Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-10-17

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:06 Teknix joined #salt
00:08 cshuman joined #salt
00:15 jetblack joined #salt
00:17 pentabular joined #salt
00:20 jslatts joined #salt
00:25 justlooks joined #salt
00:28 ipmb joined #salt
00:35 redondos joined #salt
00:35 redondos joined #salt
00:37 m0hit joined #salt
00:40 lineman60 joined #salt
00:41 djn joined #salt
00:42 pdayton joined #salt
00:42 m0hit_ joined #salt
00:42 cshuman joined #salt
00:46 cshuman_ joined #salt
00:47 goodwill joined #salt
00:48 pass_by_value joined #salt
00:51 cshuman joined #salt
00:59 oz_akan_ joined #salt
01:02 v0id_ joined #salt
01:04 rgbkrk joined #salt
01:09 TheCodeAssassin joined #salt
01:09 juicer2 joined #salt
01:12 Teknix joined #salt
01:14 micah_chatt joined #salt
01:17 jdenning joined #salt
01:21 Lue_4911 joined #salt
01:22 elfixit joined #salt
01:23 teebes joined #salt
01:30 ipmb joined #salt
01:32 anuvrat joined #salt
01:33 Drawsmcgraw joined #salt
01:33 Lue_4911 joined #salt
01:34 NetworkN3rd joined #salt
01:36 m0hit joined #salt
01:41 shadowsun billh: Ended up making my own rpm of zeromq3 and python-zmq to fix that problem
01:45 deepakmd_oc joined #salt
01:45 AdamSewell joined #salt
01:45 shadowsun In 0.17.0 I ran salt -G 'node:group' -b 2 state.highstate, and it would batch starting highstate - without waiting for it to finish (as far as I could tell). The end effect of this is that it ran a state.highstate on all of them within about a minute, which (in reality) meant that all the jobs started by the highstates were running *at the same time*, completely negating the entire purpose of having a batch command. Is there an easy
01:46 oz_akan_ joined #salt
01:46 travisfischer joined #salt
01:47 cshuman joined #salt
01:52 lineman60 joined #salt
01:54 cshuman joined #salt
02:06 ddv joined #salt
02:08 Nexpro joined #salt
02:11 m0hit joined #salt
02:14 AdamSewell joined #salt
02:18 Furao joined #salt
02:25 m0hit joined #salt
02:26 pentabular joined #salt
02:29 m0hit joined #salt
02:30 Drawsmcgraw Any Django developers around?
02:31 Drawsmcgraw Specifically, I'm interested in the 'SSL_CLIENT_CERT' variable
02:33 Lue_4911 joined #salt
02:34 Lue_4911 joined #salt
02:39 Ryan_Lane joined #salt
02:40 jcockhren Drawsmcgraw: yo
02:40 Drawsmcgraw well hey there jcockhren
02:40 Drawsmcgraw Feel like getting me unstuck again? :)
02:40 jcockhren I'll try
02:40 Drawsmcgraw So, I understand how you can configure, say, Apache to pass the SSL details (including the user cert) up to Django
02:41 Drawsmcgraw What I'm curious about, is -> is the request.META['SSL_CLIENT_CERT'] the user's private key??
02:42 Drawsmcgraw I imagine there's some sort of transformation that happens to go from  'users private key' to 'pem-encoded cert you can work with'
02:46 jcockhren Drawsmcgraw: private key?
02:46 jcockhren just the cert
02:48 josephholsten joined #salt
02:48 Drawsmcgraw Ah. I think I may be overthinking this, then.
02:49 Drawsmcgraw jcockhren: Yep. Definitely overthinking this. That's what happens with sleep dep and late nights.
02:50 Drawsmcgraw Okay thanks!
02:51 josephho_ joined #salt
02:51 jcockhren Drawsmcgraw: are you just trying to use client cert validation>
02:51 jcockhren ?
02:52 josephh__ joined #salt
02:52 Drawsmcgraw Authentication via client cert, yes
02:52 Drawsmcgraw jcockhren: Specifically, https://github.com/saltstack/salt/issues/7791
02:54 pt|Zool joined #salt
02:54 saurabhs joined #salt
02:55 jcockhren https://docs.djangoproject.com/en/1.5/howto/auth-remote-user/
02:55 jcockhren Drawsmcgraw: ^
02:56 jcockhren Drawsmcgraw: set the remote user in the request header
02:57 Drawsmcgraw jcockhren: Ah. Got it. Thanks.
03:01 mannyt joined #salt
03:08 m0hit_ joined #salt
03:08 josephholsten joined #salt
03:10 josephho_ joined #salt
03:11 Thiggy joined #salt
03:14 josephholsten joined #salt
03:16 josephh__ joined #salt
03:16 oz_akan__ joined #salt
03:19 baniir joined #salt
03:19 LarsN joined #salt
03:20 nmistry joined #salt
03:20 josephholsten joined #salt
03:21 josephho_ joined #salt
03:22 baniir trying for the first time, on ec2s my minion is failing to authenticate with master. i have ports 4505-4506 open on master. minion knows the master as salt and resolves to an ip. am i missing something?
03:22 oz_akan__ joined #salt
03:24 jcockhren baniir: did you have the master accept the minion cert?
03:25 josephholsten joined #salt
03:26 ajw0100 joined #salt
03:26 josephho_ joined #salt
03:27 joehh z
03:27 jefimenko joined #salt
03:30 taylorgumgum joined #salt
03:32 baniir jcockhren: they should auto accept
03:34 jcockhren baniir: meaning you toggled that setting in the master config?
03:35 jcockhren what does salt-key -L (on the master) show you?
03:35 mannyt joined #salt
03:35 baniir yes, and restarted salt-master. is it possible the master keys are invalid since associating an elastic ip to the instance?
03:35 baniir salt-key -L shows no minions
03:36 jcockhren then that means they haven't initiated contact
03:37 jcockhren try changing the "master" setting in the minion config to the IP address of the master
03:39 cshuman joined #salt
03:39 josephholsten joined #salt
03:40 baniir still failing to auth, and salt-key -L still outputs zero minions
03:42 josephh__ joined #salt
03:42 jcockhren kill the salt-master service
03:42 jcockhren and run as
03:42 jcockhren salt-master -l debug
03:43 Thiggy joined #salt
03:43 jcockhren then restart the salt-minion service
03:43 jcockhren (as salt-minion -l debug
03:43 jcockhren )
03:43 jcockhren you should be able to see the communication attempts between the two
03:44 baniir i'm not seeing any movement
03:45 jcockhren can the minion ping the master?
03:45 josephho_ joined #salt
03:47 LarsN joined #salt
03:48 talso joined #salt
03:48 baniir i think icmp is blocked on ec2
03:50 baniir let me see if can open
03:52 baniir ok; pinging fine now
03:53 jcockhren 4505-4506 is open on the minion as well?
03:54 baniir no, just on the master
03:57 jcockhren on the minion
03:57 josephholsten joined #salt
03:57 jcockhren nc -v -z ip_of_master 4505
03:57 jcockhren nc -v -z ip_of_master 4506
03:58 jcockhren also, which distro are you using?
03:58 baniir nc -v -z salt 4505 is silent
03:58 jcockhren http://docs.saltstack.com/topics/troubleshooting/index.html
03:58 redondos joined #salt
03:58 jcockhren baniir: try ^
03:59 baniir thank you. will do
03:59 cjh_ joined #salt
03:59 josephho_ joined #salt
04:05 josephholsten joined #salt
04:06 josephholsten joined #salt
04:07 josephh__ joined #salt
04:09 shadowsun In 0.17.0 I ran salt -G 'node:group' -b 2 state.highstate, and it would batch starting highstate - without waiting for it to finish (as far as I could tell). The end effect of this is that it ran a state.highstate on all of them within about a minute, which (in reality) meant that all the jobs started by the highstates were running *at the same time*, completely negating the entire purpose of having a batch command. Is there an easy
04:10 Thiggy joined #salt
04:10 Gareth Anyone venture a guess as to why salt to complaining about a file, plain file, saying it can't render the file with jinja and saying the file is 372 lines when in fact its only 38 lines.
04:23 josephholsten joined #salt
04:23 josephho_ joined #salt
04:25 TheSojourner joined #salt
04:25 TheSojourner joined #salt
04:26 dane joined #salt
04:29 redondos joined #salt
04:32 pentabular joined #salt
04:35 redondos joined #salt
04:36 josephholsten joined #salt
04:43 josephho_ joined #salt
04:43 berto- joined #salt
04:45 josephh__ joined #salt
04:51 oz_akan_ joined #salt
04:54 m0hit joined #salt
05:00 Gareth bah. nm.  forgot to include a map file that I referenced.
05:03 josephholsten joined #salt
05:05 josephho_ joined #salt
05:09 josephholsten joined #salt
05:12 josephh__ joined #salt
05:12 berto- joined #salt
05:14 josephho_ joined #salt
05:15 josephh__ joined #salt
05:18 josephholsten joined #salt
05:24 josephho_ joined #salt
05:25 cshuman joined #salt
05:26 A21BC joined #salt
05:27 A21BC left #salt
05:28 orbitrus joined #salt
05:31 josephholsten joined #salt
05:35 justlooks hi,anyone can help ,install salt problem  https://gist.github.com/justlooks/7019589
05:35 ajw0100 joined #salt
05:45 josephho_ joined #salt
05:52 tomspur joined #salt
05:52 josephholsten joined #salt
05:54 TheCodeAssassin joined #salt
05:56 josephho_ joined #salt
05:59 __number5__ justlooks: are python-jinja2-26 and python-jinja2 same package?
06:01 pentabular joined #salt
06:01 justlooks __number5__: yes ,i can install python-jinja2-26 but salt-master just can recognize pythhon-jinja2
06:02 justlooks __number5__: it's seems a bug ,how to solve this?
