removed k8s stuff

base/hostconfig/adm01.sls

@@ -1,9 +1,9 @@
 pki:
   cns:
-  - cr.lan
+  - cr.wks
-  - gcr-mirror.lan
+  - gcr-mirror.wks
-  - dr-mirror.lan
+  - dr-mirror.wks
-  - docker-registry.lan
+  - docker-registry.wks
   #- ups.wks
 systemd:
   service:

base/hostconfig/auto02.sls

@@ -1,17 +1,27 @@
 pki:
   cns:
-  - docker-registry.lan
   - zwave2mqtt.chaos
   - auto.chaos
   - auto-conf.chaos
   - pihole.chaos
   - nodered.chaos
+  - rompr.chaos
   
 os:
-  release: bullseye
+  release: bookworm
   
 systemd:
   service:
+    container-rompr:
+      Unit:
+        Description: Rompr
+        After: network-online.target local-fs.target
+        Before: haproxy.service
+      Service:
+        ExecStart: /usr/bin/podman start -a rompr
+        ExecStop: /usr/bin/podman stop rompr
+      Install:
+        WantedBy: multi-user.target
     container-node-red:
       Unit:
         Description: Node Red
@@ -155,6 +165,8 @@ haproxy:
         - host_z2m-ws hdr_beg(host) -i zwave2mqtt-ws.
         - host_pihole hdr_beg(host) -i pihole.
         - host_nodered hdr_beg(host) -i nodered.
+        - host_rompr hdr_beg(host) -i rompr.
+        - host_salt hdr_beg(host) -i salt.
       use_backends: 
         - auto if host_auto
         - auto-conf if host_auto-conf
@@ -162,6 +174,8 @@ haproxy:
         - z2m-ws if host_z2m-ws
         - pihole if host_pihole
         - nodered if host_nodered
+        - rompr if host_rompr
+        - saltgui if host_salt
   backends:
     backend1:
       name: auto
@@ -221,4 +235,22 @@ haproxy:
           host: 127.0.0.1
           port: 1880
           check: check
+    backend6:
+      name: rompr
+      balance: roundrobin
+      servers:
+        server1:
+          name: rompr
+          host: 127.0.0.1
+          port: 8081
+          check: check
+    backend7:
+      name: saltgui
+      balance: roundrobin
+      servers:
+        server1:
+          name: saltgui
+          host: 127.0.0.1
+          port: 3333
+          check: check
  

base/hostconfig/init.sls

@@ -1,5 +1,7 @@
 
-{% set canonical_name = salt['grains.get']('host') | regex_replace('[0-9]', '', ignorecase=True) -%}
+{% if salt['grains.get']('host') | regex_match('.*[0-9][0-9]') %}
+  {% set canonical_name = salt['grains.get']('host') | regex_replace('[0-9]', '', ignorecase=True) %}  
   {% include './' + canonical_name + '.sls' ignore missing %}
+{% endif %}
 {% include './' + salt['grains.get']('host') + '.sls' ignore missing %} 
    

base/hostconfig/truhe.sls

@@ -1,94 +1,2 @@
-systemd:
+os:
-  service:
+  release: bullseye
-    container-rompr:
-      Unit:
-        Description: Rompr
-        After: network-online.target local-fs.target
-        Before: haproxy.service
-      Service:
-        ExecStart: /usr/bin/podman start -a rompr
-        ExecStop: /usr/bin/podman stop rompr
-      Install:
-        WantedBy: multi-user.target
-        
-haproxy:
-  enabled: True
-  overwrite: True
-  global:
-    stats:
-      enable: True
-      socketpath: /var/lib/haproxy/stats
-      mode: 660
-      level: admin
-      # Optional extra bind parameter, for example to set the owner/group on the socket file
-      extra: user haproxy group haproxy
-    ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384"
-    ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11"
-
-    user: haproxy
-    group: haproxy
-    chroot:
-      enable: True
-      path: /var/lib/haproxy
-    daemon: True
-  defaults:
-    mode: http
-    stats:
-      - enable
-      - uri: '/haproxy-status'
-    options:
-      - httplog
-      - dontlognull
-      - forwardfor
-    timeouts:
-      - connect 5000
-      - client 50000
-      - server 50000
-      - tunnel 80000 #longer timeouts for websockets
-      - http-request 5s
-    errorfiles:
-      400: /etc/haproxy/errors/400.http
-      403: /etc/haproxy/errors/403.http
-      408: /etc/haproxy/errors/408.http
-      500: /etc/haproxy/errors/500.http
-      502: /etc/haproxy/errors/502.http
-      503: /etc/haproxy/errors/503.http
-      504: /etc/haproxy/errors/504.http
-  #resolvers:
-  #  local_dns:
-  #    options:
-  #      - nameserver resolvconf 192.168.10.1:53
-  #      - resolve_retries 3
-  #      - timeout retry 1s
-  #      - hold valid 10s
-  listens:
-    stats:
-      bind:
-        - "127.0.0.1:9110"
-      mode: http
-      stats:
-        enable: True
-        uri: "/haproxy-status"
-        refresh: "20s"
-  frontends:
-    frontend1:
-      name: www-http 
-      bind: 
-       - "*:80"
-       - "*:443 ssl crt /etc/pki/chain ca-file /etc/pki/intca.crt"
-      default_backend: auto
-      acls: 
-        - host_rompr hdr_beg(host) -i truhe.
-      use_backends: 
-        - rompr if host_truhe
-  backends:
-    backend1:
-      name: rompr
-      balance: roundrobin
-      servers:
-        server1:
-          name: rompr
-          host: 127.0.0.1
-          port: 8080
-          check: check
- 

base/hostconfig/tumor.sls

@@ -1,3 +0,0 @@
-os:
-  release: bullseye
-  

base/init.sls

@@ -8,4 +8,4 @@ include:
   - .hostconfig
   - .sysctl
   - saltmine
-  - prometheus.node_exporter
+  #- prometheus.node_exporter

base/services.sls

@@ -3,6 +3,6 @@
 # which services are available?
 #
 services:
-{%- if grains.get('domain') in ['lan', 'wks'] %}
+{%- if grains.get('domain') in ['lan', 'wks', 'nr5', 'consul'] %}
-  - apt-cache: apt-cache.lan/ 
+  - apt-cache: apt-cache.service.nr5/ 
 {%- endif %}

prometheus/node_exporter.sls

@@ -17,3 +17,4 @@ prometheus:
         collector.filesystem.ignored-mount-points: ^/(sys|proc|dev|run)($|/)
         collector.filesystem.ignored-fs-types: ^(nfs|cifs|glusterfs|autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs|tmpfs)$
         no-collector.systemd:
+        no-collector.rapl:

top.sls

@@ -12,6 +12,6 @@ base:
   'G@osarch:armhf and not G@fqdn:adm01.wks':
     - match: compound
     - base.log.rsyslog.client 
-  'pine*':
+ # 'pine*':
-    - k8s 
+ #   - k8s