Compare commits
4 Commits
6b8e1049cf
...
5a9b09a0bc
| Author | SHA1 | Date | |
|---|---|---|---|
|
5a9b09a0bc | ||
|
|
21c8a224ab | ||
|
|
c8511c1abc | ||
|
|
26336baaa2 |
@@ -37,7 +37,7 @@ common-installed:
|
||||
- python3-apt
|
||||
- lockfile-progs
|
||||
- virt-what
|
||||
- openntp
|
||||
- openntpd
|
||||
- apt-transport-https
|
||||
- python3-croniter
|
||||
- flex
|
||||
@@ -47,6 +47,8 @@ common-installed:
|
||||
- mosquitto-clients
|
||||
- autofs
|
||||
- debian-keyring
|
||||
- python3-cherrypy3
|
||||
- python3-pygit2
|
||||
|
||||
common-removed:
|
||||
pkg.removed:
|
||||
|
||||
14
base/packages/salt/master.sls
Normal file
14
base/packages/salt/master.sls
Normal file
@@ -0,0 +1,14 @@
|
||||
{%- set salt_v = "3002.6+dfsg1-4+deb11u1" %}
|
||||
|
||||
pkgs-salt-master:
|
||||
pkg.installed:
|
||||
- hold: True
|
||||
- pkgs:
|
||||
- salt-master: {{ salt_v }}
|
||||
- salt-api: {{ salt_v }}
|
||||
|
||||
pkgs-salt-additional:
|
||||
pkg.installed
|
||||
- pkgs:
|
||||
- python3-cherrypy3
|
||||
- python3-pygit2
|
||||
@@ -7,11 +7,11 @@
|
||||
|
||||
/etc/pki/intca.crt:
|
||||
x509.pem_managed:
|
||||
- text: {{ salt['mine.get']('tumor.chaos', 'x509.get_pem_entries')['tumor.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
- text: {{ salt['mine.get']('salt.chaos', 'x509.get_pem_entries')['salt.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
|
||||
/etc/ssl/certs/intca.crt:
|
||||
x509.pem_managed:
|
||||
- text: {{ salt['mine.get']('tumor.chaos', 'x509.get_pem_entries')['tumor.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
- text: {{ salt['mine.get']('salt.chaos', 'x509.get_pem_entries')['salt.chaos']['/etc/pki/ca.crt']|replace('\n', '') }}
|
||||
|
||||
|
||||
/usr/sbin/update-ca-certificates:
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
|
||||
/etc/pki/public.crt:
|
||||
x509.certificate_managed:
|
||||
- ca_server: tumor.chaos
|
||||
- ca_server: salt.chaos
|
||||
- signing_policy: host
|
||||
- public_key: /etc/pki/private.key
|
||||
- CN: {{ grains['fqdn'] }}
|
||||
@@ -25,7 +25,7 @@
|
||||
|
||||
/etc/pki/{{ cn }}.crt:
|
||||
x509.certificate_managed:
|
||||
- ca_server: tumor.chaos
|
||||
- ca_server: salt.chaos
|
||||
- signing_policy: host
|
||||
- public_key: /etc/pki/private.key
|
||||
- days_remaining: 5
|
||||
|
||||
@@ -5,7 +5,7 @@ include:
|
||||
- .repo.kubernetes
|
||||
- .cri-tools
|
||||
|
||||
{% set k8s_v = "1.22.2-00" %}
|
||||
{% set k8s_v = "1.22.15-00" %}
|
||||
|
||||
k8s_pkgs-kubelet:
|
||||
pkg.installed:
|
||||
|
||||
@@ -9,7 +9,7 @@ etc_nut_nut.conf:
|
||||
- name: /etc/nut
|
||||
- source: salt://roles/nut/files/client
|
||||
- user: root
|
||||
- group: nut
|
||||
- group: root
|
||||
- file_mode: 0640
|
||||
- dir_mode: 0750
|
||||
- require:
|
||||
|
||||
10
top.sls
10
top.sls
@@ -7,8 +7,6 @@ base:
|
||||
- base
|
||||
- hardware
|
||||
- os
|
||||
'tumor*':
|
||||
- base.pki.ca
|
||||
'adm01.wks':
|
||||
- base.rsyslog.server
|
||||
- base.packages.haproxy
|
||||
@@ -20,15 +18,17 @@ base:
|
||||
'G@osarch:arm64 or G@osarch:armhf or G@osarch:armel':
|
||||
- match: compound
|
||||
- base.packages.arch.arm
|
||||
'auto*':
|
||||
'auto02*':
|
||||
- k8s.podman
|
||||
- base.packages.haproxy
|
||||
- systemd.units
|
||||
- base.packages.salt.master
|
||||
- base.pki.ca
|
||||
'pine*':
|
||||
- k8s
|
||||
- role.nut.client
|
||||
- roles.nut.client
|
||||
'ebin*':
|
||||
- role.nut.client
|
||||
- roles.nut.client
|
||||
'lenny*':
|
||||
- k8s.admin
|
||||
- base.packages.node.lenny # migrate these with yori/desktops
|
||||
|
||||
Reference in New Issue
Block a user