368 lines
10 KiB
Plaintext
368 lines
10 KiB
Plaintext
# This file managed by Salt, do not edit by hand!!
|
|
# Based on salt version 0.17.4 default config
|
|
{% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs'] -%}
|
|
{% set cfg_salt = pillar.get('salt', {}) -%}
|
|
{% set cfg_minion = cfg_salt.get('minion', {}) -%}
|
|
{%- macro get_config(configname, default_value) -%}
|
|
{%- if configname in cfg_minion -%}
|
|
{{ configname }}: {{ cfg_minion[configname] }}
|
|
{%- elif configname in cfg_salt and configname not in reserved_keys -%}
|
|
{{ configname }}: {{ cfg_salt[configname] }}
|
|
{%- else -%}
|
|
#{{ configname }}: {{ default_value }}
|
|
{%- endif -%}
|
|
{%- endmacro -%}
|
|
{%- from 'salt/formulas.jinja' import file_roots, formulas with context -%}
|
|
##### Primary configuration settings #####
|
|
##########################################
|
|
|
|
# minion includes
|
|
{{ get_config('default_include', 'minion.d/*.conf') }}
|
|
|
|
# master configs
|
|
{%- if 'master' in cfg_minion and cfg_minion['master'] is not string %}
|
|
master:
|
|
{% for name in cfg_minion['master'] -%}
|
|
- {{ name }}
|
|
{% endfor -%}
|
|
{%- else %}
|
|
{{ get_config('master', 'salt') }}
|
|
{%- endif %}
|
|
|
|
# choose a random master
|
|
{{ get_config('random_master', 'False') }}
|
|
|
|
# use IPv6
|
|
{{ get_config('ipv6', 'False') }}
|
|
|
|
# name resolution retries
|
|
{{ get_config('retry_dns', '30') }}
|
|
|
|
# master port
|
|
{{ get_config('master_port', '4506') }}
|
|
|
|
# user to run salt.
|
|
{{ get_config('user', 'root') }}
|
|
|
|
# PID file
|
|
{{ get_config('pidfile', '/var/run/salt-minion.pid') }}
|
|
|
|
# root dir
|
|
{{ get_config('root_dir', '/') }}
|
|
|
|
# pki dir
|
|
{{ get_config('pki_dir', '/etc/salt/pki/minion') }}
|
|
|
|
# minion id
|
|
{% if 'id' in cfg_minion -%}
|
|
id: {{ cfg_minion['id'] }}
|
|
{% else -%}
|
|
#id:
|
|
{%- endif %}
|
|
|
|
# domain name for hostnames
|
|
{{ get_config('append_domain', '') }}
|
|
|
|
# custom grains
|
|
{{ get_config('grains', '{}') }}
|
|
|
|
# cache location
|
|
{{ get_config('cachedir', '/var/cache/salt/minion') }}
|
|
|
|
# environment verification
|
|
{{ get_config('verify_env', 'True') }}
|
|
|
|
# cache executed jobs
|
|
{{ get_config('cache_jobs', 'False') }}
|
|
|
|
# unix socket location
|
|
{{ get_config('sock_dir', '/var/run/salt/minion') }}
|
|
|
|
# output formatter
|
|
{{ get_config('output', 'nested') }}
|
|
# output color
|
|
{{ get_config('color', 'True') }}
|
|
# remove nested color
|
|
{{ get_config('strip_colors', 'False') }}
|
|
|
|
# backup modified files
|
|
{{ get_config('backup_mode', 'minion') }}
|
|
|
|
# key acceptance time
|
|
{{ get_config('acceptance_wait_time', '10') }}
|
|
# maximum acceptance wait
|
|
{{ get_config('acceptance_wait_time_max', '0') }}
|
|
# retry key
|
|
{{ get_config('rejected_retry', 'False') }}
|
|
# time to wait for trying reauth
|
|
{{ get_config('random_reauth_delay', '60') }}
|
|
# auth wait timeout
|
|
{{ get_config('auth_timeout', '60') }}
|
|
# auth retries
|
|
{{ get_config('auth_tries', '7') }}
|
|
# retry auth if ping failed
|
|
{{ get_config('auth_safemode', 'False') }}
|
|
|
|
# master ping interval
|
|
{{ get_config('ping_interval', '0') }}
|
|
|
|
# salt mine functions execution interval
|
|
{{ get_config('mine_interval', '60') }}
|
|
|
|
# mine functions
|
|
{%- if 'mine_functions' in cfg_minion %}
|
|
mine_functions:
|
|
{%- for func, args in cfg_minion['mine_functions'].items() %}
|
|
{{ func }}: {{ args }}
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
# reconnection parameters
|
|
{{ get_config('recon_default', '100') }}
|
|
{{ get_config('recon_max', '5000') }}
|
|
{{ get_config('recon_randomize', 'False') }}
|
|
|
|
# minion scheduler interval
|
|
{{ get_config('loop_interval', '60') }}
|
|
|
|
# grain refresh interval
|
|
{{ get_config('grains_refresh_every', '1') }}
|
|
# cache grains in minion
|
|
{{ get_config('grains_cache', 'False') }}
|
|
# grains cache expiration interval
|
|
{{ get_config('grains_cache_expiration', '300') }}
|
|
|
|
# ipc method
|
|
{{ get_config('ipc_mode', 'ipc') }}
|
|
# ipc tcp ports
|
|
{{ get_config('tcp_pub_port', '4510') }}
|
|
{{ get_config('tcp_pull_port', '4511') }}
|
|
|
|
# max event size in minion bus
|
|
{{ get_config('max_event_size', '1048576') }}
|
|
|
|
# master check alive interval
|
|
{{ get_config('master_alive_interval', '30') }}
|
|
|
|
# verify_master_pubkey_sign
|
|
{{ get_config('verify_master_pubkey_sign', 'False') }}
|
|
{{ get_config('master_type', 'str') }}
|
|
|
|
# include extra config
|
|
{% if 'include' in cfg_minion -%}
|
|
{% if isinstance(cfg_minion['include'], list) -%}
|
|
include:
|
|
{% for include in cfg_minion['include'] -%}
|
|
- {{ include }}
|
|
{% endfor -%}
|
|
{% else -%}
|
|
include: cfg_minion['include']
|
|
{% endif -%}
|
|
{% elif 'include' in cfg_salt -%}
|
|
{% if isinstance(cfg_salt['include'], list) -%}
|
|
include:
|
|
{% for include in cfg_salt['include'] -%}
|
|
- {{ include }}
|
|
{% endfor -%}
|
|
{% else -%}
|
|
include: cfg_salt['include']
|
|
{% endif -%}
|
|
{% endif -%}
|
|
|
|
|
|
##### Minion module management #####
|
|
##########################################
|
|
# disable modules
|
|
{{ get_config('disable_modules', '[cmd,test]') }}
|
|
{{ get_config('disable_returners', '[]') }}
|
|
#
|
|
# minion modules search paths
|
|
{{ get_config('module_dirs', '[]') }}
|
|
{{ get_config('returner_dirs', '[]') }}
|
|
{{ get_config('states_dirs', '[]') }}
|
|
{{ get_config('render_dirs', '[]') }}
|
|
{{ get_config('utils_dirs', '[]') }}
|
|
# module overrides
|
|
{{ get_config('providers', '{}') }}
|
|
# enable cython modules
|
|
{{ get_config('cython_enable', 'False') }}
|
|
# max module size
|
|
{{ get_config('modules_max_memory', '-1') }}
|
|
|
|
|
|
##### State Management Settings #####
|
|
###########################################
|
|
# renderer selection
|
|
{{ get_config('renderer', 'yaml_jinja') }}
|
|
# fail on first failure
|
|
{{ get_config('failhard', 'False') }}
|
|
# auto reload dynamic modules
|
|
{{ get_config('autoload_dynamic_modules', 'True') }}
|
|
# sync dynamic modules with deletion
|
|
{{ get_config('clean_dynamic_modules', 'True') }}
|
|
# minion accepted environment
|
|
{{ get_config('environment', 'None') }}
|
|
# top state file
|
|
{{ get_config('state_top', 'top.sls') }}
|
|
# states to run in minion daemon
|
|
{{ get_config('startup_states', "''") }}
|
|
# sls states to run
|
|
{{ get_config('sls_list', '[]') }}
|
|
# top file to run
|
|
{{ get_config('top_file', "''") }}
|
|
|
|
##### File Directory Settings #####
|
|
##########################################
|
|
# file client location
|
|
{%- if standalone %}
|
|
file_client: local
|
|
{%- else %}
|
|
{{ get_config('file_client', 'remote') }}
|
|
{%- endif %}
|
|
|
|
# environment file roots
|
|
{% if 'file_roots' in cfg_minion -%}
|
|
{{ file_roots(cfg_minion['file_roots']) }}
|
|
{%- elif 'file_roots' in cfg_salt -%}
|
|
{{ file_roots(cfg_salt['file_roots']) }}
|
|
{%- elif formulas|length -%}
|
|
{{ file_roots({'base': ['/srv/salt']}) }}
|
|
{%- endif %}
|
|
|
|
# limit fileserver traversal
|
|
{{ get_config('fileserver_limit_traversal', 'False') }}
|
|
|
|
# gitfs provider
|
|
{{ get_config('gitfs_provider', 'pygit2') }}
|
|
# gitfs remotes
|
|
{% if 'gitfs_remotes' in cfg_minion -%}
|
|
gitfs_remotes:
|
|
{%- for remote in cfg_minion['gitfs_remotes'] %}
|
|
{%- if remote is iterable and remote is not string %}
|
|
{%- for repo, children in remote.items() %}
|
|
- {{ repo }}:
|
|
{%- for child in children %}
|
|
{%- for key, value in child.items() %}
|
|
- {{ key }}: {{ value }}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{%- else %}
|
|
- {{ remote }}
|
|
{%- endif -%}
|
|
{%- endfor -%}
|
|
{%- endif %}
|
|
# verify git ssl errors
|
|
{{ get_config('gitfs_ssl_verify', 'True') }}
|
|
# gitfs root dir
|
|
{{ get_config('gitfs_root', 'somefolder/otherfolder') }}
|
|
|
|
# file hash method
|
|
{{ get_config('hash_type', 'md5') }}
|
|
|
|
# pillar roots
|
|
{% if 'pillar_roots' in cfg_minion -%}
|
|
pillar_roots:
|
|
{%- for name, roots in cfg_minion['pillar_roots']|dictsort %}
|
|
{{ name }}:
|
|
{%- for dir in roots %}
|
|
- {{ dir }}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{% elif 'pillar_roots' in cfg_salt -%}
|
|
pillar_roots:
|
|
{%- for name, roots in cfg_salt['pillar_roots']|dictsort %}
|
|
{{ name }}:
|
|
{%- for dir in roots %}
|
|
- {{ dir }}
|
|
{%- endfor -%}
|
|
{%- endfor -%}
|
|
{%- endif %}
|
|
|
|
|
|
###### Security settings #####
|
|
###########################################
|
|
# disable authentication
|
|
{{ get_config('open_mode', 'False') }}
|
|
# allow access to pki dir
|
|
{{ get_config('permissive_pki_access', 'False') }}
|
|
|
|
# print verbose changes
|
|
{{ get_config('state_verbose', 'True') }}
|
|
# multi line output
|
|
{{ get_config('state_output', 'full') }}
|
|
# output diff
|
|
{{ get_config('state_output_diff', 'False') }}
|
|
|
|
# master fingerprint
|
|
{{ get_config('master_finger', "''") }}
|
|
|
|
###### Thread settings #####
|
|
###########################################
|
|
# enable multiprocessing
|
|
{{ get_config('multiprocessing', 'True') }}
|
|
|
|
|
|
##### Logging settings #####
|
|
##########################################
|
|
# log file and log lock file location
|
|
{{ get_config('log_file', '/var/log/salt/minion') }}
|
|
{{ get_config('key_logfile', ' /var/log/salt/key') }}
|
|
|
|
# console log level
|
|
{{ get_config('log_level', 'warning') }}
|
|
# logfile log level
|
|
{{ get_config('log_level_logfile', '') }}
|
|
|
|
# datetime format for console and logfile
|
|
{{ get_config('log_datefmt', "'%H:%M:%S'") }}
|
|
{{ get_config('log_datefmt_logfile', "'%Y-%m-%d %H:%M:%S'") }}
|
|
|
|
# log format for console and logfiles
|
|
{{ get_config('log_fmt_console', "'[%(levelname)-8s] %(message)s'") }}
|
|
{{ get_config('log_fmt_logfile', "'%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'") }}
|
|
|
|
# log particular modules
|
|
{{ get_config('log_granular_levels', '{}') }}
|
|
|
|
|
|
###### Module configuration #####
|
|
###########################################
|
|
# module parameters
|
|
{%- if 'module_config' in cfg_minion %}
|
|
{%- for modkey, modval in cfg_minion.module_config.items() %}
|
|
{{ modkey }}: {{ modval }}
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
|
|
###### Update settings ######
|
|
###########################################
|
|
# update url
|
|
{{ get_config('update_url', 'False') }}
|
|
# services to restart after update
|
|
{{ get_config('update_restart_services', '[]') }}
|
|
|
|
|
|
###### Keepalive settings ######
|
|
############################################
|
|
# use tcp keepalive
|
|
{{ get_config('tcp_keepalive', 'True') }}
|
|
# first keepalive from idle
|
|
{{ get_config('tcp_keepalive_idle', '300') }}
|
|
# keepalive number for connection lost
|
|
{{ get_config('tcp_keepalive_cnt', '-1') }}
|
|
# keepalive interval
|
|
{{ get_config('tcp_keepalive_intvl', '-1') }}
|
|
|
|
|
|
###### Windows Software settings ######
|
|
############################################
|
|
# windows repo cache
|
|
{{ get_config('win_repo_cachefile', 'salt://win/repo/winrepo.p') }}
|
|
|
|
###### Returner settings ######
|
|
############################################
|
|
# default returner
|
|
{{ get_config('return', '') }}
|