Add support for editing master configuration

Dockerfile

@@ -5,9 +5,11 @@ LABEL description="SaltStack master"
 LABEL version="2018.3.2"
 
 ENV SALT_DOCKER_DIR="/etc/salt-docker" \
-    SALT_MASTER_DIR="/etc/salt/pki/master"
+    SALT_MASTER_DIR="/etc/salt/pki/master" \
+    SALT_USER=root
 
 ENV SALT_BUILD_DIR="${SALT_DOCKER_DIR}/build" \
+    SALT_CONFS_DIR="${SALT_DOCKER_DIR}/config" \
     SALT_KEYS_DIR="${SALT_DOCKER_DIR}/keys" \
     SALT_RUNTIME_DIR="${SALT_DOCKER_DIR}/runtime"
 
@@ -19,7 +21,7 @@ ENV SALT_BUILD_DIR="${SALT_DOCKER_DIR}/build" \
 ## -U: Fully upgrade the system prior to bootstrapping Salt
 ENV SALT_BOOTSTRAP_OPTS='-M -N -X -U'
 
-# Version of salt to install:
+# Release version to install
 # https://github.com/saltstack/salt/releases
 ENV SALT_GIT_RELEASE="v2018.3.2"
 
@@ -37,8 +39,8 @@ RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \
     dpkg-reconfigure locales
 
 EXPOSE 4505/tcp 4506/tcp
-RUN mkdir -p /srv ${SALT_KEYS_DIR}
+RUN mkdir -p /srv ${SALT_KEYS_DIR} ${SALT_CONFS_DIR}
-VOLUME [ "/srv", "${SALT_KEYS_DIR}" ]
+VOLUME [ "/srv", "${SALT_KEYS_DIR}" "${SALT_CONFS_DIR}" ]
 
 RUN mkdir -p ${SALT_BUILD_DIR}
 WORKDIR ${SALT_BUILD_DIR}
@@ -57,4 +59,3 @@ RUN chmod +x /sbin/entrypoint.sh
 WORKDIR ${SALT_DOCKER_DIR}
 
 ENTRYPOINT [ "/sbin/entrypoint.sh" ]
-

README.md

@@ -2,9 +2,11 @@
 
 Dockerfile to build a [SaltStack](https://www.saltstack.com) Master image for the Docker opensource container platform.
 
-SaltStack Master is set up in the Docker image using the install from git source method as documented in the the [official bootstrap](https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html) documentation.
+SaltStack Master is set up in the Docker image using the install from git source method as documented
+in the the [official bootstrap](https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html) documentation.
 
-For other methods to install SaltStack please refer to the [Official SaltStack Installation Guide](https://docs.saltstack.com/en/latest/topics/installation/index.html).
+For other methods to install SaltStack please refer to the
+[Official SaltStack Installation Guide](https://docs.saltstack.com/en/latest/topics/installation/index.html).
 
 ## Table of Contents
 
@@ -13,18 +15,26 @@ For other methods to install SaltStack please refer to the [Official SaltStack I
 - [Configuration](#configuration)
   - [Custom Recipes](#custom-recipes)
   - [Minion Keys](#minion-keys)
+  - [Available Configuration Parameters](#available-configuration-parameters)
 - [Usage](#usage)
 - [Shell Access](#shell-access)
 - [References](#references)
 
 ## Installation
 
-Automated builds of the image are available on [Dockerhub](https://hub.docker.com/r/cdalvaro/saltstack-master/) and is the recommended method of installation.
+Automated builds of the image are available on [Dockerhub](https://hub.docker.com/r/cdalvaro/saltstack-master/)
+and is the recommended method of installation.
 
 ```sh
 docker pull cdalvaro/saltstack-master:2018.3.2
 ```
 
+You can also pull the latest tag which is built from the repository HEAD
+
+```sh
+docker pull cdalvaro/saltstack-master:latest
+```
+
 Alternatively you can build the image locally.
 
 ```sh
@@ -49,7 +59,7 @@ Alternatively, you can manually launch the `saltstack-master`  container:
 
 ```sh
 docker run --name salt_master --detach \
-    --publish 4505:4505 --publish 4506:4506 \
+    --publish 4505:4505/tcp --publish 4506:4506/tcp \
     --env 'SALT_LOG_LEVEL=info' \
     --read-only --volume ./srv/:/srv/ \
     cdalvaro/saltstack-master:2018.3.2
@@ -65,20 +75,54 @@ But it is necessary to mount the `/srv/` volume ir order to provide your custom
 
 ### Minion Keys
 
-Minion keys can be added automatically on startup to SaltStack master by mounting the volume `/etc/salt-docker/keys` and copying the minion keys inside `keys/minions/` directory:
+Minion keys can be added automatically on startup to SaltStack master by mounting the volume `/etc/salt-docker/keys`
+and copying the minion keys inside `keys/minions/` directory:
 
 ```sh
 mkdir -p keys/minions
 cp -v /etc/salt/pki/minion/minion.pub keys/minions/minion1
 
 docker run --name salt_master -d \
-    --publish 4505:4505 --publish 4506:4506 \
+    --publish 4505:4505/tcp --publish 4506:4506/tcp \
     --env 'SALT_LOG_LEVEL=info' \
     --read-only --volume ./srv/:/srv/ \
     --volume ./keys/:/etc/salt-docker/keys/ \
     cdalvaro/saltstack-master:2018.3.2
 ```
 
+## Available Configuration Parameters
+
+Please refer the docker run command options for the `--env-file` flag where you can specify all required environment variables in a single file.
+This will save you from writing a potentially long docker run command. Alternatively you can use docker-compose.
+
+Below is the list of available options that can be used to customize your SaltStack master installation.
+
+| Parameter | Description |
+|-----------|-------------|
+| `SALT_LOG_LEVEL` | The level of messages to send to the console. One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. Default: 'warning' |
+| `SALT_LEVEL_LOGFILE` | The level of messages to send to the log file. One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. Default: 'warning' |
+
+Any parameter not listed in the table and available in the next
+[link](https://docs.saltstack.com/en/latest/ref/configuration/examples.html#configuration-examples-master)
+can be set by creating the directory `confs` and adding into it configurations files with the desired parameters:
+
+```sh
+mkdir confs
+cat > confs/ports.conf << EOF
+# The tcp port used by the publisher:
+publish_port: 3505
+# The port used by the communication interface.
+ret_port: 3506
+EOF
+
+docker run --name salt_master -d \
+    --publish 3505:3505/tcp --publish 3506:3506/tcp \
+    --env 'SALT_LOG_LEVEL=info' \
+    --read-only --volume ./srv/:/srv/ \
+    --volume ./confs/:/etc/salt-docker/confs/ \
+    cdalvaro/saltstack-master:2018.3.2
+```
+
 ## Usage
 
 To test which salt minions are listening the following command can be executed from the master service:
@@ -95,7 +139,8 @@ docker-compose exec master salt '*' state.apply
 
