From: Frank Brehm Date: Sun, 4 Dec 2016 20:18:56 +0000 (+0100) Subject: Current state X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;p=config%2Fkarla%2Fetc.git Current state --- diff --git a/.etckeeper b/.etckeeper index 5f06237..987337a 100755 --- a/.etckeeper +++ b/.etckeeper @@ -24,7 +24,6 @@ mkdir -p './network/if-pre-up.d' mkdir -p './network/interfaces.d' mkdir -p './opt' mkdir -p './perl/CPAN' -mkdir -p './salt/minion.d' mkdir -p './salt/proxy.d' mkdir -p './security/limits.d' mkdir -p './security/namespace.d' @@ -590,6 +589,7 @@ maybe chmod 0644 'rsyslog.d/70-pb.conf' maybe chmod 0755 'salt' maybe chmod 0644 'salt/minion' maybe chmod 0755 'salt/minion.d' +maybe chmod 0644 'salt/minion.d/my-minion.conf' maybe chmod 0644 'salt/minion_id' maybe chmod 0755 'salt/pki' maybe chmod 0700 'salt/pki/minion' diff --git a/salt/minion b/salt/minion index 76ed4eb..ad7a374 100644 --- a/salt/minion +++ b/salt/minion @@ -13,7 +13,7 @@ # Set the location of the salt master server. If the master server cannot be # resolved, then the minion will fail to start. -master: salt.uhu-banane.de +#master: salt # Set http proxy information for the minion when doing requests #proxy_host: @@ -38,6 +38,8 @@ master: salt.uhu-banane.de # value to "str". Failover masters can be requested by setting # to "failover". MAKE SURE TO SET master_alive_interval if you are # using failover. +# Setting master_type to 'disable' let's you have a running minion (with engines and +# beacons) without a master connection # master_type: str # Poll interval in seconds for checking if the master is still there. Only @@ -58,7 +60,6 @@ master: salt.uhu-banane.de # Set whether the minion should connect to the master via IPv6: #ipv6: False -ipv6: True # Set the number of seconds to wait before attempting to resolve # the master hostname if name resolution fails. Defaults to 30 seconds. @@ -295,10 +296,17 @@ ipv6: True # # # The loop_interval sets how long in seconds the minion will wait between -# evaluating the scheduler and running cleanup tasks. This defaults to a -# sane 60 seconds, but if the minion scheduler needs to be evaluated more -# often lower this value -#loop_interval: 60 +# evaluating the scheduler and running cleanup tasks. This defaults to 1 +# second on the minion scheduler. +#loop_interval: 1 + +# Some installations choose to start all job returns in a cache or a returner +# and forgo sending the results back to a master. In this workflow, jobs +# are most often executed with --async from the Salt CLI and then results +# are evaluated by examining job caches on the minions or any configured returners. +# WARNING: Setting this to False will **disable** returns back to the master. +#pub_ret: True + # The grains can be merged, instead of overridden, using this option. # This allows custom grains to defined different subvalues of a dictionary @@ -328,7 +336,7 @@ ipv6: True # Grains cache expiration, in seconds. If the cache file is older than this # number of seconds then the grains cache will be dumped and fully re-populated -# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache' +# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache' # is not enabled. # grains_cache_expiration: 300 @@ -395,8 +403,11 @@ ipv6: True ##### Minion module management ##### ########################################## # Disable specific modules. This allows the admin to limit the level of -# access the master has to the minion. -#disable_modules: [cmd,test] +# access the master has to the minion. The default here is the empty list, +# below is an example of how this needs to be formatted in the config file +#disable_modules: +# - cmdmod +# - test #disable_returners: [] # This is the reverse of disable_modules. The default, like disable_modules, is the empty list, @@ -473,6 +484,11 @@ ipv6: True # as the environment setting, but for pillar instead of states. #pillarenv: None # +# Set this option to 'True' to force a 'KeyError' to be raised whenever an +# attempt to retrieve a named value from pillar fails. When this option is set +# to 'False', the failed attempt returns an empty string. Default is 'False'. +#pillar_raise_on_missing: False +# # If using the local file directory, then the state top file name needs to be # defined, by default this is top.sls. #state_top: top.sls @@ -552,12 +568,16 @@ ipv6: True # is False. #fileserver_limit_traversal: False -# The hash_type is the hash to use when discovering the hash of a file in -# the local fileserver. The default is sha256, sha224, sha384 and sha512 are also supported. +# The hash_type is the hash to use when discovering the hash of a file on +# the local fileserver. The default is md5, but sha1, sha224, sha256, sha384 +# and sha512 are also supported. # # WARNING: While md5 and sha1 are also supported, do not use it due to the high chance # of possible collisions and thus security breach. # +# WARNING: While md5 is also supported, do not use it due to the high chance +# of possible collisions and thus security breach. +# # Warning: Prior to changing this value, the minion should be stopped and all # Salt caches should be cleared. #hash_type: sha256 @@ -610,7 +630,7 @@ ipv6: True # Fingerprint of the master public key to validate the identity of your Salt master # before the initial key exchange. The master fingerprint can be found by running -# "salt-key -F master" on the Salt master. +# "salt-key -f master.pub" on the Salt master. #master_finger: '' @@ -672,7 +692,7 @@ ipv6: True #log_fmt_console: '%(colorlevel)s %(colormsg)s' #log_fmt_console: '[%(levelname)-8s] %(message)s' # -#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s' +#log_fmt_logfile: '%(asctime)s,%(msecs)03d [%(name)-17s][%(levelname)-8s] %(message)s' # This can be used to control logging levels more specificically. This # example sets the main salt library at the 'warning' level, but sets diff --git a/salt/minion.d/my-minion.conf b/salt/minion.d/my-minion.conf new file mode 100644 index 0000000..f7bddb1 --- /dev/null +++ b/salt/minion.d/my-minion.conf @@ -0,0 +1,2 @@ +master: salt.uhu-banane.de +ipv6: True diff --git a/ssmtp/revaliases b/ssmtp/revaliases index 77ff91f..1e9dd31 100644 --- a/ssmtp/revaliases +++ b/ssmtp/revaliases @@ -4,3 +4,4 @@ # # Example: root:your_login@your.domain:mailhub.your.domain[:port] # where [:port] is an optional port number that defaults to 25. +root:root@brehm-online.com:bruni