diff --git a/bin/nbroles_to_grains.sh b/bin/nbroles_to_grains.sh index ee4e726..85cb52c 100755 --- a/bin/nbroles_to_grains.sh +++ b/bin/nbroles_to_grains.sh @@ -1,4 +1,4 @@ #!/usr/bin/env sh # This rewrites top-files to fetch roles from grains instead of our custom roles API. Useful for testing outside of the LibertaCasa infrastructure, but not recommended for production. -sed -i "s/salt\['http.query'\].*/grains\['roles'\] -%}/" */top.sls +sed -i "s/salt\['http.query'\].*/grains\['roles'\] -%}/" */top.sls salt/common/suse.sls diff --git a/salt/common/suse.sls b/salt/common/suse.sls index 01c7333..da0a99e 100644 --- a/salt/common/suse.sls +++ b/salt/common/suse.sls @@ -1,3 +1,5 @@ +{%- set roles = salt['http.query']('http://machine-roles.lysergic.dev:4580/roles', decode=True, decode_type='json', params={"machine": id})['dict']['roles'] -%} + include: {#- drop pillar check after all firewall configurations have been imported #} {%- if salt['pillar.get']('manage_firewall'), False %} @@ -65,7 +67,9 @@ common_packages_remove: {#- we only use AutoYaST for the OS deployment #} - autoyast2 - autoyast2-installation + {%- if not 'php-fpm' in roles %} - libX11-data + {%- endif %} - yast2-add-on - yast2-services-manager - yast2-slp