Initial Commit : original code archive from 2013

Author: CDSRV

.gitignore

@@ -0,0 +1,2 @@
+/.project
+/pki

MASTER/CLEAN.sh

@@ -0,0 +1,9 @@
+#!/bin/env bash
+
+## this will clear out various areas from the master to make it new and squeaky
+echo "PRESS ANY KEY TO CLEAR KEYS AND CACHES"
+read GO
+rm -rf /etc/salt/pki
+rm -rf /var/cache/salt/master
+rm -rf /var/cache/salt/minion
+echo "DONE.."

MASTER/INSTALL.sh

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+# here you are, now that you've cloned the repo
+# cd $THIS_DIRECTORY (really important..)
+
+# to setup a MASTER
+## install package repos and update everything
+./ROOT/root/bin/init-instance.sh
+## install saltmaster + minion with stub configurations
+./ROOT/root/bin/bootstrap-git-develop.sh
+## copy in our configs from this repo, overwrite what packages installed
+./link-configs.sh
+## now we can actually configure things..
+./ROOT/root/bin/configure-git-develop.sh
+
+grep $(dirname $PWD)/MASTER/ROOT/root/bin $HOME/.bash_profile || echo "PATH=\$PATH:$PWD/ROOT/root/bin ; export PATH" >> $HOME/.bash_profile
+
+
+echo "HIT ENTER TO REBOOT"
+read GO
+
+## lets reboot to enable new kernel..
+init 6;exit

MASTER/README.txt

@@ -0,0 +1,60 @@
+## http://docs.saltstack.com/ref/configuration/master.html
+
+## these files go on the master..
+## -- required to bootstrap a master config before any states can be applied 
+
+## this sets up a 'continuous integration' environment 
+## similar to this : http://thiglife.com/2013/08/07/managing-a-saltstack-salt-master-with-git/
+
+INSTRUCTIONS:
+
+1) this is tailored for develpment & testing and..
+-- works only on CENTOS 
+this installer creates links where system directories should be.. a great way to use this is share the folder in virtual box, open the filesystem in your favorite editor on the host, and be able to test changes in realtime since the system is using configs which are actually on the host system
+this works just as well with a local or remote git repo
+
+
+cd (here)
+sudo -i (etc, become root)
+./INSTALL.sh
+
+the installer will reboot your VM and then...
+
+2) when you login again, things will be in the custom python environment. in this case, because its installed as "root", thats the account that will get the custom bash environment to initialize the custom python environment.. 
+
+salt will be installed but not running.
+it will be reading config files from *this repo* 
+
+open up a few windows and startup master and/or minion processes as needed
+
+# to put in the background as a daemon, logging normally (as configured)
+> salt-master -d
+> salt-minion -d
+
+# to run in the foreground in debug mode
+> salt-master -l debug
+> salt-minion -l debug
+
+#make sure to accept the master as a minion of itself!
+
+> salt-key -A
+
+you'll see files created in /etc/salt/pki and /var/cache/salt
+
+3) use salt on the commandline or via web interface running at https://$HOSTNAME:8080
+the web interface will authenticate any local user, but this package installs a custom user
+
+login with these credentials:
+
+user: saltrunner
+pass: halite 
+
+## NOTE:
+this repo depends on numerous resources on the network.. sometimes github is slow to respond. if the installer hangs up, just hit control-C and start it again.
+not much support is built in for 'upgrading' everything automatically, so you'll need to do that selectively for each component
+everything gets installed at /usr/local/src
+
+..
+.
+:wq!
+:)

MASTER/ROOT/README.txt

@@ -0,0 +1 @@
+## these files go on the master..

