tests/pillar/system.sls - salt-formulas/linux - Gitiles

 linux:
   system:
     enabled: true
     cluster: default
     name: linux
     domain: local
     environment: prd
     hostname: system.pillar.local
     apparmor:
       enabled: false
     haveged:
       enabled: true
     prompt:
       default: "linux.ci.local$"
     kernel:
       isolcpu: 1,2,3,4
     motd:
       - warning: |
           #!/bin/sh
           printf "WARNING: This is tcpcloud network.\n"
           printf "  Unauthorized access is strictly prohibited.\n"
           printf "\n"
       - info: |
           #!/bin/sh
           printf -- "--[tcp cloud]---------------------------\n"
           printf " Hostname  |  ${linux:system:name}\n"
           printf " Domain    |  ${linux:system:domain}\n"
           printf " System    |  %s\n" "$(lsb_release -s -d)"
           printf " Kernel    |  %s\n" "$(uname -r)"
           printf -- "----------------------------------------\n"
           printf "\n"
     user:
       root:
         enabled: true
         home: /root
         name: root
       test:
         enabled: true
         name: test
         sudo: true
         uid: 9999
         full_name: Test User
         home: /home/test
         groups:
           - root
       salt_user1:
         enabled: true
         name: saltuser1
         sudo: false
         uid: 9991
         full_name: Salt User1
         home: /home/saltuser1
       salt_user2:
         enabled: true
         name: saltuser2
         sudo: false
         uid: 9992
         full_name: Salt Sudo User2
         home: /home/saltuser2
     group:
       test:
         enabled: true
         name: test
         gid: 9999
         system: true
       db-ops:
         enabled: true
         name: testgroup
       salt-ops:
         enabled: true
         name: sudogroup0
       sudogroup1:
         enabled: true
         name: sudogroup1
       sudogroup2:
         enabled: true
         name: sudogroup2
       sudogroup3:
         enabled: false
         name: sudogroup3
     job:
       test:
         enabled: true
         command: "/bin/sleep 3"
         user: test
         minute: 0
         hour: 13
     package:
       htop:
         version: latest
     repo:
       opencontrail:
         source: "deb http://ppa.launchpad.net/tcpcloud/contrail-3.0/ubuntu xenial main"
         keyid: E79EE90C
         keyserver: keyserver.ubuntu.com
         architectures: amd64
         proxy:
           enabled: true
           https: https://127.0.5.1:443
           #http: http://127.0.5.2:8080
       apt-mk-salt:
         source: "deb http://apt-mk.mirantis.com/xenial stable salt"
         key_url: http://apt-mk.mirantis.com/public.gpg
         architectures: amd64
         proxy:
           enabled: true
       apt-mk-salt-nightly:
         source: "deb http://apt-mk.mirantis.com/xenial nightly salt"
         key_url: http://apt-mk.mirantis.com/public.gpg
         architectures: amd64
         proxy:
           enabled: false
       apt-mk-extra-nightly:
         source: "deb http://apt-mk.mirantis.com/xenial nightly extra"
         key_url: http://apt-mk.mirantis.com/public.gpg
         architectures: amd64
     locale:
       en_US.UTF-8:
         enabled: true
         default: true
       "cs_CZ.UTF-8 UTF-8":
         enabled: true
     autoupdates:
       enabled: true
     sudo:
       enabled: true
       alias:
         runas:
           DBA:
           - postgres
           - mysql
           SALT:
           - root
         host:
           LOCAL:
           - localhost
           PRODUCTION:
           - db1
           - db2
         command:
           SUDO_RESTRICTED_SU:
           - /bin/vi /etc/sudoers
           - /bin/su - root
           - /bin/su -
           - /bin/su
           - /usr/sbin/visudo
           SUDO_SHELLS:
           - /bin/sh
           - /bin/ksh
           - /bin/bash
           - /bin/rbash
           - /bin/dash
           - /bin/zsh
           - /bin/csh
           - /bin/fish
           - /bin/tcsh
           - /usr/bin/login
           - /usr/bin/su
           - /usr/su
           SUDO_SALT_SAFE:
           - /usr/bin/salt state*
           - /usr/bin/salt service*
           - /usr/bin/salt pillar*
           - /usr/bin/salt grains*
           - /usr/bin/salt saltutil*
           - /usr/bin/salt-call state*
           - /usr/bin/salt-call service*
           - /usr/bin/salt-call pillar*
           - /usr/bin/salt-call grains*
           - /usr/bin/salt-call saltutil*
           SUDO_SALT_TRUSTED:
           - /usr/bin/salt*
       users:
         saltuser1: {}
         saltuser2:
           hosts:
           - LOCAL
         # User Alias:
         DBA:
           hosts:
           - ALL
           commands:
           - SUDO_SALT_SAFE
       groups:
         db-ops:
           hosts:
           - ALL
           - '!PRODUCTION'
           runas:
           - DBA
           commands:
           - /bin/cat *
           - /bin/less *
           - /bin/ls *
           - SUDO_SALT_SAFE
           - '!SUDO_SHELLS'
           - '!SUDO_RESTRICTED_SU'
         salt-ops:
           hosts:
           - 'ALL'
           runas:
           - SALT
           commands:
           - SUDO_SALT_TRUSTED
         salt-ops2:
           name: salt-ops
           runas:
           - DBA
           commands:
           - SUDO_SHELLS
         sudogroup1:
           commands:
             - ALL
         sudogroup2:
           commands:
             - ALL
           hosts:
             - localhost
           users:
             - test
           nopasswd: false
         sudogroup3:
           commands:
             - ALL
     env:
       BOB_VARIABLE: Alice
       BOB_PATH:
         - /srv/alice/bin
         - /srv/bob/bin
       HTTPS_PROXY: https://127.0.4.1:443
       http_proxy: http://127.0.4.2:80
       ftp_proxy: ftp://127.0.4.3:2121
       no_proxy:
         - 192.168.0.1
         - 192.168.0.2
         - .saltstack.com
         - .ubuntu.com
         - .mirantis.com
         - .launchpad.net
         - .dummy.net
         - .local
       LANG: C
       LC_ALL: C
     profile:
       vi_flavors.sh: |
         export PAGER=view
         alias vi=vim
       locales: |
         export LANG=en_US
         export LC_ALL=en_US.UTF-8

     # pillar for proxy configuration
     proxy:
       # for package managers
       pkg:
         enabled: true
         https: https://127.0.2.1:4443
         #http: http://127.0.2.2
         ftp: none
       # fallback, system defaults
       https: https://127.0.1.1:443
       #http: http://127.0.1.2
       ftp: ftp://127.0.1.3
       noproxy:
         - host1
         - host2
         - .local

     # pillars for netconsole setup
     netconsole:
       enabled: true
       port: 514
       loglevel: debug
       target:
         192.168.0.1:
           mac: "ff:ff:ff:ff:ff:ff"
           interface: bond0
	linux:
	system:
	enabled: true
	cluster: default
	name: linux
	domain: local
	environment: prd
	hostname: system.pillar.local
	apparmor:
	enabled: false
	haveged:
	enabled: true
	prompt:
	default: "linux.ci.local$"
	kernel:
	isolcpu: 1,2,3,4
	motd:
	- warning: \|
	#!/bin/sh
	printf "WARNING: This is tcpcloud network.\n"
	printf " Unauthorized access is strictly prohibited.\n"
	printf "\n"
	- info: \|
	#!/bin/sh
	printf -- "--[tcp cloud]---------------------------\n"
	printf " Hostname \| ${linux:system:name}\n"
	printf " Domain \| ${linux:system:domain}\n"
	printf " System \| %s\n" "$(lsb_release -s -d)"
	printf " Kernel \| %s\n" "$(uname -r)"
	printf -- "----------------------------------------\n"
	printf "\n"
	user:
	root:
	enabled: true
	home: /root
	name: root
	test:
	enabled: true
	name: test
	sudo: true
	uid: 9999
	full_name: Test User
	home: /home/test
	groups:
	- root
	salt_user1:
	enabled: true
	name: saltuser1
	sudo: false
	uid: 9991
	full_name: Salt User1
	home: /home/saltuser1
	salt_user2:
	enabled: true
	name: saltuser2
	sudo: false
	uid: 9992
	full_name: Salt Sudo User2
	home: /home/saltuser2
	group:
	test:
	enabled: true
	name: test
	gid: 9999
	system: true
	db-ops:
	enabled: true
	name: testgroup
	salt-ops:
	enabled: true
	name: sudogroup0
	sudogroup1:
	enabled: true
	name: sudogroup1
	sudogroup2:
	enabled: true
	name: sudogroup2
	sudogroup3:
	enabled: false
	name: sudogroup3
	job:
	test:
	enabled: true
	command: "/bin/sleep 3"
	user: test
	minute: 0
	hour: 13
	package:
	htop:
	version: latest
	repo:
	opencontrail:
	source: "deb http://ppa.launchpad.net/tcpcloud/contrail-3.0/ubuntu xenial main"
	keyid: E79EE90C
	keyserver: keyserver.ubuntu.com
	architectures: amd64
	proxy:
	enabled: true
	https: https://127.0.5.1:443
	#http: http://127.0.5.2:8080
	apt-mk-salt:
	source: "deb http://apt-mk.mirantis.com/xenial stable salt"
	key_url: http://apt-mk.mirantis.com/public.gpg
	architectures: amd64
	proxy:
	enabled: true
	apt-mk-salt-nightly:
	source: "deb http://apt-mk.mirantis.com/xenial nightly salt"
