vagrant-salt 0.3.2 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (47) hide show
  1. data/README.rst +131 -170
  2. data/example/complete/Vagrantfile +67 -0
  3. data/example/complete/salt/custom-bootstrap-salt.sh +2425 -0
  4. data/example/complete/salt/key/master.pem +30 -0
  5. data/example/complete/salt/key/master.pub +14 -0
  6. data/example/complete/salt/key/minion.pem +30 -0
  7. data/example/complete/salt/key/minion.pub +14 -0
  8. data/example/complete/salt/master +459 -0
  9. data/example/{salt/minion.conf → complete/salt/minion} +1 -2
  10. data/example/{salt → complete/salt}/roots/pillar/top.sls +0 -0
  11. data/example/complete/salt/roots/salt/nginx.sls +5 -0
  12. data/example/complete/salt/roots/salt/top.sls +3 -0
  13. data/example/masterless/Vagrantfile +18 -0
  14. data/example/masterless/salt/minion +219 -0
  15. data/example/{salt/roots/salt → masterless/salt/roots/pillar}/top.sls +0 -0
  16. data/example/masterless/salt/roots/salt/nginx.sls +5 -0
  17. data/example/masterless/salt/roots/salt/top.sls +3 -0
  18. data/lib/vagrant-salt.rb +16 -3
  19. data/lib/vagrant-salt/config.rb +103 -0
  20. data/lib/vagrant-salt/errors.rb +11 -0
  21. data/lib/vagrant-salt/plugin.rb +31 -0
  22. data/lib/vagrant-salt/provisioner.rb +211 -104
  23. data/lib/vagrant-salt/version.rb +5 -0
  24. data/scripts/.travis.yml +16 -0
  25. data/scripts/ChangeLog +39 -0
  26. data/scripts/LICENSE +16 -0
  27. data/scripts/README.rst +124 -35
  28. data/scripts/bootstrap-salt-minion.sh +1815 -381
  29. data/scripts/bootstrap-salt.sh +2425 -0
  30. data/scripts/salt-bootstrap.sh +2425 -0
  31. data/scripts/tests/README.rst +38 -0
  32. data/scripts/tests/bootstrap/__init__.py +11 -0
  33. data/{example/salt/key/KEYPAIR_GOES_HERE → scripts/tests/bootstrap/ext/__init__.py} +0 -0
  34. data/scripts/tests/bootstrap/ext/console.py +100 -0
  35. data/scripts/tests/bootstrap/ext/os_data.py +199 -0
  36. data/scripts/tests/bootstrap/test_install.py +586 -0
  37. data/scripts/tests/bootstrap/test_lint.py +27 -0
  38. data/scripts/tests/bootstrap/test_usage.py +28 -0
  39. data/scripts/tests/bootstrap/unittesting.py +216 -0
  40. data/scripts/tests/ext/checkbashisms +640 -0
  41. data/scripts/tests/install-testsuite-deps.py +99 -0
  42. data/scripts/tests/runtests.py +207 -0
  43. data/templates/locales/en.yml +14 -0