06:02 __number5__ I don'
06:03 __number5__ I don't have much experience with yum
06:04 __number5__ justlooks: are you following instructions here http://docs.saltstack.com/topics/installation/rhel.html
06:04 josephholsten joined #salt
06:05 xet7 joined #salt
06:05 josephh__ joined #salt
06:07 justlooks __number5__: i build my local yum mirror
06:09 josephholsten joined #salt
06:10 __number5__ justlooks: can you manually install jinja2 e.g.: yum install python-jinja2
06:10 Lue_4911 joined #salt
06:11 josephho_ joined #salt
06:12 justlooks __number5__: i can not ,yum can only can see python-jinja2-26 ,but salt-master depend on python-jinja2,it's a bug https://bugzilla.redhat.com/show_bug.cgi?id=919206
06:12 __number5__ "On RHEL6, the proper Jinja package 'python-jinja2' was moved from EPEL to the "RHEL Server Optional Channel". Verify this repository is enabled before installing salt on RHEL6."
06:13 __number5__ on http://docs.saltstack.com/topics/installation/rhel.html
06:15 josephholsten joined #salt
06:23 whyzgeek joined #salt
06:23 jetblack joined #salt
06:23 Nazca joined #salt
06:25 josephho_ joined #salt
06:26 az87c joined #salt
06:26 josephh__ joined #salt
06:27 az87c_ joined #salt
06:27 josephholsten joined #salt
06:27 shinylasers joined #salt
06:28 josephho_ joined #salt
06:29 Ryan_Lane joined #salt
06:35 ramteid joined #salt
06:37 linjan joined #salt
06:38 m0hit joined #salt
06:38 bud joined #salt
06:39 tomeff joined #salt
06:48 cshuman joined #salt
06:54 cshuman joined #salt
06:55 Katafalkas joined #salt
07:00 malinoff joined #salt
07:00 malinoff Hi guys
07:01 berto- joined #salt
07:02 balboah joined #salt
07:08 anuvrat joined #salt
07:12 octarine joined #salt
07:20 ckao joined #salt
07:43 redondos joined #salt
07:44 pviktori joined #salt
07:53 cwarner joined #salt
07:55 pviktori joined #salt
07:56 justlooks hi,if i need execute a script ,can i put it on master then execute on each minion?
07:57 swa_work yes justlooks
07:59 justlooks swa_work: how ?
08:00 swa_work depends
08:02 swa_work paste it and post the URL here justlooks
08:04 justlooks swa_work: write sls file download the script to each minion then use salt '*' cmd.run 'bash /path/to/script' execute it?
08:16 groovehunter joined #salt
08:17 groovehunter hi
08:17 groovehunter I wonder how to find out which states are available in version 0.15.1?
08:19 swa_work justlooks, that would be one method but if I _saw_ the script I _may_ be able to point to a DTRT
08:20 [M7] joined #salt
08:20 [M7] joined #salt
08:23 sebgoa joined #salt
08:23 Flusher left #salt
08:23 josephholsten joined #salt
08:27 justlooks swa_work: sure https://gist.github.com/justlooks/7019589
08:27 justlooks groovehunter: refer to doc
08:28 justlooks swa_work: it's a bash script
08:29 swa_work yah..
08:29 swa_work have you run that on a single host
08:30 justlooks swa_work: yes
08:30 swa_work and I take it you're under a time constraint
08:31 justlooks swa_work: what's means of under a time constraint?
08:32 swa_work you have to get this done asap yah?
08:33 the_drow joined #salt
08:33 the_drow Hi, what does "Name "virtualenvwrapper" in sls "python" contains multiple state decs of the same type" mean? I have a file.directory and file.managed in the same type
08:33 justlooks swa_work: speed is important,also the script itself need took long time to run
08:35 Loo joined #salt
08:35 Loo hello
08:35 Loo is this a good place to ask newbie questions ?
08:36 the_drow Loo: yup
08:36 Loo i did a salt '*' cmd.run 'ping 8.8.8.8'
08:36 Loo so it went indefinately now
08:36 Loo if i forgot the jid, how to i list all running jid ?
08:36 bud justlooks: salt.states.cmd.script from http://docs.saltstack.com/ref/states/all/salt.states.cmd.html might help you
08:37 Loo tyty
08:38 swa_work justlooks, take a peek at: http://intothesaltmine.org/blog/html/2013/03/02/managing_cronjobs_with_salt_stack.html
08:39 swa_work there are other 10ton hammer ways but that is the KISS
08:39 IzeBit i have some issues with the salt master/minion. when i execute for example test.version the master kinda "hangs up" and becomes very slow or unresponsive. When i check the logs on the affected minions i get sometimes "salt.minion                                 ][CRITICAL] An exception occurred while polling the minion"
08:40 IzeBit with following tracebacks from python. "sys.stderr.write('Process %s:\n' % self.name)" "IOError: [Errno 5] Input/output error"
08:40 the_drow Why can't I have file.directory & file.managed under the same type?
08:41 __gotcha joined #salt
08:44 ninkotech joined #salt
08:48 felixhummel joined #salt
08:52 swa_work nite all  .
08:52 * swa_work &
08:59 matanya joined #salt
09:05 m0hit joined #salt
09:05 Khazix joined #salt
09:06 basepi joined #salt
09:07 austin987 joined #salt
09:07 aparashar joined #salt
09:07 dane joined #salt
09:07 isomorphic joined #salt
09:08 justlooks swa_work: thank you
09:16 shomodj joined #salt
09:23 bhosmer joined #salt
09:33 anuvrat joined #salt
09:38 matanya joined #salt
09:39 aleszoulek joined #salt
09:47 matanya joined #salt
09:51 bin__ joined #salt
09:54 whiskybar joined #salt
09:57 giantlock joined #salt
09:57 N-Mi joined #salt
10:03 jefimenko joined #salt
10:06 the_drow I'm trying to clone all our repos from our github organization. https://dpaste.de/pHKB and I'm getting     Data failed to compile: ----------     Too many functions declared in state "git" in sls github ----------     Too many functions declared in state "git" in sls github ----------     Too many functions declared in state "git" in sls github ----------     Too many functions declared in state "git" in sls github ----------     Too
10:06 the_drow How do I clone multiple repositories?
10:06 jefferai joined #salt
10:07 malinoff the_drow, u've chosen wrong channel
10:07 malinoff ah
10:07 malinoff sorry
10:07 malinoff saw #!pydsl
10:08 the_drow malinoff: got an idea why it says too many functions?
10:09 logix812 joined #salt
10:10 unicoletti_ joined #salt
10:11 the_drow I guess not.
10:11 malinoff the_drow, i think, repo.name equals just 'git'
10:11 the_drow malinoff: Nope. It's the repo name on github
10:12 malinoff the_drow, are you sure?
10:12 the_drow malinoff: http://github3py.readthedocs.org/en/latest/repos.html#github3.repos.repo.Repository.name
10:12 malinoff the_drow, the only way to investigate the issue is debugging. Check that repo.name is really unique
10:13 the_drow It is
10:14 the_drow malinoff: what's next?
10:15 malinoff the_drow, Does "salt '*' state.show_sls your_sls" work?
10:16 the_drow malinoff: I'll check
10:16 the_drow malinoff: No I don't have a master
10:17 malinoff the_drow, salt-call state.show_sls your_sls
10:17 the_drow malinoff: using salt-call and it's the same
10:18 the_drow malinoff: https://dpaste.de/hjPH
10:18 malinoff the_drow, will your state compile if you will loop just once?
10:18 SpX joined #salt
10:19 the_drow malinoff: yup
10:20 the_drow malinoff: the names are unique. I can't disclose them though :)
10:21 malinoff the_drow, there's no need for it
10:21 the_drow malinoff: So, what the hell am I doing wrong here?
10:21 malinoff the_drow, trying to understand it right now
10:22 malinoff give me a moment
10:22 the_drow ok
10:25 malinoff the_drow, try to manually render your template http://docs.saltstack.com/ref/renderers/all/salt.renderers.pydsl.html?highlight=renderer#salt.renderers.pydsl.render
10:25 malinoff the_drow, probably, it will fire a more understandable traceback
10:26 the_drow malinoff: wait how do I do that?
10:26 the_drow salt-call?
10:27 jumperswitch joined #salt
10:27 malinoff ah
10:27 the_drow malinoff: vagrant@precise64:~$ sudo salt-call salt.renderers.pydsl.render /srv/salt/github/init.sls Function salt.renderers.pydsl.render is not available
10:28 malinoff import salt; salt.template.compile_template_str
10:29 the_drow oh
10:29 the_drow In the pydsl file?
10:29 malinoff the_drow, no, run python shell
10:30 the_drow malinoff: It says I need 3 parameters
10:30 the_drow template, renderers & default
10:31 the_drow malinoff: got a reference to the docs I can look at
10:32 Loo_ joined #salt
10:33 malinoff the_drow, nice, i should go afk
10:34 the_drow malinoff: I was asking, sorry?
10:34 the_drow sorry. Goddamit :P
10:34 Loo_ hmm guys, i'm coding my first state file, how do i make it 'chsh -s /usr/local/bin/bash' only if it exists ?
10:35 Loo_ i'm not sure what to put after cmd.wait , -watch:
10:35 the_drow Loo_: cmd.run and use onlyif: type chsh
10:37 m0hit joined #salt
10:40 the_drow malinoff: Is this related? http://comments.gmane.org/gmane.comp.sysutils.salt.user/498
10:42 jbunting joined #salt
10:42 m0hit joined #salt
10:46 the_drow Well as it turns out it doesn't clone anything
10:46 mua joined #salt
10:48 VSpike joined #salt
10:48 the_drow malinoff: if you come back ping me :/
10:52 VSpike Does anyone know how easy/successful it is to use Chocolatey on Windows minions? How does it compare to using Salt's own Windows packager?
10:54 linjan joined #salt
10:54 VSpike Sorry, new to Salt .. just getting started and thinking how I'd go about creating my states. https://groups.google.com/forum/#!topic/salt-users/IJ1Cl6o2MeA suggest it's easy enough to call Chocolatey remotely, as you'd expect. But a remote call is not really the same as using a state, is it?
10:55 the_drow VSpike: Nope. You need to write a module for that.
