diff --git a/salt/defaults.yaml b/salt/defaults.yaml index d4dcaf1..3e743e4 100644 --- a/salt/defaults.yaml +++ b/salt/defaults.yaml @@ -41,6 +41,8 @@ salt: salt_master: salt-master salt_minion: salt-minion + salt_master_macos_plist_hash: '' + salt_minion_macos_plist_hash: '' salt_syndic: salt-syndic salt_cloud: salt-cloud salt_api: salt-api diff --git a/salt/master.sls b/salt/master.sls index 665c302..20476c6 100644 --- a/salt/master.sls +++ b/salt/master.sls @@ -7,20 +7,35 @@ include: - .pin {% endif %} + {%- if grains.os == 'MacOS' %} +salt-master-macos: + file.managed: + - name: /Library/LaunchDaemons/com.saltstack.salt.master.plist + - source: https://raw.githubusercontent.com/saltstack/salt/master/pkg/osx/scripts/com.saltstack.salt.master.plist + - source_hash: {{ salt_settings.salt_master_macos_plist_hash }} + - retry: + attempts: 2 + until: True + interval: 10 + splay: 10 + - require_in: + - service: salt-master + {%- endif %} + salt-master: -{% if salt_settings.install_packages %} + {% if salt_settings.install_packages %} pkg.installed: - name: {{ salt_settings.salt_master }} - {%- if salt_settings.version is defined %} + {%- if salt_settings.version is defined %} - version: {{ salt_settings.version }} - {%- endif %} -{% if salt_settings.master_service_details.state != 'ignore' %} + {%- endif %} + {% if salt_settings.master_service_details.state != 'ignore' %} - require_in: - service: salt-master - watch_in: - service: salt-master -{% endif %} -{% endif %} + {% endif %} + {% endif %} file.recurse: - name: {{ salt_settings.config_path }}/master.d {%- if salt_settings.master_config_use_TOFS %} @@ -35,19 +50,20 @@ salt-master: {%- endif %} - clean: {{ salt_settings.clean_config_d_dir }} - exclude_pat: _* -{% if salt_settings.master_service_details.state != 'ignore' %} + {% if salt_settings.master_service_details.state != 'ignore' %} service.{{ salt_settings.master_service_details.state }}: - enable: {{ salt_settings.master_service_details.enabled }} - name: {{ salt_settings.master_service }} - watch: + - file: salt-master-macos - file: salt-master - file: remove-old-master-conf-file -{% endif %} -{% if salt_settings.master_remove_config %} + {% endif %} + {% if salt_settings.master_remove_config %} remove-default-master-conf-file: file.absent: - name: {{ salt_settings.config_path }}/master -{% endif %} + {% endif %} # clean up old _defaults.conf file if they have it around remove-old-master-conf-file: diff --git a/salt/minion.sls b/salt/minion.sls index 18c45d3..e45f1cb 100644 --- a/salt/minion.sls +++ b/salt/minion.sls @@ -7,19 +7,19 @@ include: - .pin {% endif %} -{% if salt_settings.install_packages and grains.os == 'MacOS' %} + {%- if grains.os == 'MacOS' %} + {% if salt_settings.install_packages %} + download-salt-minion: - {% if salt_settings.salt_minion_pkg_source %} - {# only download IF we know where to get the pkg from and what version to check the current install (if installed) against #} - {# e.g. don't download unless it appears as though we're about to try and upgrade the minion #} + {% if salt_settings.salt_minion_pkg_source %} {# minion upgrade? #} file.managed: - name: '/tmp/salt.pkg' - source: {{ salt_settings.salt_minion_pkg_source }} - {%- if salt_settings.salt_minion_pkg_hash %} + {%- if salt_settings.salt_minion_pkg_hash %} - source_hash: {{ salt_settings.salt_minion_pkg_hash }} - {% else %} + {% else %} - skip_verify: True - {% endif %} + {% endif %} - user: root - group: wheel - mode: '0644' @@ -27,43 +27,62 @@ download-salt-minion: - test -n "{{ salt_settings.version }}" && '/opt/salt/bin/salt-minion --version=.