  44. data/vagrant-salt.gemspec +2 -2
  45. metadata +43 -10
  46. data/example/Vagrantfile +0 -26
  47. data/lib/vagrant_init.rb +0 -1
@@ -0,0 +1,30 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ MIIFIwIBAAKCAgEAxmIlzFFT8FfhDcv0jNo+hkS/M+VyFqLrOjyH52PoYe3dcgP2
3
+ 05RWj9VYjjauH+W+MPPS0t0WP0SSOzI0DEuEnxwA8SCs2cBkI/4ydc2vJXsgpPOC
4
+ az3Nrl4KmlRqs0v+lgWr6lukuM9DpEl6vwkSTu9DH7bvjQGawRfjIfRm5bu14iKb
5
+ slX8yMqzO2T79fUkOwW9ugRKGqB2uhoLhwHtpBHDi6Pa4zuQSfgXus4UreQmI9nP
6
+ 9q3el6AwsXjD/myKwmCJnKV7RHiEC0sxWmlD6OqpdmLfSCYHQ2BitNu0z7SxCevx
7
+ AL8V7QzXNdUtuLXSV1JIZIrnkOWM69CpPJ+bDh3QOtaUqrK2SY6aaMPC8gq79mvw
8
+ w4dhvYv7hPiXMdW3Jj30zQMf1MJBOFSam82UfjE25dz8hb/VxbnrB5VLy2vwvWLB
9
+ xUsCdkChRJ98AyXFQC01rwNXlCP5h05L0tHMbHhusk5y4+bH48ar7oFBGrNX9OHf
10
+ SETWDhIQdUzNEGwl2Sh0I2reSQs3yos6fUXN64Q0r1flLUCWU/j+/07imfHWI4gm
11
+ ZoPc7cjaK1bGNASC+SBlMl8xqVCwNZzjT239Ea1QD22MLeZH4zCaCizRpZ1Py14o
12
+ RJUYVAblGTmxJDciSNotaXpCnCNJowuz+dsM++8ZNuPmUo0Q/o4IxMfb38ECAQEC
13
+ AQECggEBAOZJ1E7Ean08hhp5xG7fN0j5kEgvOcqDuIBDdJngaIlHHdoV/ggmyxcM
14
+ CWvbRpBeqSb5sHGt1g4eTGIb2XZDKDC7Xbhqcxh0diK603w3yGmbg6L/dI7XMalf
15
+ Ni/EGJ6dNP2zbqmYJJYviRKbradddY07lpA3wbgPFxvG6GsXM11DUp07CA5ZB0pQ
16
+ zd9ht+ua8DfWnbwH9CUnlnAylRDYTfgVRcA4E75vbiVnY7Am+Yu0Aqrxd3Q1wNlZ
17
+ /Ha7selgStlF6wi/H/9uWVptITAPDM+EuCaIdHqmkptvBkrgu1NFDU8Pxn7g/XnB
18
+ h81aWNcIc/MMcEj2mWVwOQHKzapBBM0CggEBANyIZmj25qqvP/PmyDsnwHpQAabh
19
+ JAW4T0hT7wqCDpl965Mxu7JPd9tzXcMzPooGU8q+rEZ81mPMg6Rcm+c7EgZoTGo3
20
+ NtnYh1tH2YGawbaMzeY3CE335Bdc2FaCkJ1+Tlg3Rv+nYmdtYsE+dOBjE0ukU/L3
21
+ YZv5FrrL8awfr3/BMFTs/Om2vk7DuH9tpN9qp8IGoowxwLjvotW90kN0PADPzKgo
22
+ SMbeOYjR3XK/+rhXjNPD2+Q9ILxwXRc1aHez0fkC/wSdqZDA6CEx99QY9wC0aAvS
23
+ VTk0jcPmPJ0mkkDH22AimyT9uSBnnd8kT6gqXtzTCf4Xvt5hkAww81eP5sUCAQEC
24
+ AQECggEBAKaPwihsV3L+2MFPeI+GoSekjRSzU/qZ1FCCAa2MyWVqaRqwIwPApT7o
25
+ Is3P5iTaw6fIWFr+KUWgncJJiE7ZBo0mxYGuaSdafs0giUo++P4jeF1zxLeytoUB
26
+ KUSHJOgrRkXFwA9euXAxUP6L2pxAuCXev97hJT4/j9BW8x5nN3brS8X2Ms8s/mSK
27
+ TpKoLIv7w9S/OjbMKFcIR8tEZTUwPLF3UoGebhFHR6kV3GGVxWfWKmGJZm65G6e0
28
+ DHBGVrteVTNATLHwrz0Mki1YsHKZkWgwbdkIDBltw+tgowq525FP8ZLuPm2javwb
29
+ nETswOHlDOfLKvrrnkbeoojW4XaVgW8=
30
+ -----END RSA PRIVATE KEY-----
@@ -0,0 +1,14 @@
1
+ -----BEGIN PUBLIC KEY-----
2
+ MIICIDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAxmIlzFFT8FfhDcv0jNo+
3
