Public Repository

Last pushed: a year ago
Short Description
A simple salt master server, based on Debian Stretch. Supports Gitfs and salt-api.
Full Description

New in version 0.4.1:

  • Switch to Debian Stretch so we get pygit2 (needed for authenticated gitfs repos)

New in version 0.4.0:

  • Upgrade to salt 2016.3.2
  • Switched from Alpine (through Arch) to Debian Jessie. Hopefully that's the end of the base changes.
  • API now uses cherrypy since that's the Debian default
  • Run a minion locally so the salt master can manage itself

Ideas liberally borrowed from thisissoon/docker-salt-master.

I salt my own salt-master. Here's the recipe:

#this is a docker-based config, so we use the docker file path for our work
{% set saltHome = salt['pillar.get']('docker:salt:master:folder') %}

Salt root directory:
file.directory:
    - name: {{ saltHome }}
    - user: root
    - group: root

Master configuration directory:
file.directory:
    - name: {{ saltHome }}/master.d
    - user: root
    - group: root

Crypto storage:
file.directory:
    - name: {{ saltHome }}/pki
    - user: root
    - group: root

Local pillars:
file.directory:
    - name: {{ saltHome }}/srv-pillar
    - user: root
    - group: root

Local states:
file.directory:
    - name: {{ saltHome }}/srv-salt
    - user: root
    - group: root

Hack until public registry support is available:
cmd.run:
    - name: /usr/bin/docker pull base10/salt-master

Deploy gitroot pubkey:
file.managed:
    - name: {{ saltHome }}/master.d/git-deploy.pub
    - contents_pillar: docker:salt:master:ssh_pubkey
    - user: root
    - group: root
    - mode: 644
Deploy gitroot privkey:
file.managed:
    - name: {{ saltHome }}/master.d/git-deploy.key
    - contents_pillar: docker:salt:master:ssh_key
    - user: root
    - group: root
    - mode: 600
Deploy gitroot conf:
file.managed:
    - name: {{ saltHome }}/master.d/gitroot.conf
    - source: salt://{{ slspath }}/gitroot.conf
    - user: root
    - group: root
    - mode: 600


Deploy salt-api config:
    file.managed:
    - name: {{ saltHome }}/master.d/salt-api.conf
    - source: salt://{{ slspath }}/salt-api.conf
    - user: root
    - group: root
    - mode: 755

Run latest Salt master image:
dockerng.running:
    - name: saltm
    - image: base10/salt-master:0.4.1
    - memory: 768M
    - memory_swap: 768M
    - restart_policy: always
    - port_bindings: 
    - 4505:4505
    - 4506:4506
    - 5417:5417
    - binds:
    - {{ saltHome }}/pki:/etc/salt/pki
    - {{ saltHome }}/master.d:/etc/salt/master.d
    - {{ saltHome }}/srv-salt:/srv/salt
    - {{ saltHome }}/srv-pillar:/srv/pillar
Docker Pull Command
Owner
base10

Comments (0)