Streamline base state extract vagrant specifics

- manage all wanted apt repositories
- move vagrant specific stuff to vagrant state
- use better password for slapd
master
Jan Dittberner 3 years ago
parent c4dcf12a0a
commit 738107b523
  1. 1
      .gitignore
  2. 103
      states/base/init.sls
  3. 1
      states/base/sudonopasswd
  4. 2
      states/gnuviechadmin/gvaldap/create_base_ldap_objects.sh
  5. 4
      states/ldapserver/init.sls
  6. 0
      states/vagrant/bashrc
  7. 24
      states/vagrant/init.sls
  8. 0
      states/vagrant/vimrc
  9. 7
      states/vim/init.sls

1
.gitignore vendored

@ -1 +1,2 @@
.*.swp
.idea/

@ -1,15 +1,87 @@
base:
deb http://httpredir.debian.org/debian {{ salt['grains.get']('oscodename', 'buster') }} main:
pkgrepo.absent
debian-repo:
pkgrepo.managed:
- name: deb http://httpredir.debian.org/debian jessie-backports main
- humanname: Debian
- name: deb http://deb.debian.org/debian/ {{ salt['grains.get']('oscodename', 'buster') }} main
- file: /etc/apt/sources.list
debian-updates-repo:
pkgrepo.managed:
- humanname: Debian updates
- name: deb http://deb.debian.org/debian/ {{ salt['grains.get']('oscodename', 'buster') }}-updates main
- file: /etc/apt/sources.list
debian-security-repo:
pkgrepo.managed:
- humanname: Debian security
- name: deb http://security.debian.org/ {{ salt['grains.get']('oscodename', 'buster') }}/updates main
- file: /etc/apt/sources.list
backports-repo:
pkgrepo.managed:
- humanname: Debian backports
- name: deb http://deb.debian.org/debian/ {{ salt['grains.get']('oscodename', 'buster') }}-backports main
- file: /etc/apt/sources.list.d/backports.list
base-packages:
salt-repo:
pkgrepo.managed:
- humanname: Saltstack Repository
- name: deb https://repo.saltstack.com/py3/debian/{{ salt['grains.get']('osmajorrelease') }}/amd64/latest {{ salt['grains.get']('oscodename', 'buster') }} main
- dist: {{ salt['grains.get']('oscodename', 'buster') }}
- file: /etc/apt/sources.list.d/saltstack.list
- key_url: https://repo.saltstack.com/py3/debian/{{ salt['grains.get']('osmajorrelease') }}/amd64/latest/SALTSTACK-GPG-KEY.pub
/etc/apt/apt.conf.d/02norecommends:
file.managed:
- user: root
- group: root
- mode: 0644
- contents: 'Apt::Install-Recommends "false";'
/etc/apt/apt.conf.d/03translations:
file.managed:
- user: root
- group: root
- mode: 0644
- contents: 'Acquire::Languages "none";'
/etc/apt/apt.conf.d/04compression:
file.managed:
- user: root
- group: root
- mode: 0644
- contents: 'Acquire::CompressionTypes::Order {"xz"; "gz"; "bz2"; "uncompressed"};'
base:
pkg.installed:
- pkgs:
- screen
- htop
- apt-transport-https
- bash-completion
- bsdmainutils
- ca-certificates
- debconf-utils
- etckeeper
- git
- less
- locales-all
- lsb-release
- tmux
- virt-what
sudo:
pkg.installed
/etc/sudoers.d/sudonopasswd:
file:
- managed
- mode: 0440
- user: root
- group: root
- source: salt://base/sudonopasswd
- require:
- pkg: sudo
/etc/salt/grains:
file.managed:
@ -18,26 +90,9 @@ base-packages:
- mode: 0600
- replace: False
/home/vagrant/.screenrc:
file.managed:
- user: vagrant
- group: vagrant
- mode: 0644
- source: salt://base/screenrc
nano:
pkg.purged
update-system:
pkg.uptodate:
- refresh: True
/home/vagrant/bin:
file.directory:
- user: vagrant
- group: vagrant
- mode: 0750
/home/vagrant/.bashrc:
file.managed:
- user: vagrant
- group: vagrant
- mode: 0644
- source: salt://base/bashrc

@ -0,0 +1 @@
%sudo ALL=(ALL:ALL) NOPASSWD: ALL

@ -48,7 +48,7 @@ olcAccess: {4}to *
EOD
# add OUs, groups and ldapadmin user
ldapmodify -v -H {{ salt['pillar.get']('gnuviechadmin:ldap_url') }} -x -D "cn=admin,{{ base_dn }}" -w '{{ salt["grains.get_or_set_hash"]("slapd.password") }}' <<EOD
ldapmodify -v -H {{ salt['pillar.get']('gnuviechadmin:ldap_url') }} -x -D "cn=admin,{{ base_dn }}" -w '{{ salt["grains.get_or_set_hash"]("slapd:password", 16) }}' <<EOD
dn: ou={{ ldap_users_ou }},{{ base_dn }}
changetype: add
objectClass: top

@ -3,8 +3,8 @@ ldapserver-packages:
- name: slapd
- data:
'slapd/domain': {'type': 'string', 'value': '{{ salt["pillar.get"]("gnuviechadmin:ldap_domain") }}'}
'slapd/password1': {'type': 'string', 'value': '{{ salt["grains.get_or_set_hash"]("slapd.password") }}'}
'slapd/password2': {'type': 'string', 'value': '{{ salt["grains.get_or_set_hash"]("slapd.password") }}'}
'slapd/password1': {'type': 'string', 'value': '{{ salt["grains.get_or_set_hash"]("slapd:password", 16) }}'}
'slapd/password2': {'type': 'string', 'value': '{{ salt["grains.get_or_set_hash"]("slapd:password", 16) }}'}
pkg.installed:
- pkgs:
- ldap-utils

@ -0,0 +1,24 @@
include:
- vim
/home/vagrant/bin:
file.directory:
- user: vagrant
- group: vagrant
- mode: 0750
/home/vagrant/.bashrc:
file.managed:
- user: vagrant
- group: vagrant
- mode: 0644
- source: salt://vagrant/bashrc
/home/vagrant/.vimrc:
file.managed:
- user: vagrant
- group: vagrant
- mode: 0644
- source: salt://vagrant/vimrc
- require:
- pkg: vim-nox

@ -6,10 +6,3 @@ editor:
- path: /usr/bin/vim.nox
- require:
- pkg: vim-nox
/home/vagrant/.vimrc:
file.managed:
- user: vagrant
- group: vagrant
- mode: 0644
- source: salt://vim/vimrc

Loading…
Cancel
Save