuetzenreuter	a5754ea0cb	Add admins to redis group on masters ... Avoid permissions errors if Salt attempts to write to Redis during non-root state.apply calls. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 18:38:36 +01:00
Georg Pfuetzenreuter	cce6cce594	Use central machine-roles endpoint ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 16:55:55 +01:00
Georg Pfuetzenreuter	0efd688151	Use http.query instead of nbroles module ... This is an attempt to remove the need for the custom nbroles module. If it works out, the localhost reference should be replaced with a global roles API endpoint. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 16:32:57 +01:00
Georg Pfuetzenreuter	06a36e62ae	salt.master: configure publisher_acl ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 15:41:23 +01:00
Georg Pfuetzenreuter	4f633d8d4e	Update symlink to nbroles.py ... Fallout from b112ee3131. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 14:52:44 +01:00
Georg Pfuetzenreuter	5ab1c4f854	salt.master: manage formulas ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 14:49:30 +01:00
Georg Pfuetzenreuter	b112ee3131	Move extmods to salt/ ... Allow for extension modules to be delivered using the Salt file server. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 14:46:25 +01:00
Georg Pfuetzenreuter	928809b267	salt.master: manage extension modules ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 14:34:42 +01:00
Georg Pfuetzenreuter	689eb5c676	Configure Redis for Salt master ... Add Redis configuration to salt.master profile for caching on Salt masters. To-Do: move configuration to a formula based approach. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 13:56:21 +01:00
Georg Pfuetzenreuter	ad4c6af852	Add salt.syndic role + pillar ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-22 13:49:35 +01:00
Georg Pfuetzenreuter	e5e9685113	Add empty salt.common SLS ... Roles under salt/ are enforced to be existent - adding "empty" file to match pillar/role/salt/. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-21 19:54:17 +01:00
Georg Pfuetzenreuter	ab2f6802a9	Remove test-webserver role ... No longer used, referenced profile removed in a1782581bb. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-21 19:37:16 +01:00
Georg Pfuetzenreuter	12f0a7bce0	Target roles without grains in tops ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-21 14:26:31 +01:00
Georg Pfuetzenreuter	bf0dfeb941	Use nbroles instead of grains ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-21 01:22:29 +01:00
Georg Pfuetzenreuter	fed1e35c88	Init master role w/ pillar ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 18:47:54 +01:00
Georg Pfuetzenreuter	e26039e920	Re-order minion profile ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 17:51:44 +01:00
Georg Pfuetzenreuter	546508c7de	Use custom minion master configuration ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 17:40:16 +01:00
Georg Pfuetzenreuter	fe2a1a21b9	Use traditional grains management ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 17:40:01 +01:00
Georg Pfuetzenreuter	eb1731e7a1	Move managed grains to minion pillar ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 17:39:59 +01:00
Georg Pfuetzenreuter	11620c863c	Init salted salt + minion pillar ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 17:39:31 +01:00
Georg Pfuetzenreuter	a1782581bb	Cleanup after devel import ... - remove RPM public key import - remove test-webserver profile Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 13:20:28 +01:00
Georg Pfuetzenreuter	f693159270	Refactor common tree ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 13:13:11 +01:00
Georg Pfuetzenreuter	2b40942a44	Import profiles/roles from salt-devel ... - + renaming baseline to common Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 09:45:04 +01:00
Georg Pfuetzenreuter	f1a4b0514c	Init ... Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>	2023-01-15 09:18:15 +01:00