Skip to content
Snippets Groups Projects
Commit a37ddcaa authored by Dennis Ahrens's avatar Dennis Ahrens
Browse files

Include apt proxy, sources.list and salt.list

parent bed76d4c
No related branches found
No related tags found
No related merge requests found
# hshbase
Basic server configuration, used for all unix based servers at HsH.
Basic server configuration used for most unix based servers at HsH.
## States
......@@ -8,3 +8,31 @@ Basic server configuration, used for all unix based servers at HsH.
* iptables
* locale
* open-vm-tools
## Configuration
The states of this formula should be configurable using one central pillar
for all configurations. Have a look at pillar.example for details.
## Development
**All features should be as configurable as necessary.
Keep it simple, stupid ([KISS](https://de.wikipedia.org/wiki/KISS-Prinzip)).**
Working on this formula requires virtualbox and vagrant installed.
It comes with an vagrant box you can instantly set up to get a machine where all states will apply against.
```bash
git clone ssh://git@lab.it.hs-hannover.de:2222/salt/hshbase-formula.git
cd hshbase-formula
vagrant up
vagrant ssh
sudo salt-call state.highstate
```
### Default values when developing the formula
If you introduce a new feature and want to make it configurable you might need
default values. Just add them to defauls.yaml and they are magically available.
Consult map.jinja for details on this topic.
{% from "hshbase/map.jinja" import config with context %}
{% set proxy_address = {{ config.apt.proxy_address | default('http://apt-proxy.it.hs-hannover.de:8080') }} %}
{% if grains['os'] == 'FreeBSD' %}
hsh_freebsd_apt_proxy_folder:
file.directory:
- name: /usr/local/etc/pkg/repos
- makedirs: True
- mode: 755
- user: root
- group: wheel
hsh_freebsd_apt_proxy:
file.managed:
- name: /usr/local/etc/pkg/repos/FreeBSD.conf
- contents: 'FreeBSD { url: "pkg+http://apt-proxy.it.hs-hannover.de:8080/pkg.FreeBSD.org/${ABI}/latest" }'
- mode: 644
- user: root
- group: wheel
{% elif grains['os'] == 'Debian' or grains['os'] == 'Ubuntu' %}
foobar_test:
cmd.run:
- name: echo "{{ config.apt.proxy_address }}"
# hsh_debian_apt_proxy:
# file.managed:
# - name: /etc/apt/apt.conf.d/02proxy
# - contents: 'Acquire::http { Proxy "http://apt-proxy.it.hs-hannover.de:8080"; };'
# - mode: 644
# - user: root
# - group: root
{% endif %}
{% from "hshbase/map.jinja" import hshbase with context %}
{% set oscodename = grains['oscodename'] %}
include:
- .proxy
# control /apt/sources.list and apt.sources.list.d on ubuntu and debian
{% if grains['os'] == 'Debian' and grains['oscodename'] in ['squeeze', 'wheezy', 'jessie']
or grains['os'] == 'Ubuntu' and grains['oscodename'] in ['trusty'] %}
hsh_apt_sources_list:
file.managed:
- name: /etc/apt/sources.list
- source: salt://hahbase/apt/sources.tpl
- template: jinja
- mode: 644
- user: root
- group: root
{% if grains['os'] == 'Debian' and oscodename == 'jessie' %}
hsh_apt_sources_d_salt_jessie:
pkgrepo.managed:
- humanname: deb-salt
- name: deb http://repo.saltstack.com/apt/debian/latest {{ oscodename }} main
- file: /etc/apt/sources.list.d/salt.list
- gpgcheck: 1
- key_url: salt://apt-sources/SALTSTACK-GPG-KEY.pub
{% endif %}
{% if grains['os'] == 'Debian' and oscodename != 'jessie' %}
hsh_apt_sources_d_salt_not_jessie:
file.managed:
- name: /etc/apt/sources.list.d/salt.list
- source: salt://hshbase/apt/sources.tpl.d/salt.tpl
- template: jinja
- mode: 644
- user: root
- group: root
{% endif %}
{% endif %}
{% from "hshbase/map.jinja" import hshbase with context %}
{% if hshbase.apt.proxy %}
{% if grains['os'] == 'FreeBSD' %}
hsh_freebsd_apt_proxy_folder:
file.directory:
- name: /usr/local/etc/pkg/repos
- makedirs: True
- mode: 755
- user: root
- group: wheel
hsh_freebsd_apt_proxy:
file.managed:
- name: /usr/local/etc/pkg/repos/FreeBSD.conf
- contents: 'FreeBSD { url: "pkg+{{ hshbase.apt.proxy_address }}/${ABI}/latest" }'
- mode: 644
- user: root
- group: wheel
{% elif grains['os'] == 'Debian' or grains['os'] == 'Ubuntu' %}
hsh_debian_apt_proxy:
file.managed:
- name: /etc/apt/apt.conf.d/02proxy
- contents: 'Acquire::http { Proxy "{{ hshbase.apt.proxy_address }}"; };'
