4344a1311b
The user will already have it's /etc/salt/minion file, so it doesn't need all this info, and it makes easier to know what has been generated and what not
370 lines
9.9 KiB
Plaintext
370 lines
9.9 KiB
Plaintext
# This file managed by Salt, do not edit by hand!!
|
|
# Based on salt version 0.17.4 default config
|
|
{% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs'] -%}
|
|
{% set cfg_salt = pillar.get('salt', {}) -%}
|
|
{% set cfg_minion = cfg_salt.get('minion', {}) -%}
|
|
{%- macro get_config(configname, default_value) -%}
|
|
{%- if configname in cfg_minion -%}
|
|
{{ configname }}: {{ cfg_minion[configname] }}
|
|
{%- elif configname in cfg_salt and configname not in reserved_keys -%}
|
|
{{ configname }}: {{ cfg_salt[configname] }}
|
|
{%- else -%}
|
|
#{{ configname }}: {{ default_value }}
|
|
{%- endif -%}
|
|
{%- endmacro -%}
|
|
{%- from 'salt/formulas.jinja' import file_roots, formulas with context -%}
|
|
##### Primary configuration settings #####
|
|
##########################################
|
|
|
|
# minion includes
|
|
{{ get_config('default_include', 'minion.d/*.conf') }}
|
|
|
|
# master configs
|
|
{%- if 'master' in cfg_minion -%}
|
|
{%- if cfg_minion['master'] is not string %}
|
|
master:
|
|
{% for name in cfg_minion['master'] -%}
|
|
- {{ name }}
|
|
{% endfor -%}
|
|
{%- else %}
|
|
{{ get_config('master', 'salt') }}
|
|
{%- endif %}
|
|
{% elif 'master' in cfg_salt -%}
|
|
{%- if cfg_salt['master'] is not string %}
|
|
master:
|
|
{% for name in cfg_salt['master'] -%}
|
|
- {{ name }}
|
|
{% endfor -%}
|
|
{%- else %}
|
|
{{ get_config('master', 'salt') }}
|
|
{%- endif -%}
|
|
{%- endif %}
|
|
|
|
# choose a random master
|
|
{{ get_config('random_master', 'False') }}
|
|
|
|
# use IPv6
|
|
{{ get_config('ipv6', 'False') }}
|
|
|
|
# name resolution retries
|
|
{{ get_config('retry_dns', '30') }}
|
|
|
|
# master port
|
|
{{ get_config('master_port', '4506') }}
|
|
|
|
# user to run salt.
|
|
{{ get_config('user', 'root') }}
|
|
|
|
# PID file
|
|
{{ get_config('pidfile', '/var/run/salt-minion.pid') }}
|
|
|
|
# root dir
|
|
{{ get_config('root_dir', '/') }}
|
|
|
|
# pki dir
|
|
{{ get_config('pki_dir', '/etc/salt/pki/minion') }}
|
|
|
|
# minion id
|
|
{% if 'id' in cfg_minion -%}
|
|
id: {{ cfg_minion['id'] }}
|
|
{% else -%}
|
|
#id:
|
|
{%- endif %}
|
|
|
|
# domain name for hostnames
|
|
{{ get_config('append_domain', '') }}
|
|
|
|
# custom grains
|
|
{{ get_config('grains', '{}') }}
|
|
|
|
# cache location
|
|
{{ get_config('cachedir', '/var/cache/salt/minion') }}
|
|
|
|
# environment verification
|
|
{{ get_config('verify_env', 'True') }}
|
|
|
|
# cache executed jobs
|
|
{{ get_config('cache_jobs', 'False') }}
|
|
|
|
# unix socket location
|
|
{{ get_config('sock_dir', '/var/run/salt/minion') }}
|
|
|
|
# output formatter
|
|
{{ get_config('output', 'nested') }}
|
|
# output color
|
|
{{ get_config('color', 'True') }}
|
|
# remove nested color
|
|
{{ get_config('strip_colors', 'False') }}
|
|
|
|
# backup modified files
|
|
{{ get_config('backup_mode', 'minion') }}
|
|
|
|
# key acceptance time
|
|
{{ get_config('acceptance_wait_time', '10') }}
|
|
# maximum acceptance wait
|
|
{{ get_config('acceptance_wait_time_max', '0') }}
|
|
# retry key
|
|
{{ get_config('rejected_retry', 'False') }}
|
|
# time to wait for trying reauth
|
|
{{ get_config('random_reauth_delay', '60') }}
|
|
# auth wait timeout
|
|
{{ get_config('auth_timeout', '60') }}
|
|
# auth retries
|
|
{{ get_config('auth_tries', '7') }}
|
|
# retry auth if ping failed
|
|
{{ get_config('auth_safemode', 'False') }}
|
|
|
|
# master ping interval
|
|
{{ get_config('ping_interval', '0') }}
|
|
|
|
# salt mine functions execution interval
|
|
{{ get_config('mine_interval', '60') }}
|
|
|
|
# mine functions
|
|
{%- if 'mine_functions' in cfg_minion %}
|
|