10:56 VSpike the_drow: I thought so :) Well, perhaps not a task for day 1. Gimme a week
10:57 the_drow VSpike: While you're at it, create a pull request. Salt has it's own package manager for windows if you need to do your task quickly
10:57 VSpike the_drow: yeah, I saw a few people asking about it. Chocolatey is pretty neat, so it would be a good addition. I was thinking the same - might be a nice contribution
10:58 the_drow VSpike: Have you ever encountered this kind of error: https://dpaste.de/hjPH
11:00 VSpike No, sorry. Only had Salt installed about 1 day though :) Still at the stage of typing stuff like "salt \* network.interfaces" and thinking, "Awesome.. it works!"
11:01 VSpike Another question I was wondering .. with my internal DNS server, for example, I currently have a bitbucket repo with the config files, although there some templating so you have to edit the template and run a script (also in the repo) to make the actual files...
11:02 backjlack joined #salt
11:02 VSpike to move that to Salt, would I be best dropping the whole lot into my state tree instaed, and possibly using Jinja instead of my custom script?
11:02 VSpike I have lots of that .. webserver configs, php configs etc in separate repos... would I move them all to the state tree, and then manage the state tree as a single source-control repo?
11:05 mwillhite joined #salt
11:06 srage joined #salt
11:10 the_drow VSpike: Probably
11:13 bin__ joined #salt
11:14 VSpike I'm sure it's possible to make salt pull down external repos onto the servers, but I'd /imagine/ it would work better to put everything into one location. That's just my speculation at this point though.
11:15 kadel joined #salt
11:15 malinoff the_drow, ping
11:16 the_drow Oh goodie. As it turns out the for loop isn't executing anything anyway.
11:17 the_drow malinoff: even if there was only one item
11:18 the_drow malinoff: I'm currently trying something new
11:18 costi joined #salt
11:18 the_drow malinoff: woot! git.latest works!
11:19 malinoff the_drow, Oo
11:19 the_drow malinoff: thanks man!
11:19 malinoff the_drow, it's my pleasure :)
11:31 m0hit joined #salt
11:31 m0hit joined #salt
11:35 mua joined #salt
11:39 jbunting joined #salt
11:39 jbunting joined #salt
11:50 dranger joined #salt
11:51 rgbkrk joined #salt
11:58 bhosmer joined #salt
12:03 m0hit joined #salt
12:04 gmoro joined #salt
12:06 blee joined #salt
12:11 krissaxton joined #salt
12:16 baffle joined #salt
12:20 balboah joined #salt
12:27 [M7] joined #salt
12:28 amahon joined #salt
12:28 teebes joined #salt
12:30 sebgoa joined #salt
12:33 brianhicks joined #salt
12:34 pdayton joined #salt
12:38 ipmb joined #salt
12:45 tyler-baker joined #salt
12:45 tyler-baker joined #salt
12:48 the_drow How do I make an entire sls file depended on another?
12:53 mike_perdide the_drow: do you mean, like a sls file would be imported by another?
12:54 the_drow mike_perdide: It's a PyDSL file. I had to do: state().cmd.call(clone_all).require(cmd='pip', pip=['github3.py', 'virtualenv'], pkg='git')
12:55 mike_perdide I am not familiar with that way of using salt, I thought you might be looking for the "include" statement in sls files, sorry :)
12:56 the_drow mike_perdide: I had to use pydsl. I don't have time to write a module for now
12:59 Katafalkas salt-cloud question: There is an option for rackspace to use rackconnect: True. Is it in the development version only ? is there a simple way to upgrade pip installed version to development version ?
12:59 baffle What are people using for bare-metal orchestration nowadays? I've used pxe/dhcp homebuilt stuff before, tried cobbler/foreman and looked a little at razor.
13:00 krissaxton1 joined #salt
13:02 linuxnewbie joined #salt
13:02 jslatts joined #salt
13:04 m0hit joined #salt
13:05 rmt_ baffle, I still use pxe/dhcp .. but the primary purpose is to get the hypervisor servers up. :-)
13:05 rmt_ (home-rolled)
13:05 the_drow baffle: Try MAAS and Juju
13:06 mannyt joined #salt
13:06 Jahkeup joined #salt
13:06 the_drow mike_perdide: Nope, that doesn't work
13:07 oz_akan_ joined #salt
13:07 juicer2 joined #salt
13:07 racooper joined #salt
13:08 oz_akan_ joined #salt
13:08 the_drow I have the following pydsl file https://dpaste.de/tv59
13:08 the_drow It requires the github3.py and virtualnev packages from pip.
13:09 the_drow It also naturally requires git.
13:09 the_drow I have these modules but I don't know how to order them to run before the pydsl file
13:10 Gifflen joined #salt
13:11 josephholsten joined #salt
13:13 rgbkrk joined #salt
13:14 Jahkeup joined #salt
13:14 MTecknology There's such thing as state-call --no-changes state.highstate, isn't there?
13:15 jcristau salt-call state.highstate test=True?
13:15 MTecknology that.. Thanks!
13:18 toastedpenguin joined #salt
13:18 Kholloway joined #salt
13:20 baffle the_drow: Looks interresting; I hadn't looked at MaaS from Canonical for a while, seems to be better now. :-)
13:21 the_drow baffle: yeh? I haven't tried it yet
13:21 baffle the_drow: But to me it seems to want to have a "cluster controller" instance with dhcp/tftp/etc for every subnet you want to manage; I was planning on just using things like dhcp-helpers etc on routers..
13:22 the_drow baffle: I don't really know much about those. I leave them to the ops guys. I'm DevOps :P
13:23 the_drow baffle: I just know the name
13:23 Jahkeup joined #salt
13:23 baffle the_drow: Ah, okay.
13:24 the_drow baffle: I kinda went over the docs today and it does look impressive
13:25 jeffasinger joined #salt
13:26 bhosmer joined #salt
13:28 the_drow baffle: but to be honest I'd rather work with CoreOS and not Ubuntu Server
13:28 alunduil joined #salt
13:32 SEJeff_work docker FTW
13:32 SEJeff_work Also, etcd is awesome (from coreos)
13:33 groovehunter hi, pls can you tell if salt.states.hg.latest is available for what version ?
13:33 groovehunter I use 0.15.1 and I get "State hg.latest found in sls django is unavailable"
13:34 joehh grois mercurial installed?
13:34 joehh whoops - groovehunter is ...
13:34 groovehunter hmm moment
13:34 joehh I have noticed that I seem to need to restart the minion after installing hg
13:34 groovehunter oh no, so that might be the reason?
13:35 joehh It feels like there is a cached check of hg existing or not
13:35 joehh yes
13:35 m0hit joined #salt
13:36 xl1 left #salt
13:37 terminalmage joined #salt
13:37 joehh groovehunter: if you are on that old a salt, watch out for https://github.com/saltstack/salt/issues/6661
13:38 joehh not too bad, but caught us a couple of times
13:38 NetworkN3rd joined #salt
13:39 bhosmer_ joined #salt
13:40 Brew joined #salt
13:40 MTecknology have to love it when you have one state that installs one package you want, then another one that uninstalls that and installs a package you don't want.
13:41 MTecknology that's just bad adminning on my part
13:44 bhosmer_ joined #salt
13:47 giantlock joined #salt
13:49 JasonSwindle joined #salt
13:52 the_drow I just caused salt to fail miserably. Yay for me https://github.com/saltstack/salt/issues/7916
13:52 AdamSewell joined #salt
13:54 Furao joined #salt
13:54 nkuttler joined #salt
13:54 nkuttler joined #salt
13:55 crane joined #salt
13:55 SEJeff_work the_drow, Can you include the state files (the python ones) in that issue? Makes it hard to repro without them
13:56 the_drow SEJeff_work: yeh, in a second
13:56 SEJeff_work the_drow, You hack on nose?
13:56 SEJeff_work Great software btw
13:56 the_drow nose2, core commiter
13:56 the_drow and thanks
13:56 the_drow you all should move already :)
13:56 SEJeff_work the_drow, What makes nose2 better than nose? Just curious? I've got a few thousand tests using nose
13:57 the_drow 2.6 and above, a testing DSL, more built in plugins. 1.0 might support django out of the box, 1.0 will support test coverage out of the box and many many more
13:57 the_drow we need usage and pull requests :)
13:57 SEJeff_work nose2 1.0
13:57 SEJeff_work How ironic :)
13:57 the_drow hehe yeh
13:58 SEJeff_work the_drow, We use the shite out of some django, yes please
13:58 SEJeff_work the_drow, Alright meeting, later
13:58 lahwran joined #salt
14:00 the_drow Can someone explain why this happens: http://bpaste.net/show/yQNQCCAq0iQjJYTLdzTW/
14:00 the_drow Is this a bug?
14:02 micah_chatt joined #salt
14:03 m_george|away joined #salt
14:04 the_drow Help :(
14:04 jergerber joined #salt
14:05 krissaxton joined #salt
14:06 m_george left #salt
14:07 claudep joined #salt
14:08 claudep hi, for one of my salt-managed client, no output is given for a highstate command, why and how can I debug the issue?
14:11 Jahkeup joined #salt
14:12 timoguin joined #salt
14:12 claudep ignore my previous question (setting salt_output to mixed and restarting the master seems to have solved the issue)
14:14 mua joined #salt
14:15 sroegner joined #salt
14:15 mannyt joined #salt
14:16 kaptk2 joined #salt
14:17 linuxnewbie left #salt
14:19 krissaxton joined #salt
14:23 mgw joined #salt
14:25 lineman60 joined #salt
14:26 jumperswitch_ joined #salt
14:28 brimpa joined #salt
14:30 jbunting joined #salt
14:30 rgbkrk joined #salt
14:31 mgw joined #salt
14:33 networkpadawan joined #salt
14:34 the_drow http://bpaste.net/show/yQNQCCAq0iQjJYTLdzTW/ - Appreantly salt swallows an exception
14:34 kermit joined #salt
14:35 the_drow Got any idea how to resolve this?
14:38 cachedou_ the_drow: I'm on my way to the office in a minute but could you file an issue on that, please and I'll try to get some eyes on it today?
14:38 the_drow cachedou_: yup sure. I have filed a ton of those today
14:39 the_drow cachedou_: I can't even catch the exception
14:40 Furao the_drow: still on 0.17
14:40 Furao ?
14:40 the_drow Furao: I upgraded to latest develop :)
14:43 Furao does that solve the duplicated ID thing?
