salt-master_3006.8_config

1. master_id: master-MasterOfMaster
2. default_include: master.d/*.conf
3. ipv6: True
4. interface: '::'
5. pki_dir: /etc/salt/pki/master
6. timeout: 600
7. state_events: True
8. worker_threads: 20
9. token_expire: 86400
10. keep_jobs_seconds: 259200
11. max_event_size: 5000000
12. backend: requests
13. show_jid: True
14. module_dirs:
15. - /etc/salt/_modules
16. netapi_enable_clients:
17. - local
18. - local_async
19. - runner
20. docker.exec_driver: docker-exec
21. redis.host: '::1'
22. redis.port: 6379
23. redis.db: 0
24. pillarenv_from_saltenv: True
25. cli_summary: True
26.  
27. ## master.d/*
28.  
29. rest_cherrypy:
30. host: '127.0.0.1'
31. port: 8000
32. disable_ssl: True
33. webhook_disable_auth: True
34. webhook_url: /hook
35. rest_timeout: 300
36. engines:
37. - logging_gelf:
38. host: logs.domain.net
39. port: 12201
40. external_auth:
41. ldap:
42. jenkins-bot:
43. - '*':
44. - docker.restart
45. - dcom_publish.main
46. - mine.flush
47. - mine.update
48. - saltutil.refresh_pillar
49. - saltutil.sync_modules
50. - schedule.reload
51. - state.apply
52. - '@jobs'
53. - '@wheel'
54. - '@runners'
55. 'salt-dcom%':
56. - '.*':
57. - dcom_get_vtoken.main
58. - dcom_add_temp_tokens.main
59. 'salt-admin%':
60. - '.*'
61. - '@jobs'
62. - '@wheel'
63. - '@runners'
64. file_roots:
65. base:
66. - /etc/salt
67. - /etc/salt/repos
68. - /etc/salt/prod/states
69. - /etc/salt/templates
70. __env__:
71. - /etc/salt
72. - /etc/salt/repos
73. - /etc/salt/__env__/states
74. - /etc/salt/templates
75. auth.ldap.server: 127.0.0.1
76. auth.ldap.port: 389
77. auth.ldap.tls: False
78. auth.ldap.starttls: False
79. auth.ldap.scope: 2
80. auth.ldap.basedn: dc=domain,dc=net
81. auth.ldap.binddn: uid={{username}},ou=people,dc=domain,dc=net
82. auth.ldap.filter: uid={{ username }}
83. auth.ldap.no_verify: True
84. auth.ldap.anonymous: False
85. auth.ldap.auth_by_group_membership_only: False
86. auth.ldap.groupou: 'group'
87. auth.ldap.groupclass: 'posixGroup'
88. auth.ldap.groupattribute: 'member'
89. auth.ldap.accountattributename: 'uid'
90. auth.ldap.group_basedn: ou=group,dc=domain,dc=net
91. auth.ldap.group_filter: '(&(member=uid={{username}},ou=people,dc=domain,dc=net)(objectClass=posixGroup))'
92. auth.ldap.activedirectory: False
93. auth.ldap.persontype: 'person'
94. auth.ldap.minion_stripdomains: []
95. auth.ldap.freeipa: True
96. order_masters: True
97. peer_run:
98. '.*':
99. - vault.generate_token
100. pillar_roots:
101. base:
102. - /etc/salt/prod/pillar
103. __env__:
104. - /etc/salt/__env__/pillar
105. publisher_acl:
106. jenkins-bot:
107. - '.*':
108. - dcom_publish.main
109. - mine.flush
110. - mine.update
111. - saltutil.refreah_pillar
112. - saltutil.sync_modules
113. - schedule.reload
114. - state.apply
115. 'salt-dcom%':
116. - '.*':
117. - dcom_get_vtoken.main
118. - dcom_add_temp_tokens.main
119. 'salt-admin%':
120. - '.*'
121. reactor:
122. - 'salt/beacon/*/service/*':
123. - salt://reactor/service.sls
124. - 'salt/netapi/hook/cli_msg/*':
125. - salt://reactor/cli_message.sls
126. - 'salt/beacon/*/inotify//etc/salt/minion':
127. - salt://reactor/inotify.sls
128. - 'salt/minion/*/start':
129. - salt://reactor/sync_grains.sls
130. - salt://reactor/sync_modules.sls
131. - 'salt/engines/docker_events/die':
132. - salt://reactor/authelia_failover.sls
133. - 'salt/engines/docker_events/start':
134. - salt://reactor/authelia_failover.sls
135. osenv:
136. driver: env
137. vault:
138. url: sdb://osenv/VAULT_URL
139. verify: /etc/salt/repos/domain.net/certs/domain.net.ca-bundle
140. auth:
141. method: approle
142. role_id: sdb://osenv/VAULT_ROLE_ID
143. secret_id: sdb://osenv/VAULT_SECRET_ID
144. policies:
145. - agent_docker-salt
146.