 ## Shell Access
 
-For debugging and maintenance purposes you may want access the container shell. If you are using docker version 1.3.0 or higher you can access a running container shell using docker exec command.
+For debugging and maintenance purposes you may want access the container shell.
+If you are using docker version 1.3.0 or higher you can access a running container shell using docker exec command.
 
 ```sh
 docker exec -it salt_master bash
@@ -106,4 +151,3 @@ docker exec -it salt_master bash
 - https://docs.saltstack.com/en/latest/topics/installation/index.html
 - https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html
 - https://github.com/saltstack/salt/releases
-

assets/runtime/env-defaults.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+#####         Logging settings       #####
+SALT_LOG_LEVEL=${SALT_LOG_LEVEL:-warning}
+SALT_LEVEL_LOGFILE=${SALT_LEVEL_LOGFILE:-warning}

assets/runtime/functions.sh

@@ -1,5 +1,10 @@
 #!/usr/bin/env bash
 
+set -e
+
+echo "Loading ${SALT_RUNTIME_DIR}/env-defaults.sh"
+source ${SALT_RUNTIME_DIR}/env-defaults.sh
+
 # This function copies minion keys
 function copy_minion_keys()
 {
@@ -8,13 +13,43 @@ function copy_minion_keys()
     if [ -d "${SALT_KEYS_DIR}/master" ] && [ ! -z "$(ls -A ${SALT_KEYS_DIR}/master)" ]; then
         mkdir -v -p -m 0700 ${SALT_MASTER_DIR}
         cp -v ${SALT_KEYS_DIR}/master/master.{pem,pub} ${SALT_MASTER_DIR}
-        chown -v root:root ${SALT_MASTER_DIR}/master.{pem,pub}
+        chown -v ${SALT_USER}:${SALT_USER} ${SALT_MASTER_DIR}/master.{pem,pub}
     fi
 
     if [ -d "${SALT_KEYS_DIR}/minions" ] && [ ! -z "$(ls -A ${SALT_KEYS_DIR}/minions)" ]; then
         mkdir -v -p -m 0700 ${SALT_MASTER_DIR}/minions
         cp -v ${SALT_KEYS_DIR}/minions/* ${SALT_MASTER_DIR}/minions
-        chown -v root:root ${SALT_MASTER_DIR}/minions/*
+        chown -v ${SALT_USER}:${SALT_USER} ${SALT_MASTER_DIR}/minions/*
     fi
 }
 
+# This functions cofigures master service
+function configure_salt_master()
+{
+    echo "Configuring salt-master..."
+    # https://docs.saltstack.com/en/latest/ref/configuration/master.html
+
+    local SALT_ROOT_DIR=/etc/salt
+
+    # Backup file
+    if [ ! -f ${SALT_ROOT_DIR}/master.backup ]; then
+        cp -pv ${SALT_ROOT_DIR}/master ${SALT_ROOT_DIR}/master.backup
+    else
+        cp -pv ${SALT_ROOT_DIR}/master.backup ${SALT_ROOT_DIR}/master
+    fi
+
+    # Set env variables
+    sed -i \
+        -e "s|^[#]*log_level:.*$|log_level: ${SALT_LOG_LEVEL}|" \
+        -e "s|^[#]*log_level_logfile:.*$|log_level_logfile: ${SALT_LEVEL_LOGFILE}|" \
+        -e "s|^[#]*default_include:.*$|default_include: ${SALT_ROOT_DIR}/master.d/*.conf|" \
+        ${SALT_ROOT_DIR}/master
+
+    # Sync config files
+    if [[ $(find ${SALT_CONFS_DIR} -type f -name '*.conf' | wc -l) -gt 0 ]]; then
+        rsync --verbose --delete ${SALT_CONFS_DIR}/*.conf ${SALT_ROOT_DIR}/master.d/
+        chown ${SALT_USER}:${SALT_USER} ${SALT_ROOT_DIR}/master.d/*.conf
+        chmod +rx-w ${SALT_ROOT_DIR}/master.d/*.conf
+    fi
+
+}

docker-compose.yml

@@ -4,8 +4,6 @@ services:
   master:
     container_name: salt_master
     image: cdalvaro/saltstack-master:2018.3.2
-    build:
-      context: ./
     volumes:
       - "./srv/:/srv/:ro"
     ports:

entrypoint.sh

@@ -7,5 +7,8 @@ source "${SALT_RUNTIME_DIR}/functions.sh"
 # Copy minion keys
 copy_minion_keys
 
-exec salt-master --log-level=${SALT_LOG_LEVEL:-warning}
+# Configure salt-master
+configure_salt_master
 
+echo "Starting salt-master..."
+exec salt-master