config-mgmt/salt-states
0
0
Fork 0
Code Releases Activity

Compare commits

base: config-mgmt:1726c412ce3556458a866046ff90716a0561b2ca
Branches Tags
config-mgmt:master
..
compare: config-mgmt:master
Branches Tags
config-mgmt:master

7 Commits
1726c412ce ... master

Author SHA1 Message Date
Keiran Snowden
b36d658ba1 fix missing "then" 2025-12-28 20:03:18 -05:00
Terry Derks
5e1555e87f TODO 2025-12-27 18:59:14 -05:00
Terry Derks
39d43cfe03 TODO 2025-12-27 18:46:42 -05:00
Terry Derks
7247d0e25f update from current 2025-12-27 18:46:18 -05:00
Terry Derks
1f59077a7f ed25519 2025-05-05 01:09:27 -04:00
Terry Derks
151e56e2cf screenrc moved to users formula 2025-05-05 01:09:12 -04:00
Terry Derks
e2b71b8ae0 pdbedit.managed is broken 2025-05-05 01:08:19 -04:00
11 changed files with 57 additions and 23 deletions
Expand all files Collapse all files

4
TODO Normal file
View File

@@ -0,0 +1,4 @@
screenrc
apt remove triggerhappy
restic pulls x86 on the pi
install python3-dev for manual pip setup

6
_grains/lsusb.py
View File

@@ -1,6 +1,6 @@
import re import re
import logging import logging
from subprocess import check_output from subprocess import check_output, CalledProcessError
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@@ -8,8 +8,8 @@ def main():
dev_re = re.compile(r"Bus\s+(\d+)\s+Device\s+(\d+):\s+ID\s(\w+:\w+)\s(.+)$") dev_re = re.compile(r"Bus\s+(\d+)\s+Device\s+(\d+):\s+ID\s(\w+:\w+)\s(.+)$")
try: try:
lsusb = check_output("lsusb", encoding='UTF-8') lsusb = check_output("lsusb", encoding='UTF-8')
except OSError as exc: except (CalledProcessError, OSError) as exc:
log.error(exc) log.debug(exc)
return {} return {}
devices = [] devices = []
corsair_aio = None corsair_aio = None

3
gitea/cpapache.sls
View File

@@ -6,6 +6,7 @@
- user: root - user: root
- group: root - group: root
- mode: 644 - mode: 644
- makedirs: true
verify_vhost_includes: verify_vhost_includes:
cmd.wait: cmd.wait:
@@ -25,7 +26,7 @@ queue_httpd_graceful:
- watch: - watch:
- cmd: rebuildhttpdconf - cmd: rebuildhttpdconf
/home/{{ salt.pillar.get('gitea:user') }}/public_html/.htaccess: {{ salt.pillar.get('gitea:docroot') }}/.htaccess:
file.managed: file.managed:
- source: 'salt://gitea/files/htaccess.jinja' - source: 'salt://gitea/files/htaccess.jinja'
- template: jinja - template: jinja

23
salt/deb_install/init.sls
View File

@@ -1,23 +1,36 @@
{% from "salt/map.jinja" import salt_daemons with context %} {% from "salt/map.jinja" import salt_daemons with context %}
{% from "salt/deb_install/map.jinja" import osrelease, oscodename with context %} {% from "salt/deb_install/map.jinja" import osrelease, oscodename with context %}
/etc/apt/keyrings/salt-archive-keyring-2023.gpg: /etc/apt/keyrings/salt-archive-keyring-2023.pgp:
file.managed: file.managed:
- source: https://repo.saltproject.io/salt/py3/{{ grains['os'].lower() }}/{{ osrelease }}/amd64/SALT-PROJECT-GPG-PUBKEY-2023.gpg - source: https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public
- source_hash: c6f6cbcd96fdb130b1dde8dcfc05d46a3a3f322ff0514f98e2e6473896243472 - source_hash: 36decef986477acb8ba2a1fc4041bcf9f22229ef6c939d0317c9e36a9d142b34
/etc/apt/sources.list.d/salt.list: /etc/apt/sources.list.d/salt.list:
file.managed: file.managed:
- contents: "deb [signed-by=/etc/apt/keyrings/salt-archive-keyring-2023.gpg arch=amd64] https://repo.saltproject.io/salt/py3/{{ grains['os'].lower() }}/{{ osrelease }}/amd64/minor/{{ salt.pillar.get("salt:version") }} {{ oscodename }} main" - contents: deb [signed-by=/etc/apt/keyrings/salt-archive-keyring-2023.pgp arch=amd64] https://packages.broadcom.com/artifactory/saltproject-deb/ stable main
salt-common: salt-common:
pkg.installed: pkg.installed:
- version: '{{ salt.pillar.get("salt:version") }}' - version: '{{ salt.pillar.get("salt:version") }}'
- refresh: true - refresh: true
- require: - require:
- file: /etc/apt/keyrings/salt-archive-keyring-2023.gpg - file: /etc/apt/keyrings/salt-archive-keyring-2023.pgp
- file: /etc/apt/sources.list.d/salt.list - file: /etc/apt/sources.list.d/salt.list
salt {{ salt.pillar.get("salt:version") }}:
pkg.held:
- pkgs:
- salt-common
{% for daemon in salt_daemons %}
- salt-{{ daemon }}
{% endfor %}
- require:
- pkg: salt-common
{% for daemon in salt_daemons %}
- pkg: salt-{{ daemon }}
{% endfor %}
{% for daemon in salt_daemons %} {% for daemon in salt_daemons %}
salt-{{ daemon }}: salt-{{ daemon }}:
pkg.installed: pkg.installed:

2
salt/files/minion.jinja
View File

@@ -12,4 +12,4 @@ mysql.default_file: '/root/.my.cnf'
mine_functions: mine_functions:
root_id_rsa_pub: root_id_rsa_pub:
- mine_function: file.read - mine_function: file.read
- /root/.ssh/id_rsa.pub - /root/.ssh/id_ed25519.pub

16
samba/smbd.sls
View File

@@ -17,11 +17,11 @@ smbd:
- template: jinja - template: jinja
- check_cmd: /usr/bin/testparm -d 0 -s - check_cmd: /usr/bin/testparm -d 0 -s
{# generate these with print(hashlib.new('md4', "password".encode('utf-16le')).hexdigest()) #} #{# generate these with print(hashlib.new('md4', "password".encode('utf-16le')).hexdigest()) #}
{% for user, passw in salt.pillar.get('samba:users', {}).items() %} #{% for user, passw in salt.pillar.get('samba:users', {}).items() %}
samba_{{user}}: #samba_{{user}}:
pdbedit.managed: # pdbedit.managed:
- name: {{user}} # - name: {{user}}
- password: {{passw}} # - password: {{passw}}
- password_hashed: True # - password_hashed: True
{% endfor %} #{% endfor %}

1
screen/init.sls
View File

@@ -1 +0,0 @@
# TODO

2
setup.sh
View File

@@ -64,7 +64,7 @@ if ! [ -e /usr/bin/salt-call ]; then
/opt/saltstack/salt/bin/pip3 install "salt==$SALT_VERSION" /opt/saltstack/salt/bin/pip3 install "salt==$SALT_VERSION"
ln -sfT /opt/saltstack/salt/bin/salt-call /usr/bin/salt-call ln -sfT /opt/saltstack/salt/bin/salt-call /usr/bin/salt-call
elif [[ "$DISTRO" == "centos" ]] || [[ "$DISTRO" == "almalinux" ]]; then elif [[ "$DISTRO" == "centos" ]] || [[ "$DISTRO" == "almalinux" ]]; then
if [[ "$DISTRO" == "almalinux" ]] if [[ "$DISTRO" == "almalinux" ]]; then
OS_VERSION="$(python3 -m distro --json | jq -r .version_parts.major)" OS_VERSION="$(python3 -m distro --json | jq -r .version_parts.major)"
fi fi
rpm --import https://repo.saltproject.io/salt/py3/redhat/$OS_VERSION/x86_64/SALT-PROJECT-GPG-PUBKEY-2023.pub rpm --import https://repo.saltproject.io/salt/py3/redhat/$OS_VERSION/x86_64/SALT-PROJECT-GPG-PUBKEY-2023.pub

2
ssh/map.jinja
View File

@@ -8,7 +8,7 @@
'HostName': 'kpi.keiran.us', 'HostName': 'kpi.keiran.us',
'User': restic_repo.split(':')[1], 'User': restic_repo.split(':')[1],
'Port': 9022, 'Port': 9022,
'IdentityFile': '/root/.ssh/id_rsa', 'IdentityFile': '/root/.ssh/id_ed25519',
} }
} }
} }

0
screen/files/screenrc → users/files/screenrc
View File

21
users/init.sls
View File

@@ -1,3 +1,12 @@
screen:
pkg.installed: []
/root/.screenrc:
file.managed:
- source: salt://users/files/screenrc
- user: root
- group: root
- mode: 640
{% if salt.pillar.get('manage_root_bashrc', False) %} {% if salt.pillar.get('manage_root_bashrc', False) %}
/root/.bashrc: /root/.bashrc:
@@ -6,7 +15,7 @@
- template: jinja - template: jinja
- user: root - user: root
- group: root - group: root
- mode: 0640 - mode: 640
- context: - context:
bashrc_user: root bashrc_user: root
{% endif %} {% endif %}
@@ -41,7 +50,15 @@
bashrc_user: {{ user }} bashrc_user: {{ user }}
- require: - require:
- user: {{ user }}_user - user: {{ user }}_user
{% endif %}
{{ homedir }}/.screenrc:
file.managed:
- source: salt://users/files/screenrc
- user: {{ user }}
- group: {{ user }}
- mode: 640
{% endif %}
{% endif %} {% endif %}
{% endfor %} {% endfor %}