Domain Control

Configuring and controlling a domain, containing several machines with different operating systems, from Linux, with Salt.

---

Flexible and scalable.

Control stuff with Saltstack

Made in the course:
Configuration Management Systems by Tero Karvinen

Current Version: Release / Demo

• Sources released.
• Functions are tested and working.
• Further development is not certain. Probably will be used as a based for new project.

10.12.2022 - Demo version released

Download source, if you need it in zip format: .zip

Usage instructions:

Please start by reading the REPORT

For this to work as its meant to, you need:
( also minion config stuff is in the list)

Production:      
- 2 x Debian 11 servers:
	-
	id: fileserver
	saltenv: prod
	-
	id: webserver
	saltenv: prod
	-
	
- Ubuntu 22.04 Desktop:
	id: ubuntu-ws
	saltenv: prod
	
- Windows 10:
	id: windows-ws
	saltenv: prod
	   
Development:
- 1 or more Debian 11 Server(s)
	id: dev-server<1->
	saltenv: dev
	
- Fedora 36 Desktop
	id: dev-fedora-ws
	saltenv: dev
	
- Ubuntu 22.04 Server
	id: dev-ubuntu
	saltenv: dev

Also master: <address> needs to be defined of course.

I dont recommend to use this, if your not comfortable with Salt already.
This might require little bit of advanced understanding of Salt.
There might come some errors, which would be hard to troubleshoot, as this is only tested by myself, in my local PC.
But if you are comfortable, you probably already know how to configure Salt master and Minions

git clone https://github.com/therealhalonen/domain_control
cd domain_control

After that:
Copy content of srv into /srv/
Copy etc/salt/master into /etc/salt/
For example:
First check that the directories youre about to copy to, exists!

sudo cp -r srv/* /srv/
sudo cp etc/salt/master /etc/salt/

Restart salt-master

sudo systemctl restart salt-master

Now you need to pull the win-repo to enable installing software for windows:

sudo salt-run winrepo.update_git_repos

Or you can use the included script srv/salt/update_winrepo_ng
The database sync, will be made automatically during the state apply

Next change the passwords found in the Pillar:

• regular is for user sicki
• superior is for admin-user supreme
• samba is for sambauser

regular and superior are generated with:

openssl passwd -6 <password>

For samba:
I used some random online generator, as i couldnt find how i could create NTML hashes.

Then you should have the machines configured as minions and everything should be set, so you can run:

sudo salt '*' state.apply

And all states should be ran.

See Testing for example outcome.

Optional features:

Vagrant, Virtualbox environment:
vagrant_prod folder holds the Vagrantfile for Production machines.
vagrant_dev folder holds the Vagrantfile for Development machines.

Each machine is configured to install salt-minion and connect to a Master to address 192.168.56.1, which in my case is the virtualbox host-only adapter address of my Host.
cd to directory and:

vagrant up

inside each folder, to create the machines.

And:

vagrant destroy

to destroy created machines

More info:
Vagrant - CLI

Troubleshooting

Vagrant:

SSH:
So if using Vagrant, after applying the states, the regular:

vagrant ssh <machine>

isnt obviously working anymore, as the sshd config is replaced.
But you can of course use:

ssh supreme@<address>

Windows:
If you see this while creating the Windows machine for Vagrant:

    windows-ws: Warning: Connection reset. Retrying...
    windows-ws: Warning: Remote connection disconnect. Retrying...
The guest machine entered an invalid state while waiting for it
to boot. Valid states are 'starting, running'. The machine is in the
'paused' state. Please verify everything is configured
properly and try again.

If the provider you're using has a GUI that comes with it,
it is often helpful to open that and watch the machine, since the
GUI often has more helpful error messages than Vagrant can retrieve.
For example, if you're using VirtualBox, run `vagrant up` while the
VirtualBox GUI is open.

The primary issue for this error is that the provider you're using
is not properly configured. This is very rarely a Vagrant issue.

And if its booted, just run:
vagrant reload windows-ws --provision

This might also happen:

==> windows-ws: Running provisioner: shell...
An error occurred in the underlying SSH library that Vagrant uses.
The error message is shown below. In many cases, errors from this
library are caused by ssh-agent issues. Try disabling your SSH
agent or removing some keys and try again.

If the problem persists, please report a bug to the net-ssh project.

timeout during server version negotiating

Just run:

vagrant reload windows-ws
vagrant up windows-ws --provision

If nothing else helps, follow this:

vagrant destroy windows-ws
sudo salt-key -d windows-ws
vagrant up windows-ws

Till it finishes right...
After that:

sudo salt-key -a windows-ws

Salt:
Windows again:
After accepting keys and applying state:

windows-ws:
    Data failed to compile:
----------
    No matching sls found for 'hello_all' in env 'base'

Reboot the Windows machine. or just restart salt-minion from it.
Error means, it hasnt registered which saltenv it belongs to, and will do it when Minion gets restarted next time.

More:
Coming if something appear