MASTER/ROOT/etc/salt/.gitignore

@@ -0,0 +1 @@
+/pki

MASTER/ROOT/etc/salt/cloud.profiles.d/CUSTOMER-SERVICE-ENV-profile.conf

@@ -0,0 +1,6 @@
+$INSTANCE_PROFILE_NAME:
+    provider: $PROVIDER_NAME
+    size: $FLAVOR_NAME
+    image: $IMAGE_NAME
+    ssh_password: $IMAGE_ROOT_PASSWORD
+## this will need to be modified to match whatever specific images and flavor(size definitions) are present

MASTER/ROOT/etc/salt/cloud.providers.d/CUSTOMER-SERVICE-ENV-USERNAME-TENANT-provider.conf

@@ -0,0 +1,25 @@
+$PROVIDER_NAME:
+  # Set the location of the salt-master
+  #
+  minion:
+    master: $SALTMASTER_IP_OR_FQDN
+
+  identity_url: '$OS_AUTH_URL'
+  protocol: ipv4
+
+  compute_region: $NOVA_REGION_NAME
+  compute_name : nova
+  service_type : compute
+
+  user: '$NOVA_USERNAME'
+  password: '$NOVA_PASSWD'
+  
+  tenant: '$NOVA_PROJECT_ID'
+  
+  provider: openstack
+  
+  ssh_key_name: $KEYPAIR_NAME
+  ## the keypair name which has already been uploaded into the account/project
+  ssh_key_file: $KEYCHAIN_DIR/$KEYPAIR_NAME-$PRIVATE_KEY
+  ## eg, you'll need the private key local to the saltmaster since it needs this to login
+  

