b085abb41b
* modules/openstack_project/files/salt-trigger.sudoers: Allow the jenkins user to send messages to the salt master. * modules/openstack_project/manifests/salt_trigger_slave.pp: Add the sudoers inclusion above to the salt-trigger slave. * modules/salt/manifests/master.pp: Change ownership on the existing salt configuration directory on the master to belong to the salt user, and add the file structure for the new reactor components. * modules/salt/templates/master.erb: Add reactor configuration to run tests.sls when receiving a trigger named jenkins. * modules/salt/templates/tests.reactor.erb: Define a puppet command which will be run on all minions. Change-Id: I346bb28e5b4d53618855a28f616f7c5ed0e60dc7
124 lines
2.4 KiB
Puppet
124 lines
2.4 KiB
Puppet
# Class salt::master
|
|
#
|
|
class salt::master {
|
|
|
|
if ($::osfamily == 'Debian') {
|
|
include apt
|
|
|
|
# Wrap in ! defined checks to allow minion and master installs on the
|
|
# same host.
|
|
if ! defined(Apt::Ppa['ppa:saltstack/salt']) {
|
|
apt::ppa { 'ppa:saltstack/salt': }
|
|
}
|
|
|
|
if ! defined(Package['python-software-properties']) {
|
|
package { 'python-software-properties':
|
|
ensure => present,
|
|
}
|
|
}
|
|
|
|
Apt::Ppa['ppa:saltstack/salt'] -> Package['salt-master']
|
|
|
|
}
|
|
|
|
package { 'salt-master':
|
|
ensure => present
|
|
}
|
|
|
|
group { 'salt':
|
|
ensure => present,
|
|
system => true,
|
|
}
|
|
|
|
user { 'salt':
|
|
ensure => present,
|
|
gid => 'salt',
|
|
home => '/home/salt',
|
|
shell => '/bin/bash',
|
|
system => true,
|
|
require => Group['salt'],
|
|
}
|
|
|
|
file { '/home/salt':
|
|
ensure => directory,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0755',
|
|
require => User['salt'],
|
|
}
|
|
|
|
file { '/etc/salt/master':
|
|
ensure => present,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0644',
|
|
content => template('salt/master.erb'),
|
|
replace => true,
|
|
require => Package['salt-master'],
|
|
}
|
|
|
|
file { '/srv/reactor':
|
|
ensure => directory,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0755',
|
|
require => [
|
|
Package['salt-master'],
|
|
User['salt'],
|
|
],
|
|
}
|
|
|
|
file { '/srv/reactor/tests.sls':
|
|
ensure => present,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0644',
|
|
content => template('salt/tests.reactor.erb'),
|
|
replace => true,
|
|
require => [
|
|
Package['salt-master'],
|
|
File['/srv/reactor'],
|
|
],
|
|
}
|
|
|
|
file { '/etc/salt/pki':
|
|
ensure => directory,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0710',
|
|
require => [
|
|
Package['salt-master'],
|
|
User['salt'],
|
|
],
|
|
}
|
|
|
|
file { '/etc/salt/pki/master':
|
|
ensure => directory,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0770',
|
|
require => File['/etc/salt/pki'],
|
|
}
|
|
|
|
file { '/etc/salt/pki/master/minions':
|
|
ensure => directory,
|
|
owner => 'salt',
|
|
group => 'salt',
|
|
mode => '0775',
|
|
require => File['/etc/salt/pki/master'],
|
|
}
|
|
|
|
service { 'salt-master':
|
|
ensure => running,
|
|
enable => true,
|
|
require => [
|
|
User['salt'],
|
|
File['/etc/salt/master'],
|
|
],
|
|
subscribe => [
|
|
Package['salt-master'],
|
|
File['/etc/salt/master'],
|
|
],
|
|
}
|
|
}
|