From: Frank Brehm Date: Thu, 14 Mar 2019 10:28:25 +0000 (+0100) Subject: committing changes in /etc after apt run X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=da48c81e69ea7452ae28fbf1d96340e00013ee1c;p=config%2Fns3%2Fetc.git committing changes in /etc after apt run Package changes: -libapache2-mod-php7.0 7.0.33-0+deb9u1 amd64 +libapache2-mod-php7.0 7.0.33-0+deb9u3 amd64 -libssl1.0.2 1.0.2q-1~deb9u1 amd64 +libssl1.0.2 1.0.2r-1~deb9u1 amd64 -linux-image-4.9.0-8-amd64 4.9.144-3 amd64 +linux-image-4.9.0-8-amd64 4.9.144-3.1 amd64 -openssh-client 1:7.4p1-10+deb9u5 amd64 -openssh-server 1:7.4p1-10+deb9u5 amd64 -openssh-sftp-server 1:7.4p1-10+deb9u5 amd64 +openssh-client 1:7.4p1-10+deb9u6 amd64 +openssh-server 1:7.4p1-10+deb9u6 amd64 +openssh-sftp-server 1:7.4p1-10+deb9u6 amd64 -php7.0 7.0.33-0+deb9u1 all -php7.0-cli 7.0.33-0+deb9u1 amd64 -php7.0-common 7.0.33-0+deb9u1 amd64 -php7.0-gd 7.0.33-0+deb9u1 amd64 -php7.0-json 7.0.33-0+deb9u1 amd64 -php7.0-ldap 7.0.33-0+deb9u1 amd64 -php7.0-mcrypt 7.0.33-0+deb9u1 amd64 -php7.0-opcache 7.0.33-0+deb9u1 amd64 -php7.0-readline 7.0.33-0+deb9u1 amd64 +php7.0 7.0.33-0+deb9u3 all +php7.0-cli 7.0.33-0+deb9u3 amd64 +php7.0-common 7.0.33-0+deb9u3 amd64 +php7.0-gd 7.0.33-0+deb9u3 amd64 +php7.0-json 7.0.33-0+deb9u3 amd64 +php7.0-ldap 7.0.33-0+deb9u3 amd64 +php7.0-mcrypt 7.0.33-0+deb9u3 amd64 +php7.0-opcache 7.0.33-0+deb9u3 amd64 +php7.0-readline 7.0.33-0+deb9u3 amd64 -salt-common 2018.3.3+ds-2 all -salt-master 2018.3.3+ds-2 all -salt-minion 2018.3.3+ds-2 all -salt-ssh 2018.3.3+ds-2 all +salt-common 2019.2.0+ds-1 all +salt-master 2019.2.0+ds-1 all +salt-minion 2019.2.0+ds-1 all +salt-ssh 2019.2.0+ds-1 all --- diff --git a/apt/apt.conf.d/01autoremove-kernels b/apt/apt.conf.d/01autoremove-kernels index 589eb18..00554a9 100644 --- a/apt/apt.conf.d/01autoremove-kernels +++ b/apt/apt.conf.d/01autoremove-kernels @@ -27,20 +27,20 @@ APT::NeverAutoRemove /* Debug information: # dpkg list: ii linux-image-4.9.0-6-amd64 4.9.88-1+deb9u1 amd64 Linux 4.9 for 64-bit PCs -iF linux-image-4.9.0-8-amd64 4.9.144-3 amd64 Linux 4.9 for 64-bit PCs +iF linux-image-4.9.0-8-amd64 4.9.144-3.1 amd64 Linux 4.9 for 64-bit PCs ii linux-image-amd64 4.9+80+deb9u6 amd64 Linux for 64-bit PCs (meta-package) # list of installed kernel packages: 4.9.0-6-amd64 4.9.88-1+deb9u1 -4.9.0-8-amd64 4.9.144-3 +4.9.0-8-amd64 4.9.144-3.1 # list of different kernel versions: -4.9.144-3 +4.9.144-3.1 4.9.88-1+deb9u1 -# Installing kernel: 4.9.144-3 (4.9.0-8-amd64) -# Running kernel: 4.9.144-3 (4.9.0-8-amd64) -# Last kernel: 4.9.144-3 +# Installing kernel: 4.9.144-3.1 (4.9.0-8-amd64) +# Running kernel: 4.9.144-3.1 (4.9.0-8-amd64) +# Last kernel: 4.9.144-3.1 # Previous kernel: 4.9.88-1+deb9u1 # Kernel versions list to keep: -4.9.144-3 +4.9.144-3.1 4.9.88-1+deb9u1 # Kernel packages (version part) to protect: 4\.9\.0-6-amd64 diff --git a/salt/master b/salt/master index 149fe88..a1ced68 100644 --- a/salt/master +++ b/salt/master @@ -176,6 +176,14 @@ # master event bus. The value is expressed in bytes. #max_event_size: 1048576 +# Windows platforms lack posix IPC and must rely on slower TCP based inter- +# process communications. Set ipc_mode to 'tcp' on such systems +#ipc_mode: ipc + +# Overwrite the default tcp ports used by the minion when ipc_mode is set to 'tcp' +#tcp_master_pub_port: 4510 +#tcp_master_pull_port: 4511 + # By default, the master AES key rotates every 24 hours. The next command # following a key rotation will trigger a key refresh from the minion which may # result in minions which do not respond to the first command after a key refresh. @@ -261,24 +269,6 @@ # The publisher interface ZeroMQPubServerChannel #pub_hwm: 1000 -# These two ZMQ HWM settings, salt_event_pub_hwm and event_publisher_pub_hwm -# are significant for masters with thousands of minions. When these are -# insufficiently high it will manifest in random responses missing in the CLI -# and even missing from the job cache. Masters that have fast CPUs and many -# cores with appropriate worker_threads will not need these set as high. - -# On deployment with 8,000 minions, 2.4GHz CPUs, 24 cores, 32GiB memory has -# these settings: -# -# salt_event_pub_hwm: 128000 -# event_publisher_pub_hwm: 64000 - -# ZMQ high-water-mark for SaltEvent pub socket -#salt_event_pub_hwm: 20000 - -# ZMQ high-water-mark for EventPublisher pub socket -#event_publisher_pub_hwm: 10000 - # The master may allocate memory per-event and not # reclaim it. # To set a high-water mark for memory allocation, use @@ -574,14 +564,8 @@ # #master_tops: {} -# The external_nodes option allows Salt to gather data that would normally be -# placed in a top file. The external_nodes option is the executable that will -# return the ENC data. Remember that Salt will look for external nodes AND top -# files and combine the results if both are enabled! -#external_nodes: None - # The renderer to use on the minions to render the state data -#renderer: yaml_jinja +#renderer: jinja|yaml # Default Jinja environment options for all templates except sls templates #jinja_env: @@ -591,8 +575,8 @@ # variable_end_string: '}}' # comment_start_string: '{#' # comment_end_string: '#}' -# line_statement_prefix: -# line_comment_prefix: +# line_statement_prefix: +# line_comment_prefix: # trim_blocks: False # lstrip_blocks: False # newline_sequence: '\n' @@ -606,8 +590,8 @@ # variable_end_string: '}}' # comment_start_string: '{#' # comment_end_string: '#}' -# line_statement_prefix: -# line_comment_prefix: +# line_statement_prefix: +# line_comment_prefix: # trim_blocks: False # lstrip_blocks: False # newline_sequence: '\n' @@ -1161,7 +1145,7 @@ #log_level: warning # The level of messages to send to the log file. -# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. +# One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'. # If using 'log_granular_levels' this must be set to the highest desired level. #log_level_logfile: warning diff --git a/salt/minion b/salt/minion index 41b507b..f2b6655 100644 --- a/salt/minion +++ b/salt/minion @@ -21,15 +21,19 @@ #proxy_username: #proxy_password: +# List of hosts to bypass HTTP proxy. This key does nothing unless proxy_host etc is +# configured, it does not support any kind of wildcards. +#no_proxy: [] + # If multiple masters are specified in the 'master' setting, the default behavior -# is to always try to connect to them in the order they are listed. If random_master is -# set to True, the order will be randomized instead. This can be helpful in distributing -# the load of many minions executing salt-call requests, for example, from a cron job. -# If only one master is listed, this setting is ignored and a warning will be logged. -# NOTE: If master_type is set to failover, use master_shuffle instead. +# is to always try to connect to them in the order they are listed. If random_master +# is set to True, the order will be randomized upon Minion startup instead. This can +# be helpful in distributing the load of many minions executing salt-call requests, +# for example, from a cron job. If only one master is listed, this setting is ignored +# and a warning will be logged. #random_master: False -# Use if master_type is set to failover. +# NOTE: Deprecated in Salt 2019.2.0. Use 'random_master' instead. #master_shuffle: False # Minions can connect to multiple masters simultaneously (all masters @@ -66,6 +70,11 @@ # Set to zero if the minion should shutdown and not retry. # retry_dns: 30 +# Set the number of times to attempt to resolve +# the master hostname if name resolution fails. Defaults to None, +# which will attempt the resolution indefinitely. +# retry_dns_count: 3 + # Set the port used by the master reply and authentication server. #master_port: 4506 @@ -148,6 +157,11 @@ # Set the directory used to hold unix sockets. #sock_dir: /var/run/salt/minion +# The minion can take a while to start up when lspci and/or dmidecode is used +# to populate the grains for the minion. Set this to False if you do not need +# GPU hardware grains for your minion. +# enable_gpu_grains: True + # Set the default outputter used by the salt-call command. The default is # "nested". #output: nested @@ -380,7 +394,7 @@ # process communications. Set ipc_mode to 'tcp' on such systems #ipc_mode: ipc -# Overwrite the default tcp ports used by the minion when in tcp mode +# Overwrite the default tcp ports used by the minion when ipc_mode is set to 'tcp' #tcp_pub_port: 4510 #tcp_pull_port: 4511 @@ -389,6 +403,16 @@ # minion event bus. The value is expressed in bytes. #max_event_size: 1048576 +# When a minion starts up it sends a notification on the event bus with a tag +# that looks like this: `salt/minion//start`. For historical reasons +# the minion also sends a similar event with an event tag like this: +# `minion_start`. This duplication can cause a lot of clutter on the event bus +# when there are many minions. Set `enable_legacy_startup_events: False` in the +# minion config to ensure only the `salt/minion//start` events are +# sent. Beginning with the `Sodium` Salt release this option will default to +# `False` +#enable_legacy_startup_events: True + # To detect failed master(s) and fire events on connect/disconnect, set # master_alive_interval to the number of seconds to poll the masters for # connection events. @@ -463,19 +487,18 @@ ##### State Management Settings ##### ########################################### -# The state management system executes all of the state templates on the minion -# to enable more granular control of system state management. The type of -# template and serialization used for state management needs to be configured -# on the minion, the default renderer is yaml_jinja. This is a yaml file -# rendered from a jinja template, the available options are: -# yaml_jinja -# yaml_mako -# yaml_wempy -# json_jinja -# json_mako -# json_wempy -# -#renderer: yaml_jinja +# The default renderer to use in SLS files. This is configured as a +# pipe-delimited expression. For example, jinja|yaml will first run jinja +# templating on the SLS file, and then load the result as YAML. This syntax is +# documented in further depth at the following URL: +# +# https://docs.saltstack.com/en/latest/ref/renderers/#composing-renderers +# +# NOTE: The "shebang" prefix (e.g. "#!jinja|yaml") described in the +# documentation linked above is for use in an SLS file to override the default +# renderer, it should not be used when configuring the renderer here. +# +#renderer: jinja|yaml # # The failhard option tells the minions to stop immediately after the first # failure detected in the state execution. Defaults to False. @@ -720,7 +743,7 @@ #key_logfile: /var/log/salt/key # The level of messages to send to the console. -# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. +# One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'. # # The following log levels are considered INSECURE and may log sensitive data: # ['garbage', 'trace', 'debug'] diff --git a/salt/proxy b/salt/proxy index 908dd25..757941e 100644 --- a/salt/proxy +++ b/salt/proxy @@ -356,19 +356,18 @@ ##### State Management Settings ##### ########################################### -# The state management system executes all of the state templates on the minion -# to enable more granular control of system state management. The type of -# template and serialization used for state management needs to be configured -# on the minion, the default renderer is yaml_jinja. This is a yaml file -# rendered from a jinja template, the available options are: -# yaml_jinja -# yaml_mako -# yaml_wempy -# json_jinja -# json_mako -# json_wempy -# -#renderer: yaml_jinja +# The default renderer to use in SLS files. This is configured as a +# pipe-delimited expression. For example, jinja|yaml will first run jinja +# templating on the SLS file, and then load the result as YAML. This syntax is +# documented in further depth at the following URL: +# +# https://docs.saltstack.com/en/latest/ref/renderers/#composing-renderers +# +# NOTE: The "shebang" prefix (e.g. "#!jinja|yaml") described in the +# documentation linked above is for use in an SLS file to override the default +# renderer, it should not be used when configuring the renderer here. +# +#renderer: jinja|yaml # # The failhard option tells the minions to stop immediately after the first # failure detected in the state execution. Defaults to False. @@ -543,7 +542,7 @@ #key_logfile: /var/log/salt/key # The level of messages to send to the console. -# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. +# One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'. # # The following log levels are considered INSECURE and may log sensitive data: # ['garbage', 'trace', 'debug']