Georg Pfuetzenreuter
7600e631d3
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
State would print the colons unquoted into the file, causing the YAML to not parse. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
92 lines
3.2 KiB
Plaintext
92 lines
3.2 KiB
Plaintext
{%- import_yaml 'formulas.yaml' as formulas -%}
|
|
|
|
include:
|
|
- role.salt.common
|
|
|
|
salt:
|
|
interface: ${'secret_salt:master:interface'}
|
|
master_remove_config: True
|
|
extmods: {'modules': ['nbroles.py'], 'pillar': ['lookup.py']}
|
|
master:
|
|
cache: redis
|
|
cli_summary: True
|
|
# to-do: package extension modules
|
|
extension_modules: /opt/extmods
|
|
gpg_keydir: ${'secret_salt:master:gpg_keydir'}
|
|
ipv6: True
|
|
file_ignore_glob:
|
|
- '*.pyc'
|
|
- '*.swp'
|
|
fileserver_backend:
|
|
- roots
|
|
- git
|
|
file_roots:
|
|
production:
|
|
{%- for formula in formulas %}
|
|
- /srv/formulas/{{ formula }}-formula
|
|
{%- endfor %}
|
|
gitfs_root: salt
|
|
gitfs_remotes:
|
|
- https://git.com.de/LibertaCasa/salt.git:
|
|
- user: ${'secret_salt:master:gitfs_remotes:LibertaCasa:user'}
|
|
- password: ${'secret_salt:master:gitfs_remotes:LibertaCasa:password'}
|
|
ext_pillar:
|
|
- netbox:
|
|
api_url: ${'secret_salt:master:ext_pillar:netbox:api_url'}
|
|
api_token: ${'secret_salt:master:ext_pillar:netbox:api_token'}
|
|
virtual_machines: True
|
|
interfaces: True
|
|
interface_ips: True
|
|
site_details: False
|
|
site_prefixes: False
|
|
- git:
|
|
- production https://git.com.de/LibertaCasa/salt.git:
|
|
- root: pillar
|
|
- user: ${'secret_salt:master:ext_pillar:git:LibertaCasa:user'}
|
|
- password: ${'secret_salt:master:ext_pillar:git:LibertaCasa:password'}
|
|
- production https://git.com.de/Lysergic/salt.git:
|
|
- root: ${'secret_salt:master:ext_pillar:git:Lysergic:root'}
|
|
- user: ${'secret_salt:master:ext_pillar:git:Lysergic:user'}
|
|
- password: ${'secret_salt:master:ext_pillar:git:Lysergic:password'}
|
|
- lookup: {}
|
|
ext_pillar_first: True
|
|
pillar_merge_lists: True
|
|
pillar_source_merging_strategy: smart
|
|
top_file_merging_strategy: same
|
|
env_order: ['production']
|
|
log_level: info
|
|
show_jid: True
|
|
timeout: 20
|
|
gather_job_timeout: 20
|
|
keep_jobs: 30
|
|
user: ${'secret_salt:master:user'}
|
|
syndic_user: ${'secret_salt:master:syndic_user'}
|
|
cache.redis.unix_socket_path: ${'secret_salt:master:cache.redis.unix_socket_path'}
|
|
cache.redis.password: ${'secret_salt:master:cache.redis.password'}
|
|
rest_cherrypy:
|
|
host: "'::'"
|
|
port: 4550
|
|
ssl_crt: ${'secret_salt:master:rest_cherrypy:ssl_crt'}
|
|
ssl_key: ${'secret_salt:master:rest_cherrypy:ssl_key'}
|
|
auth.ldap.server: ${'secret_salt:master:auth.ldap.server'}
|
|
auth.ldap.port: ${'secret_salt:master:auth.ldap.port'}
|
|
auth.ldap.tls: True
|
|
auth.ldap.scope: 2
|
|
auth.ldap.accountattributename: ${'secret_salt:master:auth.ldap.accountattributename'}
|
|
auth.ldap.groupou: ${'secret_salt:master:auth.ldap.groupou'}
|
|
auth.ldap.groupclass: ${'secret_salt:master:auth.ldap.groupclass'}
|
|
auth.ldap.basedn: ${'secret_salt:master:auth.ldap.basedn'}
|
|
auth.ldap.binddn: ${'secret_salt:master:auth.ldap.binddn'}
|
|
auth.ldap.bindpw: ${'secret_salt:master:auth.ldap.bindpw'}
|
|
auth.ldap.filter: ${'secret_salt:master:auth.ldap.filter'}
|
|
|
|
firewalld:
|
|
zones:
|
|
internal:
|
|
services:
|
|
- salt-master
|
|
ports:
|
|
- comment: salt-api
|
|
port: 4550
|
|
protocol: tcp
|