14:43 the_drow Furao: kinda. It reports an error about it instead of blowing up
14:45 lineman60__ joined #salt
14:47 deepakmd_oc joined #salt
14:48 steplunge joined #salt
14:49 mgw joined #salt
14:52 cnelsonsic joined #salt
14:54 the_drow cachedou_: https://github.com/saltstack/salt/issues/7918
14:54 the_drow I really need to get this done.
14:55 the_drow It has a deadline for sunday and I don't work on saturdays.
14:55 berto- joined #salt
14:58 timoguin joined #salt
14:58 jalbretsen joined #salt
14:58 SunSparc joined #salt
15:00 ubercore joined #salt
15:03 cachedout joined #salt
15:03 redondos joined #salt
15:03 steplunge joined #salt
15:04 Linz joined #salt
15:06 abe_music joined #salt
15:07 jslatts joined #salt
15:07 m0hit joined #salt
15:07 Katafalkas joined #salt
15:08 Katafalkas joined #salt
15:13 Katafalkas joined #salt
15:15 amahon joined #salt
15:16 UtahDave joined #salt
15:17 unicoletti_ left #salt
15:19 cwright how can one pass arbitrary flags to pkg.installed?  for example, I need to pass —force-yes to several packages we install, but looking at the 0.17.0 source as well as the develop tree shows now clear way of doing that
15:20 uta joined #salt
15:22 pdayton joined #salt
15:33 mgw joined #salt
15:38 m0hit joined #salt
15:40 Khollowa_ joined #salt
15:43 StDiluted joined #salt
15:46 jdenning joined #salt
15:47 logix812 to use group_install is it just pkg.group_install: - name: bla         in the sls file? (obviously not including new lines in this) I'm getting a too many functions declared error I am trying to track down
15:48 dranger hi, I have an ubuntu 12.04 lts minion that I would like to apply some iptables to, however I'm getting the following when I try to run iptables.get_rules
15:48 dranger salt 'myminion' iptables.get_rules
15:48 dranger "iptables.get_rules" is not available.
15:49 logix812 OH! n/m I found it
15:49 logix812 drp
15:49 dranger am I missing something simple...?
15:50 druonysus joined #salt
15:52 mwillhite joined #salt
15:53 socks__ joined #salt
15:53 UtahDave dranger: have you checked if the iptables module works on ubuntu?   If you look at the __virtual__ function in the module, it should tell you
15:54 druonysus joined #salt
15:54 druonysus joined #salt
15:58 socks__ hi, i was wondering if i could get some help with a state that uses a jinja iteritems operation for iterating through a set of pillar dictionary values.   this is my state:  http://pastebin.com/yb169zha   and this is my pillar dictionary:  http://pastebin.com/gFSHiv2h   when i try applying the state, i get a "UndefinedError: 'str object' has no attribute 'iteritems'" error.  full error here:  http://pastebin.com/4b6m9Eqq
15:59 socks__ this is usually very easy, but for some reason (maybe i'm just having an off day) i'm missing something.  hopefully it's not too obvious :)
15:59 redondos joined #salt
16:00 teskew joined #salt
16:02 mannyt joined #salt
16:02 forrest joined #salt
16:05 timoguin joined #salt
16:07 UtahDave socks__: Hm. trying to figure out why you're getting a string there.
16:08 socks__ thank you!  i made sure the minion is getting the pillar dictionary.  the output looks like this http://pastebin.com/dVYxgBjK   sorry if i'm overusing pastebin, i wasn't sure how to relay it better
16:08 UtahDave No, you're using pastebin just fine.
16:08 socks__ awesome
16:09 m0hit joined #salt
16:10 dranger UtahDave: __virtual__ function  calls salt.utils.which('iptables').. which is definitely installed... so I assumed it would be loaded.. however it's acting as though its not there
16:11 Lue_4911 joined #salt
16:12 KyleG joined #salt
16:12 KyleG joined #salt
16:14 UtahDave dranger: try running   salt 'minion' iptables.version
16:15 dranger UtahDave: same output... "iptables.version" is not available.
16:15 UtahDave try   salt 'miniion'  sys.doc iptables
16:16 UtahDave And this:      sudo salt \* cmd.which iptables
16:17 dranger returns nothing and $? is 0
16:17 mpanetta joined #salt
16:18 dranger salt 'minion' cmd.which iptables does return the path to iptables (/sbin/iptables)
16:19 UtahDave dranger: what version of Salt are you on?
16:20 pipps1 joined #salt
16:20 dranger 0.17.0 installed from the ubuntu ppa
16:21 UtahDave hm.
16:21 UtahDave I'm on Ubuntu 12.04  and salt \* iptables.version   does return correctly
16:21 dranger both my master and minion are 0.17.0
16:21 mpanetta joined #salt
16:21 shinylasers joined #salt
16:22 UtahDave sudo salt \* iptables.get_rules   returns nothing for me, but I imagine that is because I haven't configured any
16:23 dranger hmmm, actually the VMs I built with vmbuilder, iptables.version does not return correctly, however VMs that I built by hand are returning correctly
16:24 UtahDave socks__: I'm not sure exactly what's going on there. I'd recommend printing out the contents of pillar.get('ssh_configs') and see what you get
16:26 socks__ yeah, it's bizarre.  i get this on the minion:  http://pastebin.com/dVYxgBjK
16:27 krissaxton joined #salt
16:28 mwillhite joined #salt
16:30 woebtz joined #salt
16:30 berto- joined #salt
16:31 shine hi
16:32 shine any idea why salt package on ubuntu 13.04 is still 0.16.4 ?
16:35 steplunge joined #salt
16:37 nmistry joined #salt
16:40 forrest shine, did you use the PPA from the saltstack wiki?
16:41 Jahkeup joined #salt
16:42 webben shine: There were problems packaging for raring
16:42 forrest is there an issue open for that webben?
16:43 webben shine: https://groups.google.com/forum/#!searchin/salt-users/raring/salt-users/E19zjqJlym4/rlejr_DWgm8J
16:43 webben dunno
16:43 webben forrest: where would the issue be? launchpad?
16:43 forrest I honestly don't know webben, I don't do much ubuntu packaging :\
16:44 webben https://bugs.launchpad.net/~saltstack <= none there
16:45 webben in fact raring apt urls seem borked atm
16:45 UtahDave Corey ^^
16:45 xmltok joined #salt
16:46 dave_den has anyone used salt from an esky/frozen build?  i can't seem to get it working
16:46 UtahDave dave_den: I have quite a bit.
16:46 dranger UtahDave: I rebooted my VM and the goblins are gone... it's working now :)
16:46 jslatts joined #salt
16:49 dave_den UtahDave: i can get setup.py bdist and setup.py bdist_esky to compile the tar and zips just fine, but when I unzip it and run the bdist_esky salt-call script I get "ImportError: No module named site". I am following the instructions from http://docs.saltstack.com/topics/tutorials/esky.html and i am trying this against commit 67c9bdfe4b981487975735ec4a6bb5b445e0bc91
16:50 forrest webben, there isn't a whole lot of discussion in that thread regarding the status of the raring fix, it's mostly just joehh, and I believe he was already working on a fix for this.
16:50 dave_den not sure what the deal is. also tried creating a virtualenv with esky and running salt-call from there, but I get the same error.
16:51 forrest so shine, I'd say give it a few more days to see what happens, if no update by next week, maybe make a post in the user group for a dedicated thread to discuss the raring issue/status.
16:51 dave_den ubuntu 12.04 using patchelf from the latest git
16:53 UtahDave dranger: dang goblins!  :)
16:53 networkpadawan left #salt
16:53 UtahDave dave_den: Ah, OK.  what version of Salt are you using?
16:54 UtahDave I think you just need to at "site"  to the Windows freezer list in setup.py
16:54 UtahDave add, no at
16:54 UtahDave gah, I can't type today
16:54 dave_den UtahDave: salt from git, commit 67c9bdfe4b981487975735ec4a6bb5b445e0bc91
16:54 mgw joined #salt
16:54 dave_den to the windows freezer list?
16:55 rlarkin joined #salt
16:55 UtahDave yeah, FREEZER_INCLUDES.extend  on line 365  of setup.py
16:55 dave_den will try adding it to the FREEZER_INCLUDES array
16:56 dave_den cool, trying
16:56 UtahDave oh, sorry, are you not on Windows?
16:56 dave_den nope, ubuntu 12.04
16:56 UtahDave Ah, gotcha
16:56 UtahDave yeah, then FREEZER_INCLUDES
16:58 ze- any idea how to "easily" debug sls file generation ?
16:59 honestly salt-call -l debug state.sls statefile.sls test=True
17:00 jefimenko joined #salt
17:02 ze- thanks. one of those otions helps :)
17:02 forrest ze-, if you can't figure it out after running the debug/test through, feel free to use pastebin and we can try to help you as wel.
17:03 JasonSwindle joined #salt
17:03 dave_den bah, no dice. it did include the 'distribute' module in the esky zip, but the distribute's site.py file is the file causing the error with the way it monkeypatches itself into things
17:06 ze- http://pastebin.com/Jg2P7ZNm
17:08 Jahkeup joined #salt
17:08 StDiluted joined #salt
17:09 ze- if anyone has hint on what is failing on my sls :)
17:09 mgw Is there any talk of a "syntax checker". I just hit a cryptic error for state.sls: TypeError encountered executing state.sls: object of type 'int' has no len(). As it turns out, it was some extra indentation in my yaml.
17:09 mgw syntax in the sense of "this will make sense to salt"
17:10 jesusaurus mgw: a script to check that the pillar/formula compile is something ive been working on in my free time (ha, free time? whats that?)
17:10 snuffeluffegus joined #salt
17:10 jesusaurus but since the pillar is compiled on the master but the rest is compiled on the minion, its a bit tricky
17:11 mgw jesusaurus: do you have it on github?
17:11 ze- (and yeah, fields are bad, just trying to show_sls to get further to next stuffs...)
17:11 snuffeluffegus joined #salt
17:11 jesusaurus mgw: https://github.com/jesusaurus/salt-shaker
17:11 jesusaurus it definitely needs work
17:13 mgw jesusaurus: is this much different than calling with test=true?