mine_functions:
|
|
{%- for func, args in cfg_minion['mine_functions'].items() %}
|
|
{{ func }}: {{ args }}
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
# reconnection parameters
|
|
{{ get_config('recon_default', '100') }}
|
|
{{ get_config('recon_max', '5000') }}
|
|
{{ get_config('recon_randomize', 'False') }}
|
|
|
|
# minion scheduler interval
|
|
{{ get_config('loop_interval', '60') }}
|
|
|
|
# grain refresh interval
|
|
{{ get_config('grains_refresh_every', '1') }}
|
|
# cache grains in minion
|
|
{{ get_config('grains_cache', 'False') }}
|
|
# grains cache expiration interval
|
|
{{ get_config('grains_cache_expiration', '300') }}
|
|
|
|
# ipc method
|
|
{{ get_config('ipc_mode', 'ipc') }}
|
|
# ipc tcp ports
|
|
{{ get_config('tcp_pub_port', '4510') }}
|
|
{{ get_config('tcp_pull_port', '4511') }}
|
|
|
|
# max event size in minion bus
|
|
{{ get_config('max_event_size', '1048576') }}
|
|
|
|
# master check alive interval
|
|
{{ get_config('master_alive_interval', '30') }}
|
|
|
|
# include extra config
|
|
{% if 'include' in cfg_minion -%}
|
|
{% if isinstance(cfg_minion['include'], list) -%}
|
|
include:
|
|
{% for include in cfg_minion['include'] -%}
|
|
- {{ include }}
|
|
{% endfor -%}
|
|
{% else -%}
|
|
include: cfg_minion['include']
|
|
{% endif -%}
|
|
{% elif 'include' in cfg_salt -%}
|
|
{% if isinstance(cfg_salt['include'], list) -%}
|
|
include:
|
|
{% for include in cfg_salt['include'] -%}
|
|
- {{ include }}
|
|
{% endfor -%}
|
|
{% else -%}
|
|
include: cfg_salt['include']
|
|
{% endif -%}
|
|
{% endif -%}
|
|
|
|
|
|
##### Minion module management #####
|
|
##########################################
|
|
# disable modules
|
|
{{ get_config('disable_modules', '[cmd,test]') }}
|
|
{{ get_config('disable_returners', '[]') }}
|
|
#
|
|
# minion modules search paths
|
|
{{ get_config('module_dirs', '[]') }}
|
|
{{ get_config('returner_dirs', '[]') }}
|
|
{{ get_config('states_dirs', '[]') }}
|
|
{{ get_config('render_dirs', '[]') }}
|
|
{{ get_config('utils_dirs', '[]') }}
|
|
# module overrides
|
|
{{ get_config('providers', '{}') }}
|
|
# enable cython modules
|
|
{{ get_config('cython_enable', 'False') }}
|
|
# max module size
|
|
{{ get_config('modules_max_memory', '-1') }}
|
|
|
|
|
|
##### State Management Settings #####
|
|
###########################################
|
|
# renderer selection
|
|
{{ get_config('renderer', 'yaml_jinja') }}
|
|
# fail on first failure
|
|
{{ get_config('failhard', 'False') }}
|
|
# auto reload dynamic modules
|
|
{{ get_config('autoload_dynamic_modules', 'True') }}
|
|
# sync dynamic modules with deletion
|
|
{{ get_config('clean_dynamic_modules', 'True') }}
|
|
# minion accepted environment
|
|
{{ get_config('environment', 'None') }}
|
|
# top state file
|
|
{{ get_config('state_top', 'top.sls') }}
|
|
# states to run in minion daemon
|
|
{{ get_config('startup_states', "''") }}
|
|
# sls states to run
|
|
{{ get_config('sls_list', '[]') }}
|
|
# top file to run
|
|
{{ get_config('top_file', "''") }}
|
|
|
|
##### File Directory Settings #####
|
|
##########################################
|
|
# file client location
|
|
{%- if standalone %}
|
|
file_client: local
|
|
{%- else %}
|
|
{{ get_config('file_client', 'remote') }}
|
|
{%- endif %}
|
|
|
|
# environment file roots
|
|
{% if 'file_roots' in cfg_minion -%}
|
|
{{ file_roots(cfg_minion['file_roots']) }}
|
|
{%- elif 'file_roots' in cfg_salt -%}
|
|
{{ file_roots(cfg_salt['file_roots']) }}
|
|
{%- elif formulas|length -%}
|
|
{{ file_roots({'base': ['/srv/salt']}) }}
|
|
{%- endif %}
|
|
|
|
# limit fileserver traversal
|
|
{{ get_config('fileserver_limit_traversal', 'False') }}
|
|
|
|
# gitfs provider
|
|
{{ get_config('gitfs_provider', 'pygit2') }}
|
|
# gitfs remotes
|
|
{% if 'gitfs_remotes' in cfg_minion -%}
|
|
gitfs_remotes:
|
|