- mode: 644
- user: root
- group: root
{% endif %}
{% endif %}
{% set os = grains['os'] -%}
{% set oscodename = grains['oscodename'] -%}
# This file is managed by salt!
# If you want to add or modify sources, please use salt!
# Generated for:
# OS: {{ os }}
# Codename: {{ oscodename }}
{% if os == 'Debian' -%}
deb http://ftp.de.debian.org/debian {{ oscodename }} main non-free
deb-src http://ftp.de.debian.org/debian {{ oscodename }} main non-free
deb http://security.debian.org/ {{ oscodename }}/updates main
deb-src http://security.debian.org/ {{ oscodename }}/updates main
deb http://ftp.de.debian.org/debian/ {{ oscodename }}-updates main
deb-src http://ftp.de.debian.org/debian/ {{ oscodename }}-updates main
{% if oscodename == 'squeeze' %}
# Make sure this gets updated! - see dates here: https://wiki.debian.org/LTS/
# LTS for squeeze only until 02/2016
# See https://www.debian.org/News/2014/20140424
deb http://ftp.de.debian.org/debian {{ oscodename }}-lts main non-free
deb-src http://ftp.de.debian.org/debian {{ oscodename }}-lts main non-free
{% endif %}
{% elif os == 'Ubuntu' %}
{% if oscodename == 'trusty' %}
deb http://de.archive.ubuntu.com/ubuntu/ trusty main restricted
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty main restricted
deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates main restricted
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates main restricted
deb http://de.archive.ubuntu.com/ubuntu/ trusty universe
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty universe
deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates universe
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates universe
deb http://de.archive.ubuntu.com/ubuntu/ trusty multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty multiverse
deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates multiverse
deb http://de.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu trusty-security main restricted
deb-src http://security.ubuntu.com/ubuntu trusty-security main restricted
deb http://security.ubuntu.com/ubuntu trusty-security universe
deb-src http://security.ubuntu.com/ubuntu trusty-security universe
deb http://security.ubuntu.com/ubuntu trusty-security multiverse
deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse
{% endif %}
{% else %}
# Something went wrong - apt-sources not ready BUT CONFIGURED (init.sls) for this!
{% endif %}
# End of file.
{% set os = grains['os'] -%}
{% set oscodename = grains['oscodename'] -%}
{% if os == 'Debian' %}
deb http://debian.saltstack.com/debian {{ oscodename }}-saltstack main
{% endif %}
{% from "hshbase/map.jinja" import hshbase with context %}
# Include all submodules by default.
include:
- hshbase.apt
echo "hshbase is under construction":
echo "hshbase is under construction look at the issue tracker!":
cmd.run
{% set base_config = salt['pillar.get']('hshbase') %}
{% import_yaml 'hshbase/defaults.yaml' as default_config %}
{% import_yaml 'hshbase/defaults.yaml' as defaults %}
{% do default_config.update(base_config) %}
{% set lookup = salt['pillar.get']('hshbase',
default=defaults.hshbase,
merge=True) %}
{% set config = default_config %}
{% set hshbase = salt['pillar.get']('hshbase', default=lookup, merge=True) %}
hshbase:
apt:
proxy: True
proxy: True # if you do not want to to use apt-proxy: set to False
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment