gnuviech/gvasalt
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Improve salt setup

Browse source 
This commit improves the salt setup of the Vagrant box:
- Salt output is reduced to log level warning
- Hosts entries are created for the internal IPs of all planned gva
  component VMs
- .bashrc and a .bash_functions sourced from it are now managed for the
  vagrant user
- the VM name has been changed to gva.local
- recent salt versions do not depend on m2crypto anymore, therefore it
  is now installed before x509certificate functions are called
- the rabbitmq_vhost for gva is now setup before any users are created
  because the previous implementation was broken with recent salt
  versions
- the gnuviechadmin-locale-data-compile step has been simplified because
  Django 1.9's compilemessages takes care of recursive .mo file
  compilation
- pillar data has been separated by role (especially queue permissions
  and credentials)
- salt configuration is now unified with gvaldap
This commit is contained in:
Jan Dittberner 2016-01-29 18:34:40 +01:00
parent 6fa4662bfd
commit 8396a0788d
35 changed files with 520 additions and 186 deletions
Download patch file Download diff file Expand all files Collapse all files

9
pillar/gnuviechadmin/database.sls
View file

@ -1,7 +1,8 @@
include:
- gnuviechadmin.database.common
gnuviechadmin-database:
owner:
user: gnuviechadmin
password: k4TG0oWeJ08urz697GVfavjK
gnuviechadmin:
database:
owner:
user: gnuviechadmin
password: k4TG0oWeJ08urz697GVfavjK

9
pillar/gnuviechadmin/database/common.sls
View file

@ -1,4 +1,5 @@
gnuviechadmin-database:
database: gnuviechadmin
hostname: localhost
port: 5432
gnuviechadmin:
database:
name: gnuviechadmin
host: localhost
port: 5432

8
pillar/gnuviechadmin/gvaldap.sls Normal file
View file

@ -0,0 +1,8 @@
include:
- gnuviechadmin.queues.common
- gnuviechadmin.queues.gvaldap
gnuviechadmin:
component:
name: gvaldap
amqp_user: ldap

7
pillar/gnuviechadmin/init.sls
View file

@ -1,21 +1,16 @@
include:
- gnuviechadmin.database
- gnuviechadmin.queues
gnuviechadmin:
deploymenttype: local
mailfrom: admin@gnuviech-server.de
adminemail: admin@gnuviech-server.de
sitename: Gnuviech Customer Self Service
domainname: localhost
virtualenv: /home/vagrant/gva-venv
devinstance: True
minosuid: 10000
minosgid: 10000
osuserprefix: usr
osuserhomedirbase: /home
osuserdefaultshell: /usr/bin/rssh
uploadserver: upload.example.com
uploadserver: gvafile.local
webmail_url: https://webmail.example.com/
phpmyadmin_url: https://phpmyadmin.example.com/
phppgadmin_url: https://phppgadmin.example.com/

139
pillar/gnuviechadmin/queues.sls
View file

@ -1,62 +1,77 @@
gnuviechadmin-queues:
vhost: /gnuviechadmin
owner:
user: gnuviechadmin
password: WxyKeo7Xunhwv29C
users:
cli:
password: bUQ4QEB8yQEfsB0i
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
quotajob:
password: TaNoj2H3ZNDIz1rt
perms:
'/gnuviechadmin':
- '^quotatool$'
- '^quotatool$'
- '^quotatool|amq.default$'
tags:
ldap:
password: tl0ALc4aQBAl0W2e
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
file:
password: StR6EgMjLyNGP1F8
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
mysql:
password: Bhruvz8Oe9rXxRc7
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
pgsql:
password: rWOawAtb7MEmGZo3
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
web:
password: 1fBXqCu175rU7SWA
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
include:
- gnuviechadmin.queues.common
- gnuviechadmin.queues.gvaldap
- gnuviechadmin.queues.gvafile
- gnuviechadmin.queues.cli
- gnuviechadmin.queues.gva
- gnuviechadmin.queues.gvamysql
- gnuviechadmin.queues.gvapgsql
- gnuviechadmin.queues.gvaweb
gnuviechadmin:
queues:
users:
ldap:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
file:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
gva:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
mysql:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
pgsql:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
web:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
cli:
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
quotajob:
perms:
'/gnuviechadmin':
- '^quotatool$'
- '^quotatool$'
- '^quotatool|amq.default$'
tags:
admin:
password: MmE3Iwylj8Sgy46Z
perms:
'/gnuviechadmin':
- '.*'
- '.*'
- '.*'
tags:
- administrator

7
pillar/gnuviechadmin/queues/cli.sls Normal file
View file

@ -0,0 +1,7 @@
gnuviechadmin:
queues:
users:
cli:
password: bUQ4QEB8yQEfsB0i
quotajob:
password: TaNoj2H3ZNDIz1rt

3
pillar/gnuviechadmin/queues/common.sls Normal file
View file

@ -0,0 +1,3 @@
gnuviechadmin:
queues:
vhost: /gnuviechadmin

5
pillar/gnuviechadmin/queues/gva.sls Normal file
View file

@ -0,0 +1,5 @@
gnuviechadmin:
queues:
users:
gva:
password: Y5KmkIou7o8J9jV5

5
pillar/gnuviechadmin/queues/gvafile.sls Normal file
View file

@ -0,0 +1,5 @@
gnuviechadmin:
queues:
users:
file:
password: StR6EgMjLyNGP1F8

5
pillar/gnuviechadmin/queues/gvaldap.sls Normal file
View file

@ -0,0 +1,5 @@
gnuviechadmin:
queues:
users:
ldap:
password: tl0ALc4aQBAl0W2e

5
pillar/gnuviechadmin/queues/gvamysql.sls Normal file
View file

@ -0,0 +1,5 @@
gnuviechadmin:
queues:
users:
mysql:
password: Bhruvz8Oe9rXxRc7

5
pillar/gnuviechadmin/queues/gvapgsql.sls Normal file
View file

@ -0,0 +1,5 @@
gnuviechadmin:
queues:
users:
pgsql:
password: rWOawAtb7MEmGZo3

5
pillar/gnuviechadmin/queues/gvaweb.sls Normal file
View file

@ -0,0 +1,5 @@
gnuviechadmin:
queues:
users:
web:
password: 1fBXqCu175rU7SWA

9
pillar/gnuviechadmin/webinterface.sls Normal file
View file

@ -0,0 +1,9 @@
include:
- gnuviechadmin.queues.common
- gnuviechadmin.queues.gva
gnuviechadmin:
component:
name: gva
amqp_user: gva
python_module: gnuviechadmin

5
pillar/top.sls
View file

@ -1,3 +1,8 @@
base:
'*':
- gnuviechadmin
{% for role in ('database', 'queues', 'webinterface', 'gvaldap', 'gvafile', 'gvamysql', 'gvapgsql', 'gvaweb') %}
'roles:gnuviechadmin.{{ role }}':
- match: grain
- gnuviechadmin.{{ role }}
{% endfor %}