+ hkS/M+VyFqLrOjyH52PoYe3dcgP205RWj9VYjjauH+W+MPPS0t0WP0SSOzI0DEuE
4
+ nxwA8SCs2cBkI/4ydc2vJXsgpPOCaz3Nrl4KmlRqs0v+lgWr6lukuM9DpEl6vwkS
5
+ Tu9DH7bvjQGawRfjIfRm5bu14iKbslX8yMqzO2T79fUkOwW9ugRKGqB2uhoLhwHt
6
+ pBHDi6Pa4zuQSfgXus4UreQmI9nP9q3el6AwsXjD/myKwmCJnKV7RHiEC0sxWmlD
7
+ 6OqpdmLfSCYHQ2BitNu0z7SxCevxAL8V7QzXNdUtuLXSV1JIZIrnkOWM69CpPJ+b
8
+ Dh3QOtaUqrK2SY6aaMPC8gq79mvww4dhvYv7hPiXMdW3Jj30zQMf1MJBOFSam82U
9
+ fjE25dz8hb/VxbnrB5VLy2vwvWLBxUsCdkChRJ98AyXFQC01rwNXlCP5h05L0tHM
10
+ bHhusk5y4+bH48ar7oFBGrNX9OHfSETWDhIQdUzNEGwl2Sh0I2reSQs3yos6fUXN
11
+ 64Q0r1flLUCWU/j+/07imfHWI4gmZoPc7cjaK1bGNASC+SBlMl8xqVCwNZzjT239
12
+ Ea1QD22MLeZH4zCaCizRpZ1Py14oRJUYVAblGTmxJDciSNotaXpCnCNJowuz+dsM
13
+ ++8ZNuPmUo0Q/o4IxMfb38ECAQE=
14
+ -----END PUBLIC KEY-----
@@ -0,0 +1,30 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ MIIFIwIBAAKCAgEA88CnFQlOsS3eQRAykvqPxG+o8I+VXoXSGvtiN8MoOpzZbb9P
3
+ 5m5Nm9mKyHhimbLhXIrwHOHkZvrRtcE/ceu3E2ymt3WC5CW0t49t0DSwZl5oI5I9
4
+ 16fF+6jzb+LuAKt8K8EYrf5/F/Xu2RxuJTaft2UBrl+rjdCzGxM5hGbK0gB1h4Ti
5
+ j/j75poVCYVBKcFm6d4Uqs4T/2COTlQKDl/w5UMmBmBqd/5RZ/bW2SzrUjJfIi3t
6
+ EkgYXVvBRFSCUSrwfFL5WMC22IIl03CJipa9twsGfKPYOnXUgfHt1vLosncOBHQv
7
+ iM3aTIHcs8lbi4UBaO/pk3WRuEKCBE/Tl1F8JkAR2jFe/EeAeNTC2YYyLgtgVORt
8
+ kIxBOUY8TWC4qsHNqDb9bX4VlDOAkJyKbz72WNyx4clGjjI/bq0X99INh5yhH6JJ
9
+ v2Njf4LnTwF6PQc/JZkMq6O73IiNM8WvL72rYbGH7AjIT2QpGBSQvpn9HTS9QOrq
10
+ bZ4gedebZ7XrrU815/ZgrMkOZykukonhjB7Y4kldX9YK0aDL0J1buo/YVyfz7TMh
11
+ EfoC9FYZa5s6SvBYVS6QlzTto64S4IudfY/EMf9y3C7GyH1DTbdCTOnKM35lHsDR
12
+ 8ojabHa7O9c4i22rOBLzHpiEucBLpT/y2VwOZI/l4iXFYvrqFJ7XXeZczU0CAQEC
13
+ AQECggEBAP9Fhvl7EpF9NTZ24v98H9VtOyWvdmJcZT1w1QzNZPyoIIQGwVITfSds
14
+ U9hD29VBxlJhfdEygMnDRodNHFtqDKBgm0Fq4wNvlEYn61P/y1Jukvv7lJNb3v5D
15
+ 4T4egTDYOFJ3j9L8otxv53fVxBytoR5hXqpO9+QJoJTWXVhLrrMx7AG5w0D/2pMP
16
+ MRGYAHCgIw1e5Mx9wzN7g4YMcR4pqrH7cy3liGxxVquMTg2k9b0AHuysyYo8iOQv
17
+ aXiNsglyCz+9MRUq2+EWsoR1NnyhO9d/5Ts20DU776tXZQA9xKQhtTrpWDT6KWyc
18
+ F14m0lKigtjsIT+mQN2Dy6V+KRfAU2ECggEBAPRytf21R3NIIUMUQp5ljQPHQW5/
19
+ Ce2s6gKvatm0NiFdxMnayeWdOQYCtMNthPh5jysv2hcmeNL1uJjbU5WUPa35kp7V
20
+ I5JzpBG/bYG+LmWb1rJ7tWcJJrM0nw1v4imtm3comu4ur/orlZbgM80CPyD9KClC
21
+ jJKDlhe/EiJhHDvhK1QrSjV/0ol8L2MPXN8nO6MWG8JWXwAfUnywL2Sj2qLFbskJ
22
+ aotPiM1XCZk+Q5j3GuF1R2sqBTJlriXxehrm20LWrdNq4+Ra1snyoRStEmXn4MAo
23
+ kdbjtr15isCQCztFBLU9arZ7bBxy7v6Vz82iIBWA0ouZOuajGBhParGZbW0CAQEC