17:14 mgw (just glancing over it)
17:15 mgw I had in mind something that would, for example, detect that you have extra options that are meaningless in your state files
17:16 JasonSwindle Is 0.17.1 out out?  Or nearly out?  **Waiting on the tag…**
17:16 mgw e.g. I had a - require — but in addition to the pkg, all my following lines were indented two spaces too far, making them 'required'
17:16 krissaxton joined #salt
17:16 mgw that's what was generating that error
17:17 ze- (if you want to check a specific part, you can use show_sls, and check it by hand)
17:18 pipps joined #salt
17:18 jesusaurus mgw: ahh, yeah, salt-shaker mostly just tries to compile multiple states with different ids. i want a lint-like test to start with
17:18 mgw ze- that does help
17:19 forrest jesusaurus, you didn't build puppet parser already for salt?? Slacker!
17:19 amckinley joined #salt
17:19 jesusaurus forrest: i know...
17:19 mgw maybe better exception handling would be good too
17:19 forrest agreed mgw
17:19 forrest that's something we've discussed in here before, I don't think an issue exists for it though
17:20 forrest but if you don't know python and are trying to use salt (and sometimes even if you do), the errors can be cryptic
17:20 mgw e.g., the error I got didn't tell me which sls file it was processing
17:20 forrest right
17:20 mgw I happened to know
17:20 ze- yeah. I too often debug by adding debug logs and trying to understand more how it works, because i can't make anything of the message :)
17:20 jesusaurus also, i would like to see more consistent use of logging levels, its so hard to find the info i want in the logs
17:20 mgw b/c I had just made changes to it
17:21 forrest ze-, can you paste just the sls? This seems a bit broken up, it's hard to follow the debug output versus the state data.
17:21 forrest or is that top section your state?
17:21 forrest and these are all items in file_list
17:22 ze- forrest: yup, top data is my state file
17:22 ze- I guess it doesn't like |yaml on simple string or something
17:22 bitz joined #salt
17:22 forrest did you remove that and it worked?
17:23 ze- Yeah. got a little further in what i need :)
17:23 ze- still haven't the whole state as i'd like... but getting there
17:23 forrest gotcha, it seems odd to me it fails on line 16 as opposed to one of the earlier values, because according to this... it should have two values before that?
17:23 forrest well two 'groups'
17:24 ze- mmm...
17:24 ze- {{ var|yaml }}
17:24 ze- generates a "str\n...\n" or something like that
17:24 ze- no idea why the ... are there!
17:24 ze- but guess that's what breaking my file
17:24 forrest what if you do {{ finfo.get('type', '') }}|yaml ?
17:25 ze- nah, |yaml is a filter, has to be within the {{}}
17:25 ze- works with finfo|yaml directly
17:25 ze- (had to use it at times, with weird string values...)
17:27 Jahkeup_ joined #salt
17:31 logix812 is there a way to preview the rendered sls files?
17:32 logix812 I want to see what it's rendering, the error I am seeing makes me think it and I have 2 different idea's about what's happening
17:33 StDiluted -l debug should give you the rendering
17:34 StDiluted -l debug test=True
17:34 logix812 thanks!
17:37 jcockhren For anyone who cares about client cert verification for halite:
17:37 jcockhren (there was a guy here last night)
17:38 jcockhren firefox seems to give a stupid error when up loading the p12 file
17:38 Jahkeup joined #salt
17:38 jcockhren import failing for unkown reasons
17:38 forrest did you create an issue jcockhren?
17:39 troyready joined #salt
17:39 jcockhren "The PKCS #12 operation failed for unknown reasons."
17:39 jcockhren its not a salt bug
17:39 jcockhren works fine in chrome
17:39 jcockhren just thought I'll mention that hurdle for those trying to get it working
17:40 jcockhren I read (from mozilla's bug list) that importing the p12 into IE then exporting it back out might help
17:41 jcockhren fwiw:
17:41 jcockhren I'm using firefox 20.0 on ubuntu
17:41 m0hit joined #salt
17:41 ze- ok, file.managed: - content: {{ filecontent }}
17:41 ze- won't work
17:41 ze- encoding troubles :(
17:43 jcockhren https://support.mozilla.org/en-US/questions/954762
17:43 jcockhren just saying
17:43 josephholsten joined #salt
17:44 Thiggy joined #salt
17:44 mpanetta joined #salt
17:46 ze- http://pastebin.com/vQ7WBiA6
17:46 dranger joined #salt
17:46 ze- any way to get "long, multi-line" content in a sls with a better way ? ( UtahDave ?)
17:51 UtahDave ze-: I'm not sure. Let me ask whiteinge
17:57 mofomikes joined #salt
17:58 ze- (typo, was missing a s, but that doesn't change the point :)
17:58 jasonrm joined #salt
17:58 ze- and now, it works! at last :)
17:59 adepasquale joined #salt
17:59 dranger_ joined #salt
17:59 Linz joined #salt
18:02 claudep left #salt
18:04 snuffeluffegus joined #salt
18:04 Topic for #salt is now Welcome to #salt - SaltConf in January!! http://saltconf.com | 0.17.1 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers - Channel logs are available at http://irclog.perlgeek.de/salt/
18:06 UtahDave Salt 0.17.1 has been pushed to github and pypi.   Our packagers didn't get any advanced notice on this one, so please be patient as they work to get those built and pushed out.
18:06 Corey Uh...
18:06 Corey :-)
18:07 jesusaurus UtahDave: not using the new version scheme yet?
18:07 forrest UtahDave, will there be a changelog entry available for the 0.17.1 release? Or a list of bug fixes?
18:07 forrest not till what would be 0.17 jesusaurus :P
18:07 jmlowe joined #salt
18:07 forrest err 0.18
18:07 jesusaurus forrest: ahh, okay, cool
18:07 jmlowe Where can I find saucy builds?
18:08 UtahDave jesusaurus: Yeah, 0.17.1 is just a bugfix release.  The next full version will have the new naming scheme
18:08 schmichael left #salt
18:08 UtahDave forrest: Yeah, the changelog is already in the repo
18:08 forrest UtahDave, awesome
18:09 Corey forrest: I thoght you were calling 0.18 "jesusasaurus", much as I mockingly call it "Slippery Dingus." :-)
18:09 UtahDave jmlowe: Well, since saucy was just released, I imagine Corey will attempt to build for it
18:10 forrest jesusaurus doesn't get a release named after him until salt-shaker works like puppet parser :D
18:10 UtahDave Corey: lol
18:10 forrest slippery dingus though? That's... odd
18:10 jesusaurus forrest: haha, dont hold your breath
18:10 forrest jesusaurus, I know, I've been wanting to work on it a bit myself, but this whole 'life' and 'non-it' hobbies gets in the way
18:11 forrest Things like... eating, and sleeping, and exercise.
18:11 jesusaurus silly habits
18:11 forrest I know :\
18:11 forrest it's as if I wanted to be a well rounded individual
18:12 forrest Clearly, should bask in the glow of my monitor at all times. Actually that reminds me, the latest f.lux release is out
18:12 jbunting joined #salt
18:12 forrest with some VERY nice improvements
18:12 forrest so if you write code late at night, and want to actually be able to sleep, it's pretty slick.
18:12 jesusaurus f.lux?
18:13 forrest yea
18:13 forrest my favorite application for my PC
18:13 forrest well, one of them
18:13 forrest It's #1 in the 'oh my eyes no longer burn like the sun' category
18:13 jesusaurus ha, i need to check this out
18:14 forrest I can almost promise you'll like it, I have yet to meet anyone who didn't.
18:14 forrest and free obviously
18:14 jasonrm joined #salt
18:17 mofomikes hey guys, is it possible to send a execution command that uses grain data?
18:18 mofomikes i believe i read you can pull grain data in a state file
18:18 forrest mofomikes, http://docs.saltstack.com/ref/cli/#targeting-with-grains
18:18 mofomikes forrest: thats just for targetting right?
18:19 UtahDave mofomikes: yeah, and in your state file grains are availabe in jinja in the 'grains' dict
18:19 jmlowe huh, I could have used compound targeting earlier today
18:19 UtahDave mofomikes: and if you're writing your own module there is the __grains__ dict as well
18:19 forrest mofomikes, yea that's for targetting, sorry I thought you were talking about the command line, not via states, but you can still do so in states.
18:20 mofomikes im thinking more like   salt 'sometarget' test.echo "{minion_grain_dic}"
18:20 forrest You want to pass grain data as part of the command?
18:20 forrest jmlowe, well now you can!
18:20 mofomikes to have the minion replace a portion of the command with its grain data, yea
18:20 ajw0100 joined #salt
18:21 keen joined #salt
18:21 forrest I actually don't know then mofomikes, I've never seen anyone do that. UtahDave, any idea?
18:22 mofomikes i mean, how would one send an execution command that needed sensitive information in it? like a username/pass
18:23 ajw0100 joined #salt
18:24 forrest mofomikes, pillar?
18:25 forrest http://docs.saltstack.com/topics/tutorials/pillar.html#setting-up-pillar talks about how you can call salt '*' pillar.items to pull the data from pillar
18:25 forrest I know you can target based on pillar data, but I don't know if you can pass through value from pillar when running a command straight from the command line
18:25 forrest that would be pretty slick
18:26 mofomikes for more context in what im trying to do, i created a module to perfrom an subversion switch, but the actual command requires a username/password to be specified
18:26 forrest gotcha
18:27 mofomikes if i can enter those credentials in pillar, and just specifiy in the execution command to use that pillar data... that would be perfect
18:27 mofomikes not sure if thats possible or the syntax
18:27 forrest yea, especially since it's subversion there's no support for that in a state right now as far as I know.
18:27 mofomikes yep
18:28 forrest so I have no idea about a straight up execution command
18:29 forrest that would be cool functionality though mofomikes, if no one has a solution you should throw that in as a request for command line execution. There's already a ticket for subversion support.
