2
0
salt-formula/salt/cloud.sls
Gilles Dartiguelongue 4b29379725 Rework salt-cloud directories and files creation
Since the set of directories is known, just iterate of its well known
names directly. Make sure files are dumped after `file.recurse` to avoid
deletion/creation cycles when applying highstate.

Also apply permissions on cloud.providers.d after all creations steps
are done.
2017-04-11 13:34:50 +02:00

91 lines
2.3 KiB
Plaintext

{% from "salt/map.jinja" import salt_settings with context %}
{%- if salt_settings.use_pip %}
python-pip:
pkg.installed
salt-cloud-pip-packages:
pip.installed:
- pkgs:
- apache-libcloud
{%- if grains['os_family'] not in ['Debian', 'RedHat'] %}
- crypto
{%- endif %}
- pycrypto
- require:
- pkg: python-pip
{%- endif %}
{% if salt_settings.install_packages %}
salt-cloud:
pkg.installed:
- name: {{ salt_settings.salt_cloud }}
{%- if salt_settings.use_pip %}
- require:
- pip: salt-cloud-pip-packages
{%- endif %}
{% endif %}
{% for cert in pillar.get('salt_cloud_certs', {}) %}
{% for type in ['pem'] %}
cloud-cert-{{ cert }}-pem:
file.managed:
- name: {{ salt_settings.config_path }}/pki/cloud/{{ cert }}.pem
- source: salt://{{ slspath }}/files/key
- template: jinja
- user: root
- group:
{%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %}
wheel
{%- else %}
root
{%- endif %}
- mode: 600
- makedirs: True
- defaults:
key: {{ cert }}
type: {{ type }}
{% endfor %}
{% endfor %}
{% for cloud_section in ["maps", "profiles", "providers"] %}
salt-cloud-{{ cloud_section }}:
file.recurse:
- name: {{ salt_settings.config_path }}/cloud.{{ cloud_section }}.d
- source: {{ salt_settings.cloud.template_sources[cloud_section] }}
- template: jinja
- makedirs: True
{% for filename in salt['pillar.get']("salt:cloud:" ~ cloud_section, {}).keys() %}
/etc/salt/cloud.{{ cloud_section }}.d/{{ filename }}:
file.serialize:
- dataset_pillar: salt:cloud:{{ cloud_section }}:{{ filename }}
- formatter: yaml
- require:
- file: salt-cloud-{{ cloud_section }}
{%- if cloud_section == "providers" %}
- require_in:
- file: salt-cloud-providers-permissions
{%- endif %}
{% endfor %}
{% endfor %}
salt-cloud-providers-permissions:
file.directory:
- name: {{ salt_settings.config_path }}/cloud.providers.d
- user: root
- group:
{%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %}
wheel
{%- else %}
root
{%- endif %}
- file_mode: 600
- dir_mode: 700
- recurse:
- user
- group
- mode
- require:
- file: salt-cloud-providers