24
+ AQECggEBAOeOV5VGYBfmP/UYtmNMh3lvyHWK6cTkoQHW82/wx3LOQAUszjvlfCUA
25
+ +MSd08m1uIj3IMqX9CLc1sxTo5mbnxwkZo4BduaKjDluQcoLgLTeKtVFrnBtySpu
26
+ hKriA+LF16e28+OgCuSD2y0LzWD1ELMr+96WpLKw6Y81wVP7kJv/DjU6dtAf8Mvu
27
+ sYWJxMib9sVGIaTfVzkWL2erlBRn7R68x5zlyC5Z++nUZ/e6aJhrQcHGc9a5fvxY
28
+ zcH1gxNKguNEHUl14o7lkk98/RgSFto1jhdfLlF7pHCtzc21zHF75RLiSWbjNmsx
29
+ wb8w4QO4WMsCytE9ypB4VQdEMg9qCsw=
30
+ -----END RSA PRIVATE KEY-----
@@ -0,0 +1,14 @@
1
+ -----BEGIN PUBLIC KEY-----
2
+ MIICIDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEA88CnFQlOsS3eQRAykvqP
3
+ xG+o8I+VXoXSGvtiN8MoOpzZbb9P5m5Nm9mKyHhimbLhXIrwHOHkZvrRtcE/ceu3
4
+ E2ymt3WC5CW0t49t0DSwZl5oI5I916fF+6jzb+LuAKt8K8EYrf5/F/Xu2RxuJTaf
5
+ t2UBrl+rjdCzGxM5hGbK0gB1h4Tij/j75poVCYVBKcFm6d4Uqs4T/2COTlQKDl/w
6
+ 5UMmBmBqd/5RZ/bW2SzrUjJfIi3tEkgYXVvBRFSCUSrwfFL5WMC22IIl03CJipa9
7
+ twsGfKPYOnXUgfHt1vLosncOBHQviM3aTIHcs8lbi4UBaO/pk3WRuEKCBE/Tl1F8
8
+ JkAR2jFe/EeAeNTC2YYyLgtgVORtkIxBOUY8TWC4qsHNqDb9bX4VlDOAkJyKbz72
9
+ WNyx4clGjjI/bq0X99INh5yhH6JJv2Njf4LnTwF6PQc/JZkMq6O73IiNM8WvL72r
10
+ YbGH7AjIT2QpGBSQvpn9HTS9QOrqbZ4gedebZ7XrrU815/ZgrMkOZykukonhjB7Y
11
+ 4kldX9YK0aDL0J1buo/YVyfz7TMhEfoC9FYZa5s6SvBYVS6QlzTto64S4IudfY/E
12
+ Mf9y3C7GyH1DTbdCTOnKM35lHsDR8ojabHa7O9c4i22rOBLzHpiEucBLpT/y2VwO
13
+ ZI/l4iXFYvrqFJ7XXeZczU0CAQE=
14
+ -----END PUBLIC KEY-----
@@ -0,0 +1,459 @@
1
+ ##### Primary configuration settings #####
2
+ ##########################################
3
+ # This configuration file is used to manage the behavior of the Salt Master
4
+ # Values that are commented out but have no space after the comment are
5
+ # defaults that need not be set in the config. If there is a space after the
6
+ # comment that the value is presented as an example and is not the default.
7
+
8
+ # Per default, the master will automatically include all config files
9
+ # from master.d/*.conf (master.d is a directory in the same directory
10
+ # as the main master config file)
11
+ #default_include: master.d/*.conf
12
+
13
+ # The address of the interface to bind to
14
+ #interface: 0.0.0.0
15
+
16
+ # The tcp port used by the publisher
17
+ #publish_port: 4505
18
+
19
+ # The user to run the salt-master as. Salt will update all permissions to
20
+ # allow the specified user to run the master. If the modified files cause
21
+ # conflicts set verify_env to False.