18:29 mofomikes if the svn state could be defined so that if the checkout target wasn't the same as the one defined in the state file, it would perform a svn switch... then that would be great.  i could just do a highstate call to have the checkout switched through the state defintion
18:29 UtahDave mofomikes: the only problem I see with that is if Salt interpolates those variables, it would be very easy to inject extra commands.  We'd have to really evaluate security with that
18:30 jesusaurus forrest: fwiw you can pass pillar='{"key": "value"}' on the command line, i have a script that abuses that for deploying a galera cluster
18:31 UtahDave jesusaurus: ah yes. very nice
18:31 forrest mofomikes, https://github.com/saltstack/salt/issues/6528 is the subversion issue if you wanna track it. looks like shadowfax-chc has been doing some work on it.
18:31 forrest yea I saw that jesusaurus
18:31 forrest but I wouldn't pass secure data through there.
18:31 mofomikes brb
18:31 Jahkeup joined #salt
18:32 jesusaurus forrest: i dont see how its any different than passing secure data through a pillar file, myself. bit it is just a quick and dirty way to set a value
18:32 jbunting joined #salt
18:32 forrest jesusaurus, I imagine it's more for the command logging than anything.
18:33 forrest it would be in your command execution history
18:34 forrest but you'd have to ask mofomikes, maybe he has specific security concerns.
18:34 jesusaurus on the salt master. and if you are running those commands you would also have access to the pillar files on the master. i dont see it as a matter of security, i see it as a bad practice because of accountability and auditing of what was run on a given minion
18:36 jcockhren as soon as ubuntu packages appear for 0.17.1, I'm on it! \o/
18:36 jmlowe jcockhren: +1
18:38 forrest jesusaurus, I agree with you.
18:38 forrest deep breaths :P
18:38 forrest jcockhren, yea I'll spin it up on the boxes I'm using to test halite configuration
18:39 dranger joined #salt
18:40 pentabular joined #salt
18:42 mofomikes Jesusaurus: I'm ok with defining the info in a pillar file
18:42 mofomikes can pilliar data be used in an execution command?
18:42 forrest right but there's still the issue of passing that data through to the actual execution command, which I haven't seen done
18:43 jesusaurus mofomikes: yeah, i would recommend it. but its good to know you can pass it on the command line for testing :)
18:43 m0hit joined #salt
18:43 jesusaurus mofomikes: im still not sure what you mean by in an execution command
18:44 mofomikes like    salt 'target' test.echo 'this is is sensitive:  {pillar:data}'
18:44 mofomikes if that is possible
18:45 mofomikes sorry im still unfamiliar with all the terminology/syntax
18:46 jesusaurus well that would be dependent on the module function you are using (in your example test.echo)
18:47 jesusaurus i dont think any module functions are written to parse for that kind of thing like that
18:48 jcockhren halite is made to be ran from a master right?
18:48 jcockhren not really seeing how one would point it to a remote master
18:48 jesusaurus is it? im not familiar with halite or salt-api, but i thought that they were meant to be used together
18:49 jcockhren halite doesn't use sa;t-api anymore
18:51 shadowsun joined #salt
18:52 hjubal joined #salt
18:52 jcockhren it says that in the readme in the repo
18:52 jcockhren I was shocked when I saw that
18:52 Jahkeup joined #salt
18:55 ubercore There are some commands that will allow you to specify a template type for the command arguments
18:55 ubercore but not all
18:56 ubercore archive.tar for instance
18:56 ubercore actually, all of the archive commands do, but test.echo may not
18:59 m0hit_ joined #salt
18:59 aboe joined #salt
19:03 jcockhren does external_auth requires the use of client_acl?
19:03 shinylasers joined #salt
19:03 jcockhren (when using pam, for instance)
19:04 Sypher joined #salt
19:06 pentabular1 joined #salt
19:09 cshuman joined #salt
19:10 ubercore jcockhren: I don't think so
19:10 danielbachhuber joined #salt
19:11 ubercore I think resolution against the acl happens after authentication has completed, so they'd be mostly independent
19:11 noxeor joined #salt
19:12 amckinley joined #salt
19:13 josephho_ joined #salt
19:14 noxeor Hello, Salty geniuses!  Noob here needs some help. :)   Just configuring my first experience with Salt.  I'm creating my first sls file to manage a config file state and contents.  Having trouble figuring out how to format it to use "file.managed" to apply mode,user,group and "file.append" to enforce existence of a particular line simultaneously.  ... Giving me error "contains multiple state decs of the same type"
19:14 newbie81 joined #salt
19:14 saras boo\
19:15 bhosmer joined #salt
19:15 noxeor waah
19:15 saras is their any work to support osv in salt
19:15 saras http://www.osv.io./
19:15 timoguin noxeor, pastebin of the state file would help. ;-)
19:17 noxeor sure ;)
19:20 linjan joined #salt
19:20 ubercore noxeor: a pastebin will still be very helpful, but this is also likely what you'll need to look at, based on what you've said so far: http://salt.readthedocs.org/en/latest/topics/tutorials/states_pt2.html#call-multiple-states
19:21 noxeor seem to be having trouble pasting it in here; need to do anything special? :P
19:22 shinylasers joined #salt
19:22 Sypher joined #salt
19:23 noxeor need to escape the backslashes or something?
19:23 ubercore You should use something like a github gist or pastebin, and just post the link
19:24 ubercore past that, it just depends on your client and your machine, not IRC or this room
19:25 pipps1 joined #salt
19:31 rgbkrk joined #salt
19:34 saras any one have idea if their any way to use salt with  erlang on xen or osv
19:34 ubercore saras: it depends on what you want to do, really
19:34 noxeor http://pastebin.com/rPCN28SM
19:35 saras ubercore: what can i do is their some doc for it
19:35 ubercore What do you /want/ to do with it?
19:35 noxeor so there's a simple example.  I'm sure you can see what I am TRYING to do :)
19:36 ubercore noxeor: I think you need to move .managed and .append underneath file
19:36 noxeor i tried that as well, but maybe just couldn't get the syntax right
19:38 krissaxton left #salt
19:39 noxeor now I get "Too many functions declared in state "file" in sls blah"
19:39 krissaxton joined #salt
19:41 ubercore can you paste what you tested to trigger that error?
19:42 saras ubercore: think just start and stop node and tell them to join  erlang cluster
19:42 noxeor http://pastebin.com/Mp6U4ESS
19:42 noxeor tried following the formatting provided in your link...
19:43 snuffeluffegus joined #salt
19:44 ubercore noxeor: this is kind of an untested guess, but if it works, it would look more like this: http://pastebin.com/30DTvaLP
19:45 noxeor thanks, I'll try it out.  Is this not a common practice?  I figured it'd be pretty common to want to enforce file ownership and permissions along with file contents in one fell swoop ?
19:45 ubercore It is, but people generally will provide the contents of the file with a template, and so they don't need to append
19:47 noxeor yeah I tried that format too ... now get:  render error: mapping values are not allowed here   in "<string>", line 5, column 13:           - mode: 644
19:47 ubercore generally append and comment are for files managed outside of salt, in which case they would already exist with proper permissions
19:47 mofomikes joined #salt
19:47 noxeor I gotcha.  That makes total sense.  I'm still really in testing phase to show the boss what it can do :P
19:49 foxx joined #salt
19:50 noxeor I guess my thought process there was let's say I have 10 hosts with all different entries in a file.  I want to make sure they each have "blah" but want to preserve the rest, then a blanket template copy wouldn't really do it.  Granted I don't know if I'll ever really need to do that but I (perhaps foolishly) assumed it would work :)
19:50 noxeor thanks for the help.  For now I'll just clobber the file :]
19:52 ubercore There's probably a succinct way to make it work the way you want
19:52 ubercore but what you can do is just change the top level names of the declarations
19:52 LarsN joined #salt
19:52 abe_music joined #salt
19:53 noxeor Ah I think I see where you're going with that
19:53 xuru joined #salt
19:54 ubercore untested, may need tweaks, but similar to: http://pastebin.com/gkquyJUG
19:55 Ahlee Anybody seen numerous minions spawning?
19:55 Ahlee like this host currently has 31 minions
19:57 Jahkeup joined #salt
19:57 JasonSwindle left #salt
19:58 noxeor worked perfectly.  Thanks, ubercore! you are the most uber of all the cores.
19:58 forrest minion processes Ahlee?
19:58 ubercore no problem
20:00 srage joined #salt
20:00 Teknix joined #salt
20:01 mofomikes joined #salt
20:03 srage joined #salt
20:04 lineman60__ I'm setting up a mysql database in saltstack, can I do a saltstack.mysqldump or something like that?  ALso is there a way to run the mysql_secure_installation script from saltstack?
20:05 josephholsten joined #salt
20:05 ubercore lineman60__: you can use cmd.run to run anything
20:06 ubercore I don't see a state or module for running mysqldump directly, but again you can use cmd.run
20:06 lineman60__ Will that accept input, the secure install scipt promts for root password and remove test db, ect
20:07 ubercore http://salt.readthedocs.org/en/latest/ref/states/all/salt.states.cmd.html#module-salt.states.cmd
20:07 lineman60__ cool thanks, I didn't think to lookup the command
20:07 ubercore no problem
20:08 * lineman60__ RTFM FTW
20:08 redondos joined #salt
20:08 redondos_ joined #salt
20:08 pentabular joined #salt
20:09 pipps joined #salt
20:09 ubercore Salt's docs (imo) can take some getting used to initially, but once you know what to look for a little bit they're very comprehensive
20:10 Ahlee And how.
20:11 mofomikes joined #salt
20:14 forrest ubercore, are you talking about specifically the state docs versus the module docs and how that's set up?
20:14 mpanetta_ joined #salt
20:14 ubercore Nope, just overall. As a beginner, I found it a bit overwhelming to figure out where to look
20:15 ubercore which isn't entirely unexpected, just an observation more that a criticism
20:18 forrest fair enough, there is a lot of stuff to take in
20:21 mannyt joined #salt
20:25 ubercore So kind of a general question that I haven't explored yet. My experience so far has been that salt's file server is /really/ good. Distributing files out to minions seems to perform really well. Is that the consensus, and if so, would it be a mistake to start leaning kind of heavily on it?
20:26 ubercore And if I started to abuse it, would I start hitting limitations I don't see now, or do people generally expect it to scale well with the salt master?
