4b29379725
Since the set of directories is known, just iterate of its well known names directly. Make sure files are dumped after `file.recurse` to avoid deletion/creation cycles when applying highstate. Also apply permissions on cloud.providers.d after all creations steps are done.
91 lines
2.3 KiB
Plaintext
91 lines
2.3 KiB
Plaintext
{% from "salt/map.jinja" import salt_settings with context %}
|
|
|
|
{%- if salt_settings.use_pip %}
|
|
python-pip:
|
|
pkg.installed
|
|
|
|
salt-cloud-pip-packages:
|
|
pip.installed:
|
|
- pkgs:
|
|
- apache-libcloud
|
|
{%- if grains['os_family'] not in ['Debian', 'RedHat'] %}
|
|
- crypto
|
|
{%- endif %}
|
|
- pycrypto
|
|
- require:
|
|
- pkg: python-pip
|
|
{%- endif %}
|
|
|
|
{% if salt_settings.install_packages %}
|
|
salt-cloud:
|
|
pkg.installed:
|
|
- name: {{ salt_settings.salt_cloud }}
|
|
{%- if salt_settings.use_pip %}
|
|
- require:
|
|
- pip: salt-cloud-pip-packages
|
|
{%- endif %}
|
|
{% endif %}
|
|
|
|
{% for cert in pillar.get('salt_cloud_certs', {}) %}
|
|
{% for type in ['pem'] %}
|
|
cloud-cert-{{ cert }}-pem:
|
|
file.managed:
|
|
- name: {{ salt_settings.config_path }}/pki/cloud/{{ cert }}.pem
|
|
- source: salt://{{ slspath }}/files/key
|
|
- template: jinja
|
|
- user: root
|
|
- group:
|
|
{%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %}
|
|
wheel
|
|
{%- else %}
|
|
root
|
|
{%- endif %}
|
|
- mode: 600
|
|
- makedirs: True
|
|
- defaults:
|
|
key: {{ cert }}
|
|
type: {{ type }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
|
|
{% for cloud_section in ["maps", "profiles", "providers"] %}
|
|
salt-cloud-{{ cloud_section }}:
|
|
file.recurse:
|
|
- name: {{ salt_settings.config_path }}/cloud.{{ cloud_section }}.d
|
|
- source: {{ salt_settings.cloud.template_sources[cloud_section] }}
|
|
- template: jinja
|
|
- makedirs: True
|
|
|
|
{% for filename in salt['pillar.get']("salt:cloud:" ~ cloud_section, {}).keys() %}
|
|
/etc/salt/cloud.{{ cloud_section }}.d/{{ filename }}:
|
|
file.serialize:
|
|
- dataset_pillar: salt:cloud:{{ cloud_section }}:{{ filename }}
|
|
- formatter: yaml
|
|
- require:
|
|
- file: salt-cloud-{{ cloud_section }}
|
|
{%- if cloud_section == "providers" %}
|
|
- require_in:
|
|
- file: salt-cloud-providers-permissions
|
|
{%- endif %}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
|
|
salt-cloud-providers-permissions:
|
|
file.directory:
|
|
- name: {{ salt_settings.config_path }}/cloud.providers.d
|
|
- user: root
|
|
- group:
|
|
{%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %}
|
|
wheel
|
|
{%- else %}
|
|
root
|
|
{%- endif %}
|
|
- file_mode: 600
|
|
- dir_mode: 700
|
|
- recurse:
|
|
- user
|
|
- group
|
|
- mode
|
|
- require:
|
|
- file: salt-cloud-providers
|