*{{ salt_settings.version }}.*' - require_in: - macpackage: salt-minion - {%- elif "workaround https://github.com/saltstack/salt/issues/49348" %} + - retry: + attempts: 2 + until: True + interval: 10 + splay: 10 + {%- elif "workaround https://github.com/saltstack/salt/issues/49348" %} cmd.run: - name: /usr/local/bin/brew install {{ salt_settings.salt_minion }} - onlyif: test -x /usr/local/bin/brew - runas: {{ salt_settings.rootuser }} - {%- endif %} -{% endif %} + {%- endif %} + +salt-minion-macos: + file.managed: + - onlyif: {{ grains.os == 'MacOS' }} + - name: /Library/LaunchDaemons/com.saltstack.salt.minion.plist + - source: https://raw.githubusercontent.com/saltstack/salt/master/pkg/osx/scripts/com.saltstack.salt.master.plist + - source_hash: {{ salt_settings.salt_minion_macos_plist_hash }} + - retry: + attempts: 2 + until: True + interval: 10 + splay: 10 + - require_in: + - service: salt-minion + {%- endif %} + {%- endif %} salt-minion: -{% if salt_settings.install_packages %} - {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} + {% if salt_settings.install_packages %} + {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} macpackage.installed: - name: '/tmp/salt.pkg' - target: / - {# macpackage.installed behaves weirdly with version_check; version_check detects difference but fails to actually complete install. #} - {# use force == True as workaround #} - - force: True + {# macpackage.installed is weird with version_check, detects diff but incomplete install #} + - force: True {# workaround #} - unless: - test -n "{{ salt_settings.version }}" && '/opt/salt/bin/salt-minion --version=.*{{ salt_settings.version }}.*' -{% if salt_settings.minion_service_details.state != 'ignore' %} + {% if salt_settings.minion_service_details.state != 'ignore' %} - require_in: - service: salt-minion -{% endif %} + {% endif %} - onchanges_in: - cmd: remove-macpackage-salt - {%- elif grains.os != 'MacOS' and "workaround https://github.com/saltstack/salt/issues/49348" %} + {%- elif grains.os != 'MacOS' and "workaround https://github.com/saltstack/salt/issues/49348" %} pkg.installed: - name: {{ salt_settings.salt_minion }} - {%- if salt_settings.version %} + {%- if salt_settings.version %} - version: {{ salt_settings.version }} - {%- endif %} -{% if salt_settings.minion_service_details.state != 'ignore' %} + {%- endif %} + {% if salt_settings.minion_service_details.state != 'ignore' %} - require_in: - service: salt-minion -{% endif %} - {%- endif %} -{% endif %} + {% endif %} + {%- endif %} + {% endif %} file.recurse: - name: {{ salt_settings.config_path }}/minion.d {%- if salt_settings.minion_config_use_TOFS %} @@ -80,47 +99,49 @@ salt-minion: {%- endif %} - clean: {{ salt_settings.clean_config_d_dir }} - exclude_pat: _* -{% if salt_settings.minion_service_details.state != 'ignore' %} + {% if salt_settings.minion_service_details.state != 'ignore' %} service.{{ salt_settings.minion_service_details.state }}: - enable: {{ salt_settings.minion_service_details.enabled }} - name: {{ salt_settings.minion_service }} - - require: - - file: salt-minion -{% endif %} -{%- if not salt_settings.restart_via_at %} + - watch: + - file: salt-master-macos + - file: salt-master + - file: remove-old-minion-conf-file + {% endif %} + {%- if not salt_settings.restart_via_at %} cmd.run: - {%- if grains['saltversioninfo'] >= [ 2016, 3 ] %} - {%- if grains['kernel'] == 'Windows' %} + {%- if grains['saltversioninfo'] >= [ 2016, 3 ] %} + {%- if grains['kernel'] == 