	key_url: http://apt-mk.mirantis.com/public.gpg
	architectures: amd64
	proxy:
	enabled: false
	apt-mk-extra-nightly:
	source: "deb http://apt-mk.mirantis.com/xenial nightly extra"
	key_url: http://apt-mk.mirantis.com/public.gpg
	architectures: amd64
	locale:
	en_US.UTF-8:
	enabled: true
	default: true
	"cs_CZ.UTF-8 UTF-8":
	enabled: true
	autoupdates:
	enabled: true
	sudo:
	enabled: true
	alias:
	runas:
	DBA:
	- postgres
	- mysql
	SALT:
	- root
	host:
	LOCAL:
	- localhost
	PRODUCTION:
	- db1
	- db2
	command:
	SUDO_RESTRICTED_SU:
	- /bin/vi /etc/sudoers
	- /bin/su - root
	- /bin/su -
	- /bin/su
	- /usr/sbin/visudo
	SUDO_SHELLS:
	- /bin/sh
	- /bin/ksh
	- /bin/bash
	- /bin/rbash
	- /bin/dash
	- /bin/zsh
	- /bin/csh
	- /bin/fish
	- /bin/tcsh
	- /usr/bin/login
	- /usr/bin/su
	- /usr/su
	SUDO_SALT_SAFE:
	- /usr/bin/salt state*
	- /usr/bin/salt service*
	- /usr/bin/salt pillar*
	- /usr/bin/salt grains*
	- /usr/bin/salt saltutil*
	- /usr/bin/salt-call state*
	- /usr/bin/salt-call service*
	- /usr/bin/salt-call pillar*
	- /usr/bin/salt-call grains*
	- /usr/bin/salt-call saltutil*
	SUDO_SALT_TRUSTED:
	- /usr/bin/salt*
	users:
	saltuser1: {}
	saltuser2:
	hosts:
	- LOCAL
	# User Alias:
	DBA:
	hosts:
	- ALL
	commands:
	- SUDO_SALT_SAFE
	groups:
	db-ops:
	hosts:
	- ALL
	- '!PRODUCTION'
	runas:
	- DBA
	commands:
	- /bin/cat *
	- /bin/less *
	- /bin/ls *
	- SUDO_SALT_SAFE
	- '!SUDO_SHELLS'
	- '!SUDO_RESTRICTED_SU'
	salt-ops:
	hosts:
	- 'ALL'
	runas:
	- SALT
	commands:
	- SUDO_SALT_TRUSTED
	salt-ops2:
	name: salt-ops
	runas:
	- DBA
	commands:
	- SUDO_SHELLS
	sudogroup1:
	commands:
	- ALL
	sudogroup2:
	commands:
	- ALL
	hosts:
	- localhost
	users:
	- test
	nopasswd: false
	sudogroup3:
	commands:
	- ALL
	env:
	BOB_VARIABLE: Alice
	BOB_PATH:
	- /srv/alice/bin
	- /srv/bob/bin
	HTTPS_PROXY: https://127.0.4.1:443
	http_proxy: http://127.0.4.2:80
	ftp_proxy: ftp://127.0.4.3:2121
	no_proxy:
	- 192.168.0.1
	- 192.168.0.2
	- .saltstack.com
	- .ubuntu.com
	- .mirantis.com
	- .launchpad.net
	- .dummy.net
	- .local
	LANG: C
	LC_ALL: C
	profile:
	vi_flavors.sh: \|
	export PAGER=view
	alias vi=vim
	locales: \|
	export LANG=en_US
	export LC_ALL=en_US.UTF-8

	# pillar for proxy configuration
	proxy:
	# for package managers
	pkg:
	enabled: true
	https: https://127.0.2.1:4443
	#http: http://127.0.2.2
	ftp: none
	# fallback, system defaults
	https: https://127.0.1.1:443
	#http: http://127.0.1.2
	ftp: ftp://127.0.1.3
	noproxy:
	- host1
	- host2
	- .local

	# pillars for netconsole setup
	netconsole:
	enabled: true
	port: 514
	loglevel: debug
	target:
	192.168.0.1:
	mac: "ff:ff:ff:ff:ff:ff"
	interface: bond0