Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
ntp
 
 
 
 
 
 
pam
 
 
 
 
 
 
 
 
ssh
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
xen
 
 
 
 
 
 
 
 

README.md

Salt states for uggedal.com. Developed for Arch Linux, but most states can easily be generalized.

Expected Pillar data

Private data is stored in pillar. Some of these states expect pillar data in a specific structure.

cron

# List of cron jobs:
cron_jobs:
  - cmd: /usr/local/venv/viva/bin/ctl sendnews
    user: http
    minute: '*/5'

iptables

# List of TCP ports to open for all:
accept_tcp_ports:
  - 80
  - 443

# List of TCP ports to open for specific sources:
accept_tcp_from:
  - port: 4505
    source:
      - 10.0.50.4
      - 10.0.50.28

# List of TCP ports to rate-limit (max 3 hits within 30 seconds):
limit_tcp_ports:
  - 22

netctl

# netctl wired/wireless profiles:
netctl_profiles:
  - name: wired
    connection: ethernet
    interface: eth0
  - name: home
    essid: myhomenet
    key_mgmt: WPA-PSK
    psk: thepresharedkey
  - name: work
    security: wpa-configsection
    essid: worknet
    key_mgmt: WPA-EAP
    eap: PEAP
    identity: 'My Name'
    password: myworkpassword
  - name: conference
    essid: confnet
  - name: openwithauth
    essid: opennet
    post_up: "curl -ksd 'u=me&p=qwer' https://open.tld >/dev/null"

nginx

# List of nginx sites (static and/or proxied over uwsgi or http protocol):
nginx_sites:
  - fqdn: mysite.com
    aliases:
      - www.mysite.com
    default: true
    root: /srv/http/mysite
    uwsgi: true
    upstreams: ["unix:/var/run/uwsgi/mysite.sock"]
    static_prefix: /static

pacman

# Extra pacman repos:
pacman_extra_repos:
  - name: myprivaterepo
    url: http://my.private.repo.com

postgresql

# List of postgresql databases:
postgresql_databases:
  - bravann
  - viva

ssh

# List of users allowed to log in with ssh:
allowed_users:
  - myunprivilegeduser

tarsnap

# List of cmds to run and take backup of with tarsnap:
tarsnap_backup_cmds:
  - /usr/local/venv/mysite/bin/manage backup > all.json

# List of paths to take backup of with tarsnap:
tarsnap_backup_paths:
  - /etc
  - /srv/http/mysite/static/uploads

users

# List of unprivileged users:
users:
  myuser:
    group: users
    uid: 3000
    gid: 100
    fullname: My User
    ssh_auth:
      key: verylongkeyhere
      comment: my@user.com

# List of groups all unprivileged users should be member of:
unprivileged_groups:
  - adm
# Whether to allow passwords for all unprivileged users:
unprivileged_keep_password: true

# Shell for all unprivileged users:
unprivileged_shell: /usr/bin/fish

uwsgi

# List of uwsgi instances:
uwsgi_services:
  - name: mysite
    module: "mysite:app"
    processes: 4
  - name: myothersite
    module: myothersite
    django: true
    idle: true
    processes: 1

About

Salt states

Resources

Releases

No releases published

Packages

No packages published
You can’t perform that action at this time.