20:27 forrest There have been a few guys in here that have had issues ubercore
20:27 forrest but they were trying to do gig+ size files
20:27 TheCodeAssassin joined #salt
20:27 pipps joined #salt
20:27 forrest And that issue might have been network related, and not salt related, there was never consensus
20:28 forrest But what do you mean by 'heavily'?
20:28 UtahDave joined #salt
20:30 ubercore Not sure yet. I just felt warm and fuzzy when I saw that it was performing really well
20:31 ubercore so I'm hatching plans to take advantage of it. I really don't know yet, but I wanted to ask just in case there was a really well known "don't do that" consensus
20:31 ubercore (which it sounds like there isn't, with caveats ofc)
20:31 UtahDave ubercore: sorry to jump in late.  What were you asking about?
20:32 ubercore UtahDave: Just if there are any huge gotcha's buried in the salt file server
20:32 ubercore s/'//
20:32 jmlowe left #salt
20:32 UtahDave oh, not really.  It's pretty awesome
20:32 UtahDave any particular worries you had?
20:32 ubercore I've started thinking of other ways I'm going to take advantage of it, but I didn't want to get ahead of myself
20:32 ubercore nope, nothing in particular
20:33 ubercore to give you an idea though, I need an updated version of stud on my minions. Since Ubuntu hasn't packaged anything new (because the project is a little bit head), I'm just going to push out a tarball and install from that
20:33 ubercore so I don't have to rely on the existence of Github to download from
20:33 pentabular joined #salt
20:34 ubercore I'm also going to hatch some crazy plans around sharing media files between application server, so I don't have to worry about NFS, but that's a really nascent idea still.
20:36 UtahDave Yeah, the saltfileserver should work great for all those use cases.
20:36 juicer21 joined #salt
20:36 darrend joined #salt
20:37 tempspace Is there any documentation on the new testing stuff Saltstack is using for 0.17 using salt-cloud+jenkins?
20:37 ubercore Awesome, thanks. Gives me some confidence to keep scheming.
20:39 UtahDave tempspace: mostly in the tests directory in jenkins.py
20:39 UtahDave https://github.com/saltstack/salt/tree/develop/tests
20:39 ajw0100 salt newbie here. have a masterless minion installed on an Ubuntu Server 12.04.3 64 bit VM. Host is Mac OS X 10.8.5 64 bit.
20:40 foxx UtahDave: when you get a sec, i think these and related tickets can be marked as resolved, as per my comment on https://github.com/saltstack/salt/issues/4410#issuecomment-26546539 - related #5567, #4410, #51, #4975
20:40 UtahDave let me see...
20:41 ajw0100 Everything was working great and I was iteratively building and testing a state tree. Started with just an apache webserver like in the tutorials then started adding git, editors, etc. Just basic stuff from the saltstack-formulas github account. When I added the apt-formula I started getting a traceback. vagrant destroy the VM and then pared down the state tree to just emacs. vagrant up the vm and still get a traceback
20:41 ajw0100 https://gist.github.com/ajw0100/7031627
20:43 ajw0100 could it be related to this recent issue? https://github.com/saltstack/salt/issues/7466
20:43 foxx UtahDave: in a nut shell, the problem had been there since day 1. investigated, found the problem, patched, merged 4 months ago into develop and 0.17.1, no updates since from anyone on 0.17.1 and works fine for me,
20:43 ldlework ajw0100: it looks like your topstate isn't a dictionary
20:44 ldlework err sorry
20:44 ldlework your emacs state
20:44 ldlework isn't a dictionary
20:44 ldlework emacs:
20:44 forrest ubercore, yea all of that sounds totally do-able.
20:44 ubercore yaml formatting in that topstate looks off, too
20:44 UtahDave ajw0100: indent "- edit.emacs"  by two spaces
20:45 ubercore If I hate sls trouble, I often fire up python and pyyaml to test how it parses
20:45 Linz joined #salt
20:45 UtahDave foxx: OK, I'll let them know.  Thanks!
20:45 ubercore that often makes the issue really clear
20:45 foxx UtahDave: great stuff, thanks man
20:45 UtahDave You're welcome!  Thanks for your help!
20:45 foxx np at all
20:46 ubercore s/hate/have
20:46 ubercore I guess I should stop trying to type words today
20:46 forrest ubercore, nah I still have you beat on typos
20:47 alunduil joined #salt
20:48 ubercore Guess I'm in good company then
20:48 forrest I wouldn't go that far!
20:49 redondos joined #salt
20:52 ajw0100 ldlework wow should have noticed that when I pasted into gist. thanks.
20:53 forrest ajw0100, you can also try using the test option next time
20:53 forrest salt-call -l debug state.sls statefile.sls test=True
20:54 amckinley joined #salt
20:55 shomodj joined #salt
20:56 UtahDave foxx: are you testing this in develop or 0.17.1?
20:57 ajw0100 forrest cool thanks!
20:57 forrest yea np
20:58 abe_music joined #salt
20:59 foxx UtahDave: the last i tried it was against develop, i got 0.17.1 from the parent ref of that pull
20:59 foxx (this was about 4 months ago), havent been an issue since
21:01 jbunting joined #salt
21:05 xuru Q:  I have a vagrant vm running as a salt master, and I want to run salt commands on my laptop to talk to it (i.e. salt '*' test.ping).  Is that possible?
21:05 xuru I keep getting "Failed to connect to master"
21:05 ubercore xuru: sure, if you forward the ports and accept the keys
21:05 ubercore xuru: it's probably easier to create 2 machines in vagrant and have them talk to each other
21:05 druonysuse joined #salt
21:06 xuru hmm… ok, I'll try that.  Thanks
21:06 jimallman joined #salt
21:06 druonysuse joined #salt
21:06 UtahDave ok, thanks foxx
21:07 pentabular joined #salt
21:07 xuru do you guys use vagrant to test between master and minion?
21:07 xuru got a vagrantfile?  :)
21:07 mpanetta joined #salt
21:07 ubercore xuru: http://pastebin.com/SwQP7AjR
21:07 foxx np
21:07 ubercore no promises that it's the best, but it's what works for me right now
21:08 xuru sweet, ty
21:08 mwillhite joined #salt
21:08 forrest You guys could also look at: https://github.com/saltstack/salty-vagrant
21:08 juicer2 joined #salt
21:08 forrest for pushing the vagrant file, or there is a super simple one in there.
21:08 StDiluted i use salty-vagrant
21:09 StDiluted works great
21:09 forrest StDiluted, yea I know you do :P
21:09 xuru forrest: has salt support now
21:09 forrest xuru, ?
21:09 xuru oops, vagrant has salt support now
21:09 forrest oh yea
21:09 forrest lol I was confused, sorry
21:09 xuru hehe, missed a word there
21:09 ubercore I don't think salty-vagrant does master and minion, but otherwise yeah that's probably what you want to use :)
21:09 Linz joined #salt
21:10 StDiluted it can if you use a minion file that specifies your master
21:10 ubercore By that I mean two different vms
21:10 forrest StDiulted, + 1
21:10 StDiluted ahh
21:10 juicer2 joined #salt
21:11 gldnspud joined #salt
21:11 forrest jesusaurus, did you get a chance to check out f.lux?
21:13 saras how much xen support is their
21:13 saras in salt
21:14 snuffeluffegus joined #salt
21:14 xuru ubercore: This is my Vagrantfile that I'm using now.  It seems to work for both vms  https://gist.github.com/xuru/7032296
21:14 xuru just need to fix a couple of things like pre-seeding
21:15 juicer2 joined #salt
21:15 ubercore Looks pretty reasonable!
21:15 jesusaurus forrest: yeah, havent had a chance to actually play with it yet though. i'll do that after sunset :)
21:15 rgbkrk joined #salt
21:16 forrest if you already installed it you won't even notice
21:16 forrest until you turn it off late at night and are blinded
21:16 jacob_s joined #salt
21:18 cewood joined #salt
21:18 jesusaurus oh, nice
21:25 mannyt joined #salt
21:26 forrest the tansition period where it dims your screen is extremely slow (unless you set it differently), so it will give you a natural decline based on where you're located.
21:29 premera joined #salt
21:31 dccc joined #salt
21:32 premera In my minion logs I see a lot messages like this when I execute state.sls from the master. Does it mean those files are loaded every time by minions ? Any way to avoid that ? I use salt v0.16.4  [salt.fileclient  ][INFO    ] Fetching file 'salt://apache-22-instance/logrotate.sls'
21:32 ubercore For cmd.run's onlyif and unless, "True" in that context means a 0 return code, correct?
21:34 giantlock joined #salt
21:35 cachedout joined #salt
21:38 vkurup joined #salt
21:40 pipps joined #salt
21:41 forrest premera, the state data has be be moved from the master to the minion, if it didn't pull it down when you ran the command, the changes you made wouldn't get applied as it would have a cached version on the minion
21:42 premera thanks forrest, so to clarify it, does it do it blindly every time ? no checks if cached version is already on the minion ?
21:42 forrest premera, I don't know if it does a comparison check against what is currently on the minion, versus what is on the master.
21:43 forrest basically the state files just get transferred to the minion, and then the minion is doing all the work
21:44 forrest so the data being moved over the wire when you run the state is minimal
21:44 premera in the master config file, there is a variable "hash_type: md5", so I was hoping it was doing checksum comparison before doing transfers
21:44 forrest it just builds it into a big... list I think? and shoots that over.
21:44 forrest it might be, UtahDave, can you provide some insight on that?
21:44 alunduil joined #salt
21:45 premera The description for this variable say: " The hash_type is the hash to use when discovering the hash of a file on the master server"
21:45 UtahDave Yeah, I believe it does a checksum comparison before downloading
21:45 forrest premera, there's no log data that says whether it downloaded or did not right?
21:46 pdayton joined #salt
21:46 premera I used only INFO verbosity, so it only says " [salt.fileclient  ][INFO    ] Fetching file 'salt://apache-22-instance/logrotate.sls'"
21:47 forrest can you turn on debug and see what you get?
