diff --git a/pillar.example b/pillar.example index c83f31167db0b81d230a399ee932b7ca41dc9b96..26aa9ca15bc5bde67962384fee15513fd8ead751 100644 --- a/pillar.example +++ b/pillar.example @@ -121,12 +121,17 @@ systemd: ## networkd networkd: + fileattr: + br0.network: + user: systemd-network + group: systemd-network + mode: "0600" profiles: network: - # eth0.network - eth0: + # br0.network + br0: - Match: - - Name: eth0 + - Name: br0 - Network: - DHCP: "yes" diff --git a/systemd/defaults.yaml b/systemd/defaults.yaml index 3febe6c96c42ae92e8f05e696728b427951e470a..c49268c41e134268b46f471ad268f3d4609ec4aa 100644 --- a/systemd/defaults.yaml +++ b/systemd/defaults.yaml @@ -19,7 +19,10 @@ systemd: PollIntervalMaxSec: 2048 networkd: + # networkctl reload is available since systemd 244 + networkctl_reload: false pkg: {} + fileattr: {} path: /etc/systemd/network service: systemd-networkd wait_online: true diff --git a/systemd/networkd/profiles.sls b/systemd/networkd/profiles.sls index 478fba7cb63d0d205754894c2b9de446570b4053..225d0e8f6afed41496ba68b796823476768dd38a 100644 --- a/systemd/networkd/profiles.sls +++ b/systemd/networkd/profiles.sls @@ -5,26 +5,42 @@ {%- set networkd = systemd.get('networkd', {}) %} {%- set profiles = networkd.get('profiles', {}) %} +{%- if networkd.networkctl_reload %} include: - - systemd.reload + - systemd.networkd.reload +{%- endif %} -{% if profiles is mapping %} -{% for networkdprofile, types in profiles.items() %} - {% for profile, profileconfig in types.items() %} +{%- if profiles is mapping %} -/etc/systemd/network/{{ profile }}.{{ networkdprofile }}: - file.managed: - - template: jinja - - source: salt://systemd/networkd/templates/profile.jinja +/etc/systemd/network: + file.directory: - user: root - group: root - - mode: '0644' - makedirs: true - dir_mode: 755 + +{%- for networkdprofile, types in profiles.items() %} + {%- for profile, profileconfig in types.items() %} + {%- set filename = profile ~ "." ~ networkdprofile %} + {%- set user = networkd.fileattr.get(filename, {}).user | default("root") %} + {%- set group = networkd.fileattr.get(filename, {}).group | default("root") %} + {%- set mode = networkd.fileattr.get(filename, {}).mode | default("0644") %} + +/etc/systemd/network/{{ filename }}: + file.managed: + - template: jinja + - source: salt://systemd/networkd/templates/profile.jinja + - user: {{ user }} + - group: {{ group }} + - mode: {{ mode }} - context: config: {{ profileconfig|json }} + - require: + - file: /etc/systemd/network +{%- if networkd.networkctl_reload %} - watch_in: - - cmd: reload_systemd_configuration - {% endfor %} -{% endfor %} -{% endif %} + - cmd: systemd-networkd-reload-cmd-wait +{%- endif %} + {%- endfor %} +{%- endfor %} +{%- endif %} diff --git a/systemd/networkd/reload.sls b/systemd/networkd/reload.sls new file mode 100644 index 0000000000000000000000000000000000000000..4ee5dd92db904ca43a4af56619381d79ad362a86 --- /dev/null +++ b/systemd/networkd/reload.sls @@ -0,0 +1,9 @@ +include: + - systemd.networkd + +systemd-networkd-reload-cmd-wait: + cmd.wait: + - name: networkctl reload + - runas: root + - require: + - service: networkd diff --git a/systemd/networkd/templates/profile.jinja b/systemd/networkd/templates/profile.jinja index 1298fb0dc61c9485b1892944d810d9921cb2e574..3789f646949118b5e80cda188f6734559fc3f86c 100644 --- a/systemd/networkd/templates/profile.jinja +++ b/systemd/networkd/templates/profile.jinja @@ -16,7 +16,7 @@ {%- endfor -%} {%- endif -%} {%- endfor %} - {% endfor %} + {%- endfor %} {%- endmacro -%} # This file is managed by Salt via {{ source }} diff --git a/systemd/osmap.yaml b/systemd/osmap.yaml index 35f30c141246441cff8969afb2e9dc1688d08a4a..3269553cfe37bb56f2200ce16ba5300bd6fda377 100644 --- a/systemd/osmap.yaml +++ b/systemd/osmap.yaml @@ -14,6 +14,7 @@ Fedora: pkgs_extra: - python3-systemd networkd: + networkctl_reload: true pkg: {} resolved: pkg: {} diff --git a/test/integration/default/controls/networkd_spec.rb b/test/integration/default/controls/networkd_spec.rb index 7c90a008cb1d1c14e07fa86b4903143ee2ef5121..a870871621b760e741f12b8b9185bafeb451c80d 100644 --- a/test/integration/default/controls/networkd_spec.rb +++ b/test/integration/default/controls/networkd_spec.rb @@ -14,11 +14,11 @@ control 'Systemd Networkd' do it { should_not exist } end - describe file('/etc/systemd/network/eth0.network') do + describe file('/etc/systemd/network/br0.network') do its('type') { should eq :file } - its('mode') { should cmp '0644' } - its('owner') { should eq 'root' } - its('group') { should eq 'root' } + its('mode') { should cmp '0600' } + its('owner') { should eq 'systemd-network' } + its('group') { should eq 'systemd-network' } end describe file('/etc/systemd/network/br0.netdev') do