22
+ #user: root
23
+
24
+ # Max open files
25
+ # Each minion connecting to the master uses AT LEAST one file descriptor, the
26
+ # master subscription connection. If enough minions connect you might start
27
+ # seeing on the console(and then salt-master crashes):
28
+ # Too many open files (tcp_listener.cpp:335)
29
+ # Aborted (core dumped)
30
+ #
31
+ # By default this value will be the one of `ulimit -Hn`, ie, the hard limit for
32
+ # max open files.
33
+ #
34
+ # If you wish to set a different value than the default one, uncomment and
35
+ # configure this setting. Remember that this value CANNOT be higher than the
36
+ # hard limit. Raising the hard limit depends on your OS and/or distribution,
37
+ # a good way to find the limit is to search the internet for(for example):
38
+ # raise max open files hard limit debian
39
+ #
40
+ #max_open_files: 100000
41
+
42
+ # The number of worker threads to start, these threads are used to manage
43
+ # return calls made from minions to the master, if the master seems to be
44
+ # running slowly, increase the number of threads
45
+ #worker_threads: 5
46
+
47
+ # The port used by the communication interface. The ret (return) port is the
48
+ # interface used for the file server, authentication, job returnes, etc.
49
+ #ret_port: 4506
50
+
51
+ # Specify the location of the daemon process ID file
52
+ #pidfile: /var/run/salt-master.pid
53
+
54
+ # The root directory prepended to these options: pki_dir, cachedir,
55
+ # sock_dir, log_file, autosign_file, extension_modules, key_logfile, pidfile.
56
+ #root_dir: /
57
+
58
+ # Directory used to store public key data
59
+ #pki_dir: /etc/salt/pki/master
60
+
61
+ # Directory to store job and cache data
62
+ #cachedir: /var/cache/salt/master
63
+
64
+ # Verify and set permissions on configuration directories at startup
65
+ #verify_env: True
66
+
67
+ # Set the number of hours to keep old job information in the job cache
68
+ #keep_jobs: 24
69
+
70
+ # Set the default timeout for the salt command and api, the default is 5
71
+ # seconds
72
+ #timeout: 5
73
+
74
+ # The loop_interval option controls the seconds for the master's maintinance
75
+ # process check cycle. This process updates file server backends, cleans the
76
+ # job cache and executes the scheduler.
77
+ #loop_interval: 60
78
+
79
+ # Set the default outputter used by the salt command. The default is "nested"
80
+ #output: nested
81
+
82
+ # By default output is colored, to disable colored output set the color value
83
+ # to False
84
+ #color: True
85
+
86
+ # Set the directory used to hold unix sockets
87
+ #sock_dir: /var/run/salt/master
88
+
89
+ # The master maintains a job cache, while this is a great addition it can be
90
+ # a burden on the master for larger deployments (over 5000 minions).
91
+ # Disabling the job cache will make previously executed jobs unavailable to
92
+ # the jobs system and is not generally recommended.
93
+ #
94
+ #job_cache: True
95
+
96
+ # Cache minion grains and pillar data in the cachedir.
97
+ #minion_data_cache: True
98
+
99
+ # The master can include configuration from other files. To enable this,
100
+ # pass a list of paths to this option. The paths can be either relative or
101
+ # absolute; if relative, they are considered to be relative to the directory
102
+ # the main master configuration file lives in (this file). Paths can make use
103
+ # of shell-style globbing. If no files are matched by a path passed to this
104
+ # option then the master will log a warning message.
105
+ #
106
+ #
107
+ # Include a config file from some other path:
108
+ # include: /etc/salt/extra_config
109
+ #
110
+ # Include config from several files and directories:
111
+ # include:
112
+ # - /etc/salt/extra_config
113
+
114
+
115
+ ##### Security settings #####
116
+ ##########################################
117
+ # Enable "open mode", this mode still maintains encryption, but turns off
118
+ # authentication, this is only intended for highly secure environments or for
119
+ # the situation where your keys end up in a bad state. If you run in open mode
120
+ # you do so at your own risk!
121
+ #open_mode: False
122
+
123
+ # Enable auto_accept, this setting will automatically accept all incoming
124
+ # public keys from the minions. Note that this is insecure.
125
+ #auto_accept: False
126
+
127
+ # If the autosign_file is specified only incoming keys specified in
128
+ # the autosign_file will be automatically accepted. This is insecure.
129
+ # Regular expressions as well as globing lines are supported.
130
+ #autosign_file: /etc/salt/autosign.conf
131
+
132
+ # Enable permissive access to the salt keys. This allows you to run the
133
+ # master or minion as root, but have a non-root group be given access to
134
+ # your pki_dir. To make the access explicit, root must belong to the group
135
+ # you've given access to. This is potentially quite insecure.
136
+ # If an autosign_file is specified, enabling permissive_pki_access will allow group access
137
+ # to that specific file.
138
+ #permissive_pki_access: False
139
+
140
+ # Allow users on the master access to execute specific commands on minions.
141
+ # This setting should be treated with care since it opens up execution
142
+ # capabilities to non root users. By default this capability is completely
143
+ # disabled.
144
+ #
145
+ # client_acl:
146
+ # larry:
147
+ # - test.ping
148
+ # - network.*
149
+ #
150
+
151
+ # Blacklist any of the following users or modules
152
+ #
153
+ # This example would blacklist all non sudo users, including root from
154
+ # running any commands. It would also blacklist any use of the "cmd"
155
+ # module.
156
+ # This is completely disabled by default.
157
+ #
158
+ # client_acl_blacklist:
159
+ # users:
160
+ # - root
161
+ # - '^(?!sudo_).*$' # all non sudo users
162
+ # modules:
163
+ # - cmd
164
+
165
+ # The external auth system uses the Salt auth modules to authenticate and
166
+ # validate users to access areas of the Salt system
167
+ #
168
+ # external_auth:
169
+ # pam:
170
+ # fred:
171
+ # - test.*
172
+ #
173
+ # Time (in seconds) for a newly generated token to live. Default: 12 hours
174
+ # token_expire: 43200
175
+
176
+
177
+ ##### Master Module Management #####
178
+ ##########################################
179
+ # Manage how master side modules are loaded
180
+
181
+ # Add any additional locations to look for master runners
182
+ #runner_dirs: []
183
+
184
+ # Enable Cython for master side modules
185
+ #cython_enable: False
186
+
187
+
188
+ ##### State System settings #####
189
+ ##########################################
190
+ # The state system uses a "top" file to tell the minions what environment to
191
+ # use and what modules to use. The state_top file is defined relative to the
192
+ # root of the base environment as defined in "File Server settings" below.
193
+ #state_top: top.sls
194
+
195
+ # The master_tops option replaces the external_nodes option by creating
196
+ # a plugable system for the generation of external top data. The external_nodes
197
+ # option is deprecated by the master_tops option.
198
+ # To gain the capabilities of the classic external_nodes system, use the
199
+ # following configuration:
200
+ # master_tops:
201
+ # ext_nodes: <Shell command which returns yaml>
202
+ #
203
+ #master_tops: {}
204
+
205
+ # The external_nodes option allows Salt to gather data that would normally be
206
+ # placed in a top file. The external_nodes option is the executable that will
207
+ # return the ENC data. Remember that Salt will look for external nodes AND top
208
+ # files and combine the results if both are enabled!
209
+ #external_nodes: None
210
+
211
+ # The renderer to use on the minions to render the state data
212
+ #renderer: yaml_jinja
213
+
214
+ # The failhard option tells the minions to stop immediately after the first
215
+ # failure detected in the state execution, defaults to False
216
+ #failhard: False
217
+
218
+ # The state_verbose and state_output settings can be used to change the way
219
+ # state system data is printed to the display. By default all data is printed.
220
+ # The state_verbose setting can be set to True or False, when set to False
221
+ # all data that has a result of True and no changes will be suppressed.
222
+ #state_verbose: True
223
+
224
+ # The state_output setting changes if the output is the full multi line
225
+ # output for each changed state if set to 'full', but if set to 'terse'
226
+ # the output will be shortened to a single line.
227
+ #state_output: full
228
+
229
+
230
+ ##### File Server settings #####
231
+ ##########################################
232
+ # Salt runs a lightweight file server written in zeromq to deliver files to
233
+ # minions. This file server is built into the master daemon and does not
234
+ # require a dedicated port.
235
+
236
+ # The file server works on environments passed to the master, each environment
237
+ # can have multiple root directories, the subdirectories in the multiple file
238
+ # roots cannot match, otherwise the downloaded files will not be able to be
239
+ # reliably ensured. A base environment is required to house the top file.
240
+ # Example:
241
+ # file_roots:
242
+ # base:
243
+ # - /srv/salt/
244
+ # dev:
245
+ # - /srv/salt/dev/services
246
+ # - /srv/salt/dev/states
247
+ # prod:
248
+ # - /srv/salt/prod/services
249
+ # - /srv/salt/prod/states
250
+
251
+ #file_roots:
252
+ # base:
253
+ # - /srv/salt
254
+
255
+ # The hash_type is the hash to use when discovering the hash of a file on
256
+ # the master server, the default is md5, but sha1, sha224, sha256, sha384
257
+ # and sha512 are also supported.
258
+ #hash_type: md5
259
+
260
+ # The buffer size in the file server can be adjusted here:
261
+ #file_buffer_size: 1048576
262
+
263
+ # A regular expression (or a list of expressions) that will be matched
264
+ # against the file path before syncing the modules and states to the minions.
265
+ # This includes files affected by the file.recurse state.
266
+ # For example, if you manage your custom modules and states in subversion
267
+ # and don't want all the '.svn' folders and content synced to your minions,
268
+ # you could set this to '/\.svn($|/)'. By default nothing is ignored.
269
+ # file_ignore_regex:
270
+ # - '/\.svn($|/)'
271
+ # - '/\.git($|/)'
272
+
273
+ # A file glob (or list of file globs) that will be matched against the file
274
+ # path before syncing the modules and states to the minions. This is similar
275
+ # to file_ignore_regex above, but works on globs instead of regex. By default
276
+ # nothing is ignored.
277
+ # file_ignore_glob:
278
+ # - '*.pyc'
279
+ # - '*/somefolder/*.bak'
280
+
281
+ # File Server Backend
282
+ # Salt supports a modular fileserver backend system, this system allows
283
+ # the salt master to link directly to third party systems to gather and
284
+ # manage the files available to minions. Multiple backends can be
285
+ # configured and will be searched for the requested file in the order in which
286
+ # they are defined here. The default setting only enables the standard backend
287
+ # "roots" which uses the "file_roots" option.
288
+ #fileserver_backend:
289
+ # - roots
290
+ # To use multiple backends list them in the order they are searched:
291
+ # fileserver_backend:
292
+ # - git
293
+ # - roots
294
+
295
+ # Git fileserver backend configuration
296
+ # When using the git fileserver backend at least one git remote needs to be
297
+ # defined. The user running the salt master will need read access to the repo.
298
+ # gitfs_remotes:
299
+ # - git://github.com/saltstack/salt-states.git
300
+ # - file:///var/git/saltmaster
301
+ # The repos will be searched in order to find the file requested by a client
302
+ # and the first repo to have the file will return it.
303
+ # When using the git backend branches and tags are translated into salt
304
+ # environments.
305
+
306
+
307
+ ##### Pillar settings #####
308
+ ##########################################
309
+ # Salt Pillars allow for the building of global data that can be made selectively
310
+ # available to different minions based on minion grain filtering. The Salt
311
+ # Pillar is laid out in the same fashion as the file server, with environments,
312
+ # a top file and sls files. However, pillar data does not need to be in the
313
+ # highstate format, and is generally just key/value pairs.
314
+
315
+ #pillar_roots:
316
+ # base:
317
+ # - /srv/pillar
318
+
319
+ # ext_pillar:
320
+ # - hiera: /etc/hiera.yaml
321
+ # - cmd_yaml: cat /etc/salt/yaml
322
+
323
+ # The pillar_opts option adds the master configuration file data to a dict in
324
+ # the pillar called "master". This is used to set simple configurations in the
325
+ # master config file that can then be used on minions.
326
+ #pillar_opts: True
327
+
328
+
329
+ ##### Syndic settings #####
330
+ ##########################################
331
+ # The Salt syndic is used to pass commands through a master from a higher
332
+ # master. Using the syndic is simple, if this is a master that will have
333
+ # syndic servers(s) below it set the "order_masters" setting to True, if this
334
+ # is a master that will be running a syndic daemon for passthrough the
335
+ # "syndic_master" setting needs to be set to the location of the master server
336
+ # to receive commands from.
337
+
338
+ # Set the order_masters setting to True if this master will command lower
339
+ # masters' syndic interfaces.
340
+ #order_masters: False
341
+
342
+ # If this master will be running a salt syndic daemon, syndic_master tells
343
+ # this master where to receive commands from.