MASTER/ROOT/etc/salt/master

@@ -0,0 +1,195 @@
+##### Primary configuration settings #####
+##########################################
+# This configuration file is used to manage the behavior of the Salt Master
+# Values that are commented out but have no space after the comment are
+# defaults that need not be set in the config. If there is a space after the
+# comment that the value is presented as an example and is not the default.
+
+# Per default, the master will automatically include all config files
+# from master.d/*.conf (master.d is a directory in the same directory
+# as the main master config file)
+#default_include: master.d/*.conf
+
+# The address of the interface to bind to
+# interface: 192.168.0.10
+
+# Whether the master should listen for IPv6 connections. If this is set to True,
+# the interface option must be adjusted too (for example: "interface: '::'")
+ipv6: False
+
+# The tcp port used by the publisher
+#publish_port: 4505
+
+# The user to run the salt-master as. Salt will update all permissions to
+# allow the specified user to run the master. If the modified files cause
+# conflicts set verify_env to False.
+#user: root
+
+# Max open files
+# Each minion connecting to the master uses AT LEAST one file descriptor, the
+# master subscription connection. If enough minions connect you might start
+# seeing on the console(and then salt-master crashes):
+#   Too many open files (tcp_listener.cpp:335)
+#   Aborted (core dumped)
+#
+# By default this value will be the one of `ulimit -Hn`, ie, the hard limit for
+# max open files.
+#
+# If you wish to set a different value than the default one, uncomment and
+# configure this setting. Remember that this value CANNOT be higher than the
+# hard limit. Raising the hard limit depends on your OS and/or distribution,
+# a good way to find the limit is to search the internet for(for example):
+#   raise max open files hard limit debian
+#
+#max_open_files: 100000
+
+# The number of worker threads to start, these threads are used to manage
+# return calls made from minions to the master, if the master seems to be
+# running slowly, increase the number of threads
+#worker_threads: 5
+
+# The port used by the communication interface. The ret (return) port is the
+# interface used for the file server, authentication, job returnes, etc.
+#ret_port: 4506
+
+# Specify the location of the daemon process ID file
+#pidfile: /var/run/salt-master.pid
+
+# The root directory prepended to these options: pki_dir, cachedir,
+# sock_dir, log_file, autosign_file, extension_modules, key_logfile, pidfile.
+#root_dir: /
+
+# Directory used to store public key data
+#pki_dir: /etc/salt/pki/master
+
+# Directory to store job and cache data
+#cachedir: /var/cache/salt/master
+
+# Verify and set permissions on configuration directories at startup
+#verify_env: True
+
+# Set the number of hours to keep old job information in the job cache
+#keep_jobs: 24
+
+# Set the default timeout for the salt command and api, the default is 5
+# seconds
+#timeout: 5
+
+# The loop_interval option controls the seconds for the master's maintinance
+# process check cycle. This process updates file server backends, cleans the
+# job cache and executes the scheduler.
+#loop_interval: 60
+
+# Set the default outputter used by the salt command. The default is "nested"
+#output: nested
+
+# By default output is colored, to disable colored output set the color value
+# to False
+#color: True
+
+# Set the directory used to hold unix sockets
+#sock_dir: /var/run/salt/master
+
+# The master maintains a job cache, while this is a great addition it can be
+# a burden on the master for larger deployments (over 5000 minions).
+# Disabling the job cache will make previously executed jobs unavailable to
+# the jobs system and is not generally recommended.
+#
+#job_cache: True
+
+# Cache minion grains and pillar data in the cachedir.
+#minion_data_cache: True
+
+## << break this into separate included config
+## << use this for creating a tree of projects, each with syndic/pillar/node, etc
+# The master can include configuration from other files. To enable this,
+# pass a list of paths to this option. The paths can be either relative or
+# absolute; if relative, they are considered to be relative to the directory
+# the main master configuration file lives in (this file). Paths can make use
+# of shell-style globbing. If no files are matched by a path passed to this
+# option then the master will log a warning message.
+#
+#
+# Include a config file from some other path:
+# include: /etc/salt/extra_config
+#
+# Include config from several files and directories:
+# include:
+#   - /etc/salt/extra_config
+
+
+#####        Security settings       #####
+##########################################
+# Enable "open mode", this mode still maintains encryption, but turns off
+# authentication, this is only intended for highly secure environments or for
+# the situation where your keys end up in a bad state. If you run in open mode
+# you do so at your own risk!
+#open_mode: False
+
+# Enable auto_accept, this setting will automatically accept all incoming
+# public keys from the minions. Note that this is insecure.
+#auto_accept: False
+
+# If the autosign_file is specified only incoming keys specified in
+# the autosign_file will be automatically accepted. This is insecure.
+# Regular expressions as well as globing lines are supported.
+#autosign_file: /etc/salt/autosign.conf
+
+# Enable permissive access to the salt keys.  This allows you to run the
+# master or minion as root, but have a non-root group be given access to
+# your pki_dir.  To make the access explicit, root must belong to the group
+# you've given access to.  This is potentially quite insecure.
+# If an autosign_file is specified, enabling permissive_pki_access will allow group access
+# to that specific file.
+#permissive_pki_access: False
+
+# Allow users on the master access to execute specific commands on minions.
+# This setting should be treated with care since it opens up execution
+# capabilities to non root users. By default this capability is completely
+# disabled.
+#
+# client_acl:
+#   larry:
+#     - test.ping
+#     - network.*
+#
+
+# Blacklist any of the following users or modules
+#
+# This example would blacklist all non sudo users, including root from
+# running any commands. It would also blacklist any use of the "cmd"
+# module.
+# This is completely disabled by default.
+#
+# client_acl_blacklist:
+#   users:
+#     - root
+#     - '^(?!sudo_).*$'   #  all non sudo users
+#   modules:
+#     - cmd
+
+# The external auth system uses the Salt auth modules to authenticate and
+# validate users to access areas of the Salt system.
+#
+# external_auth:
+#   pam:
+#     fred:
+#       - test.*
+#
+
+# Time (in seconds) for a newly generated token to live. Default: 12 hours
+# token_expire: 43200
+
+
+#####    Master Module Management    #####
+##########################################
+# Manage how master side modules are loaded
+
+# Add any additional locations to look for master runners
+#runner_dirs: []
+
+# Enable Cython for master side modules
+#cython_enable: False
+
+### all other configs are in ./master.d/*.conf
+###