{%- for remote in cfg_minion['gitfs_remotes'] %}
|
|
{%- if remote is iterable and remote is not string %}
|
|
{%- for repo, children in remote.items() %}
|
|
- {{ repo }}:
|
|
{%- for child in children %}
|
|
{%- for key, value in child.items() %}
|
|
- {{ key }}: {{ value }}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{%- else %}
|
|
- {{ remote }}
|
|
{%- endif -%}
|
|
{%- endfor -%}
|
|
{%- endif %}
|
|
# verify git ssl errors
|
|
{{ get_config('gitfs_ssl_verify', 'True') }}
|
|
# gitfs root dir
|
|
{{ get_config('gitfs_root', 'somefolder/otherfolder') }}
|
|
|
|
# file hash method
|
|
{{ get_config('hash_type', 'md5') }}
|
|
|
|
# pillar roots
|
|
{% if 'pillar_roots' in cfg_minion -%}
|
|
pillar_roots:
|
|
{%- for name, roots in cfg_minion['pillar_roots']|dictsort %}
|
|
{{ name }}:
|
|
{%- for dir in roots %}
|
|
- {{ dir }}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{% elif 'pillar_roots' in cfg_salt -%}
|
|
pillar_roots:
|
|
{%- for name, roots in cfg_salt['pillar_roots']|dictsort %}
|
|
{{ name }}:
|
|
{%- for dir in roots %}
|
|
- {{ dir }}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{%- endif %}
|
|
|
|
|
|
###### Security settings #####
|
|
###########################################
|
|
# disable authentication
|
|
{{ get_config('open_mode', 'False') }}
|
|
# allow access to pki dir
|
|
{{ get_config('permissive_pki_access', 'False') }}
|
|
|
|
# print verbose changes
|
|
{{ get_config('state_verbose', 'True') }}
|
|
# multi line output
|
|
{{ get_config('state_output', 'full') }}
|
|
# output diff
|
|
{{ get_config('state_output_diff', 'False') }}
|
|
|
|
# master fingerprint
|
|
{{ get_config('master_finger', "''") }}
|
|
|
|
###### Thread settings #####
|
|
###########################################
|
|
# enable multiprocessing
|
|
{{ get_config('multiprocessing', 'True') }}
|
|
|
|
|
|
##### Logging settings #####
|
|
##########################################
|
|
# log file and log lock file location
|
|
{{ get_config('log_file', '/var/log/salt/minion') }}
|
|
{{ get_config('key_logfile', ' /var/log/salt/key') }}
|
|
|
|
# console log level
|
|
{{ get_config('log_level', 'warning') }}
|
|
# logfile log level
|
|
{{ get_config('log_level_logfile', '') }}
|
|
|
|
# datetime format for console and logfile
|
|
{{ get_config('log_datefmt', "'%H:%M:%S'") }}
|
|
{{ get_config('log_datefmt_logfile', "'%Y-%m-%d %H:%M:%S'") }}
|
|
|
|
# log format for console and logfiles
|
|
{{ get_config('log_fmt_console', "'[%(levelname)-8s] %(message)s'") }}
|
|
{{ get_config('log_fmt_logfile', "'%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'") }}
|
|
|
|
# log particular modules
|
|
{{ get_config('log_granular_levels', '{}') }}
|
|
|
|
|
|
###### Module configuration #####
|
|
###########################################
|
|
# module parameters
|
|
{%- if 'module_config' in cfg_minion %}
|
|
{%- for modkey, modval in cfg_minion.module_config.items() %}
|
|
{{ modkey }}: {{ modval }}
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
|
|
###### Update settings ######
|
|
###########################################
|
|
# update url
|
|
{{ get_config('update_url', 'False') }}
|
|
# services to restart after update
|
|
{{ get_config('update_restart_services', '[]') }}
|
|
|
|
|
|
###### Keepalive settings ######
|
|
############################################
|
|
# use tcp keepalive
|
|
{{ get_config('tcp_keepalive', 'True') }}
|
|
# first keepalive from idle
|
|
{{ get_config('tcp_keepalive_idle', '300') }}
|
|
# keepalive number for connection lost
|
|
{{ get_config('tcp_keepalive_cnt', '-1') }}
|
|
# keepalive interval
|
|
{{ get_config('tcp_keepalive_intvl', '-1') }}
|
|
|
|
|
|
###### Windows Software settings ######
|
|
############################################
|
|
# windows repo cache
|
|
{{ get_config('win_repo_cachefile', 'salt://win/repo/winrepo.p') }}
|