gva/salt/bootstrap.sh
Jan Dittberner 108f0e85bf Protect /etc/salt/grains
Make sure that the permissions of /etc/salt/grains only allow access for the
root user.
2016-09-25 17:27:42 +02:00

41 lines
1.1 KiB
Bash
Executable file

#!/bin/sh -
echo "deb http://httpredir.debian.org/debian jessie-backports main" >/etc/apt/sources.list.d/backports.list
apt-get update
apt-get install -y -t jessie-backports python-cryptography
# We just download the bootstrap script by default and execute that.
if [ -x /usr/bin/fetch ]; then
/usr/bin/fetch -o - https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | sh -s -- "$@"
elif [ -x /usr/bin/curl ]; then
/usr/bin/curl -L https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | sh -s -- "$@"
else
python \
-c 'import urllib; print urllib.urlopen("https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh").read()' \
| sh -s -- "$@"
fi
cat >/etc/salt/minion <<EOF
file_client: local
file_roots:
base:
- /srv/salt/
pillar_roots:
base:
- /srv/pillar
log_file: file:///dev/log
EOF
umask 077
cat >/etc/salt/grains <<EOF
roles:
- redis-server
- rabbitmq-server
- gnuviechadmin.database
- gnuviechadmin.queues
- gnuviechadmin.webinterface
EOF