'Windows' %} - name: 'salt-call.bat --local service.restart {{ salt_settings.minion_service }}' - {%- else %} + {%- else %} - name: 'salt-call --local service.restart {{ salt_settings.minion_service }} --out-file /dev/null' - {%- endif %} + {%- endif %} - bg: True - {%- else %} - {%- if grains['kernel'] == 'Windows' %} + {%- else %} + {%- if grains['kernel'] == 'Windows' %} - name: 'start powershell "Restart-Service -Name {{ salt_settings.minion_service }}"' - {%- else %} + {%- else %} # old style, pre 2016.3. fork and disown the process - name: |- exec 0>&- # close stdin exec 1>&- # close stdout exec 2>&- # close stderr nohup salt-call --local service.restart {{ salt_settings.minion_service }} --out-file /dev/null & - {%- endif %} - {%- endif %} + {%- endif %} + {%- endif %} - onchanges: - {%- if salt_settings.install_packages %} - {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} + {%- if salt_settings.install_packages %} + {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} - macpackage: salt-minion - {%- elif grains.os == 'MacOS' %} + {%- elif grains.os == 'MacOS' %} - cmd: download-salt-minion - {%- else %} + {%- else %} - pkg: salt-minion - {%- endif %} - {%- endif %} + {%- endif %} + {%- endif %} - file: salt-minion - file: remove-old-minion-conf-file -{%- else %} + {%- else %} {% if grains.os_family not in ['MacOS', 'FreeBSD'] %} {# MacOS and FreeBSD have the 'at' command; but there's no package to install #} @@ -134,20 +155,20 @@ restart-salt-minion: - name: echo salt-call --local service.restart {{ salt_settings.minion_service }} | at now + 1 minute - order: last - onchanges: - {%- if salt_settings.install_packages %} - {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} + {%- if salt_settings.install_packages %} + {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} - macpackage: salt-minion - {%- elif grains.os == 'MacOS' %} + {%- elif grains.os == 'MacOS' %} - cmd: download-salt-minion - {%- else %} + {%- else %} - pkg: salt-minion - {%- endif %} - {%- endif %} + {%- endif %} + {%- endif %} - file: salt-minion - file: remove-old-minion-conf-file -{%- endif %} + {%- endif %} -{% if 'inotify' in salt_settings.get('minion', {}).get('beacons', {}) and salt_settings.get('pyinotify', False) %} + {% if 'inotify' in salt_settings.get('minion', {}).get('beacons', {}) and salt_settings.get('pyinotify', False) %} salt-minion-beacon-inotify: pkg.installed: - name: {{ salt_settings.pyinotify }} @@ -155,22 +176,22 @@ salt-minion-beacon-inotify: - service: salt-minion - watch_in: - service: salt-minion -{% endif %} + {% endif %} -{% if salt_settings.minion_remove_config %} + {% if salt_settings.minion_remove_config %} remove-default-minion-conf-file: file.absent: - name: {{ salt_settings.config_path }}/minion -{% endif %} + {% endif %} # clean up old _defaults.conf file if they have it around remove-old-minion-conf-file: file.absent: - name: {{ salt_settings.config_path }}/minion.d/_defaults.conf -{% if grains.os == 'MacOS' %} + {% if grains.os == 'MacOS' %} remove-macpackage-salt: file.absent: - name: /tmp/salt.pkg - force: True -{% endif %} + {% endif %} diff --git a/salt/osmap.yaml b/salt/osmap.yaml index 1196ba0..2224a23 100644 --- a/salt/osmap.yaml +++ b/salt/osmap.yaml @@ -55,3 +55,9 @@ SmartOS: config_path: /opt/local/etc/salt master: gitfs_provider: dulwich + +MacOS: + minion_service: com.saltstack.salt.minion + master_service: com.saltstack.salt.master + salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 + salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20