344
+ #syndic_master: masterofmaster
345
+
346
+
347
+ ##### Peer Publish settings #####
348
+ ##########################################
349
+ # Salt minions can send commands to other minions, but only if the minion is
350
+ # allowed to. By default "Peer Publication" is disabled, and when enabled it
351
+ # is enabled for specific minions and specific commands. This allows secure
352
+ # compartmentalization of commands based on individual minions.
353
+
354
+ # The configuration uses regular expressions to match minions and then a list
355
+ # of regular expressions to match functions. The following will allow the
356
+ # minion authenticated as foo.example.com to execute functions from the test
357
+ # and pkg modules.
358
+ # peer:
359
+ # foo.example.com:
360
+ # - test.*
361
+ # - pkg.*
362
+ #
363
+ # This will allow all minions to execute all commands:
364
+ # peer:
365
+ # .*:
366
+ # - .*
367
+ # This is not recommended, since it would allow anyone who gets root on any
368
+ # single minion to instantly have root on all of the minions!
369
+
370
+ # Minions can also be allowed to execute runners from the salt master.
371
+ # Since executing a runner from the minion could be considered a security risk,
372
+ # it needs to be enabled. This setting functions just like the peer setting
373
+ # except that it opens up runners instead of module functions.
374
+ #
375
+ # All peer runner support is turned off by default and must be enabled before
376
+ # using. This will enable all peer runners for all minions:
377
+ #
378
+ # peer_run:
379
+ # .*:
380
+ # - .*
381
+ #
382
+ # To enable just the manage.up runner for the minion foo.example.com:
383
+ #
384
+ # peer_run:
385
+ # foo.example.com:
386
+ # - manage.up
387
+
388
+
389
+ ##### Logging settings #####
390
+ ##########################################
391
+ # The location of the master log file
392
+ # The master log can be sent to a regular file, local path name, or network
393
+ # location. Remote logging works best when configured to use rsyslogd(8) (e.g.:
394
+ # ``file:///dev/log``), with rsyslogd(8) configured for network logging. The URI
395
+ # format is: <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
396
+ #log_file: /var/log/salt/master
397
+ #log_file: file:///dev/log
398
+ #log_file: udp://loghost:10514
399
+
400
+ #log_file: /var/log/salt/master
401
+ #key_logfile: /var/log/salt/key
402
+
403
+ # The level of messages to send to the console.
404
+ # One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
405
+ #log_level: warning
406
+
407
+ # The level of messages to send to the log file.
408
+ # One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
409
+ #log_level_logfile: warning
410
+
411
+ # The date and time format used in log messages. Allowed date/time formating
412
+ # can be seen here: http://docs.python.org/library/time.html#time.strftime
413
+ #log_datefmt: '%H:%M:%S'
414
+ #log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
415
+
416
+ # The format of the console logging messages. Allowed formatting options can
417
+ # be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
418
+ #log_fmt_console: '[%(levelname)-8s] %(message)s'
419
+ #log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
420
+
421
+ # This can be used to control logging levels more specificically. This
422
+ # example sets the main salt library at the 'warning' level, but sets
423
+ # 'salt.modules' to log at the 'debug' level:
424
+ # log_granular_levels:
425
+ # 'salt': 'warning',
426
+ # 'salt.modules': 'debug'
427
+ #
428
+ #log_granular_levels: {}
429
+
430
+
431
+ ##### Node Groups #####
432
+ ##########################################
433
+ # Node groups allow for logical groupings of minion nodes.
434
+ # A group consists of a group name and a compound target.
435
+ #
436
+ # nodegroups:
437
+ # group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com'
438
+ # group2: 'G@os:Debian and foo.domain.com'
439
+
440
+
441
+ ##### Range Cluster settings #####
442
+ ##########################################
443
+ # The range server (and optional port) that serves your cluster information
444
+ # https://github.com/grierj/range/wiki/Introduction-to-Range-with-YAML-files
445
+ #
446
+ # range_server: range:80
447
+
448
+
449
+ ##### Windows Software Repo settings #####
450
+ ##############################################
451
+ # Location of the repo on the master
452
+ # win_repo: '/srv/salt/win/repo'
453
+
454
+ # Location of the master's repo cache file
455
+ # win_repo_mastercachefile: '/srv/salt/win/repo/winrepo.p'
456
+
457
+ # List of git repositories to include with the local repo
458
+ # win_gitrepos:
459
+ # - 'https://github.com/saltstack/salt-winrepo.git'