Private data is stored in pillar. Some of these states expect pillar data in a specific structure.
# List of cron jobs: cron_jobs: - cmd: /usr/local/venv/viva/bin/ctl sendnews user: http minute: '*/5'
# List of TCP ports to open for all: accept_tcp_ports: - 80 - 443 # List of TCP ports to open for specific sources: accept_tcp_from: - port: 4505 source: - 10.0.50.4 - 10.0.50.28 # List of TCP ports to rate-limit (max 3 hits within 30 seconds): limit_tcp_ports: - 22
# netctl wired/wireless profiles: netctl_profiles: - name: wired connection: ethernet interface: eth0 - name: home essid: myhomenet key_mgmt: WPA-PSK psk: thepresharedkey - name: work security: wpa-configsection essid: worknet key_mgmt: WPA-EAP eap: PEAP identity: 'My Name' password: myworkpassword - name: conference essid: confnet - name: openwithauth essid: opennet post_up: "curl -ksd 'u=me&p=qwer' https://open.tld >/dev/null"
# List of nginx sites (static and/or proxied over uwsgi or http protocol): nginx_sites: - fqdn: mysite.com aliases: - www.mysite.com default: true root: /srv/http/mysite uwsgi: true upstreams: ["unix:/var/run/uwsgi/mysite.sock"] static_prefix: /static
# Extra pacman repos: pacman_extra_repos: - name: myprivaterepo url: http://my.private.repo.com
# List of postgresql databases: postgresql_databases: - bravann - viva
# List of users allowed to log in with ssh: allowed_users: - myunprivilegeduser
# List of cmds to run and take backup of with tarsnap: tarsnap_backup_cmds: - /usr/local/venv/mysite/bin/manage backup > all.json # List of paths to take backup of with tarsnap: tarsnap_backup_paths: - /etc - /srv/http/mysite/static/uploads
# List of unprivileged users: users: myuser: group: users uid: 3000 gid: 100 fullname: My User ssh_auth: key: verylongkeyhere comment: email@example.com # List of groups all unprivileged users should be member of: unprivileged_groups: - adm # Whether to allow passwords for all unprivileged users: unprivileged_keep_password: true # Shell for all unprivileged users: unprivileged_shell: /usr/bin/fish
# List of uwsgi instances: uwsgi_services: - name: mysite module: "mysite:app" processes: 4 - name: myothersite module: myothersite django: true idle: true processes: 1