21:47 mwillhite joined #salt
21:48 forrest Are you concerned about that transfer for some reason? I'm just curious
21:48 forrest it's such a small amount of data that zeromq pushes to the minion
21:49 premera I did not design my states properly, so I keep a lot of file in there, for example whole tomcat, and the transfer is over wan so the whole process is annoyingly slow for development
21:50 premera but yeah, will probably test it at higher verbosity to understand it
21:51 forrest premera??
21:51 forrest When you run a state file, that simply pushes the state
21:51 forrest the actual actions are being taken on the minion, by the minion
21:51 forrest the master just says 'hey stupid, I compiled this thing together, do something with it'
21:51 UtahDave forrest: Yeah, but you can push files down from the master for install
21:52 forrest UtahDave, oh yea if you're doing it like that
21:52 forrest but that makes me sad
21:52 forrest gitfs!
21:52 premera from what I am seeing in the logs it does not send cumulative state for processing but rather all the files I have on my master under /srv/salt/
21:52 forrest yea I wasn't thinking about them only living on the master premera
21:53 forrest my apologies
21:54 premera no problem, thanks for the discussion, will try to get to the bottom of it
21:54 premera unrelated question, is it a known bug that v0.17.0 renders yamls list as a dictionary rather than as a list as it was the case in v0.16.4
21:56 mannyt joined #salt
21:56 UtahDave premera: can you test that against the develop branch?
21:56 premera kk, will do
22:01 Teknix joined #salt
22:02 vkurup` joined #salt
22:05 jcockhren premera: I totally was hitting that one over and over
22:08 premera good to know jcockhren I am not seeing things, however just to claify I meant "multiline yaml scalar" not yaml list per se
22:09 pentabular joined #salt
22:14 mpanetta_ joined #salt
22:20 rawzone joined #salt
22:22 rawzone joined #salt
22:30 ajw0100 joined #salt
22:31 kermit joined #salt
22:34 pipps joined #salt
22:35 pipps3 joined #salt
22:36 jefimenko joined #salt
22:37 krissaxton joined #salt
22:37 Teknix joined #salt
22:37 saras can some do me quick fav
22:38 saras go to devryu.net see if it loads please
22:40 josephholsten joined #salt
22:40 alunduil joined #salt
22:41 rgbkrk saras - is that for DeVry University?
22:41 saras yes
22:41 rgbkrk Wouldn't that normally be at devry.edu?
22:41 rgbkrk I can wget it just fine. :-/
22:41 saras that is the class login page
22:42 forrest works fine saras
22:42 saras forrest: thanks
22:43 forrest np
22:43 saras http://www.devryu.net/ this is working right
22:44 forrest that's where I just went
22:44 saras forrest: thanks very much
22:44 forrest are you not seeing the access in the server logs?
22:44 saras forrest: can you get the ip for me
22:44 saras maybe my dns is scewed
22:44 ajw0100 joined #salt
22:44 forrest 74.63.191.216
22:45 rgbkrk Same here
22:47 krissaxton joined #salt
22:51 honestly oh oh guys
22:51 honestly go to https://www.moodle.tum.de with a browser that checks revocation lists
22:51 honestly like chrome
22:52 foxx honestly: huh?
22:53 honestly "You attempted to reach www.moodle.tum.de, but the certificate that the server presented has been revoked by its issuer." <- on my chromium
22:53 foxx hmm, it doesnt show that for me
22:54 foxx honestly: wat does this have to do with #salt btw?
22:54 foxx what*
22:54 honestly nothing!
22:54 honestly I just saw you were messing around with edu domains
22:55 foxx i.. i dont understand. what does .edu have to do with www.moodle.tum.de?
22:55 foxx im confused :/
22:56 honestly foxx: it's a site belonging to TU München
22:56 honestly (tum.edu)
22:56 forrest it has nothing to do with salt foxx, sometimes things go a bit off-topic, saras asked us to check to see if a domain was loading, it is,
22:56 foxx ahhhhh
22:56 foxx okay now i understand, sorry i saw a "oh oh" message and thought it was something bad about salt
22:56 foxx my bad, sorry guys
22:57 forrest jeez foxx, freak out
22:57 forrest :P
22:57 honestly lol
22:57 honestly interestingly
22:57 honestly this is what openssl says
22:57 foxx forrest: lmao yes. ive done that a few times today!
22:57 honestly Verify return code: 19 (self signed certificate in certificate chain)
22:57 forrest laaaaaame
22:57 honestly I think chromium might be screwing up
22:58 saras would it be possible to build a minon for salt in say erlang or elixir
22:58 foxx cert shows as;
22:58 foxx CN = Deutsche Telekom Root CA 2
22:58 pipps joined #salt
22:58 foxx (for me at least)
22:59 forrest *shrug*
22:59 honestly yeah
22:59 mofomikes joined #salt
22:59 foxx its the NSA
22:59 foxx they are messing with your certs
22:59 honestly http://paste.ubuntu.com/6253797/
22:59 saras foxx: is their minon in other languegs
23:00 xuru left #salt
23:00 honestly it's probably because I removed the Telekom Root CA from my cert store
23:00 forrest saras, as far as I am aware there is not
23:00 foxx lol wtf? how comes you removed that from your cert store?
23:00 foxx are they unworthy of trust?
23:00 saras forrest: you any idea how to stat with that
23:00 honestly yeah, I'm pretty sure they give out sub-CAs to the german government
23:01 forrest saras, what do you mean?
23:01 foxx ah
23:01 honestly and I don't want to get pwnd by the german government (:
23:01 foxx lol im more worried about US govt.. i think privacy in germany is probably the best in the world right now :X
23:01 josephho_ joined #salt
23:01 honestly hahahaha
23:02 honestly I wish
23:02 foxx (at least, thats what i was lead to believe lol)
23:02 honestly BND has helped NSA set up intercepts on german exchanges
23:02 foxx :|
23:02 honestly in return NSA gives all the data they grab from there to BND
23:02 honestly because BND isn't allowed to do it themselves
23:02 josephho_ joined #salt
23:02 foxx i thought germany was supposed to be uber sensitive about this sort of thing, after the whole SS thing
23:02 saras forrest: thinking about using erlang on xen that will not have why to get python runing
23:02 honestly lol as if
23:03 foxx well ill be damned.
23:03 honestly german government and german agencies cooperate with NSA 100%
23:03 forrest saras, I don't understand what you mean, you're trying to use erlang on xen, but can't get python running?
23:03 honestly I think they really believe NSA is doing the right thing
23:03 honestly they're that stupid
23:03 honestly and evil
23:04 honestly germany has built a surveillance state on top of "ermagerd terrorism" and "ermagerd child porn"
23:04 foxx honestly: are you in germany? have you seen some of the ccc.de talks?
23:04 honestly yes
23:04 honestly I've seen a few ccc talks
23:05 honestly but I don't really follow them closely
23:05 foxx 1 sec
23:05 foxx 29c3 - Jacob Appelbaum
23:05 foxx http://www.youtube.com/watch?v=QNsePZj_Yks
23:05 foxx you should absolutely 100% watch this
23:05 foxx extremely interesting
23:05 honestly remember how I just referenced TUM
23:06 honestly Appelbaum and Dingledine gave a talk at TUM a few weeks ago
23:06 honestly I was there
23:06 foxx oh nice
23:06 honestly got the t-shirt to prove it
23:06 foxx did you shake his hand?
23:06 saras forrest: erlang on xen has no real os not even linux kernel just the hyper vise and the erlang run time vm even the network stack is runing in erlang
23:06 honestly lol
23:06 honestly (yes)
23:06 foxx epic. id like to see one of his talks one day
23:07 foxx and perhaps go to the next ccc meet
23:07 foxx (big meet)
23:07 honestly (he said "When you meet the bhudda on the road, kill him, but maybe not like that")
23:07 jergerber joined #salt
23:07 foxx LOL what the..
23:08 honestly it's a legit buddhist verse
23:08 honestly dunno where exactly it's from
23:08 foxx yeah i had to google it
23:08 foxx interesting
23:08 forrest saras, ahh ok, I have no idea :\
23:08 honestly obviously, if you meet a buddha, you should kill him
23:08 ubercore joined #salt
23:08 foxx ofc. lol
23:09 saras thanks
23:11 foxx honestly: http://www.youtube.com/watch?v=-bb1UvURZN8 this?
23:11 foxx oh wait no, https://gnunet.org/tor2013tum-video
23:11 foxx 4 hours long?!?!?!
23:11 honestly yep
23:12 foxx worth watching?
23:12 honestly it's aweomse,you should watch it
23:12 foxx *adds on todo list*
23:12 honestly (you can hear me yell "I want my t-shirt" at some point!)
23:12 foxx haha
23:13 honestly also do me a favour
23:13 foxx sure
23:13 honestly and make a note of the time every time they mention windows
23:13 honestly I want to cut those all together
23:13 saras by
23:13 foxx lmao, okay ill add that onto the todos as well - you in here often?
23:13 honestly to make a 5-minute video of roger dingledine and jacob appelbaum saying "stop using windows" :D
23:13 foxx lmao
23:14 foxx yeah ive come to the conclusion that getting privacy is a very difficult thing to do
23:14 foxx its not just software, but opsec too
23:14 honestly first step: stop using windows
23:14 honestly :P
23:14 foxx sat in the top of a tower somewhere with a 25km ubnt dish :)
23:14 foxx lmao yes.
23:14 honestly haha
23:15 honestly just use seven proxies
23:15 foxx raspberry pi with seperate interfaces, no updates, uber locked down, randomized mac, force nic 2 to only route via tor+vpn
23:16 honestly I have a hardened raspberry pi that keeps my primary keypair
23:16 honestly (it's not really hardened)
23:18 honestly also, ssllabs.com trusts moodle.tum.de's certificate 100%
23:18 honestly very weird that chromium thinks it's revoked
23:20 SgtMalicious left #salt
23:20 josephholsten joined #salt
23:25 vespakoen joined #salt
23:26 pentabular joined #salt
23:27 vespakoen Hey guys, I have a couple of git projects that salt checks out on my server, after it has done this, I want to use a file from within the git repo as the source for a "file.managed" command, however, it seems the file:/// protocol it not supported, is the only alternative I have to add all my projects to gitfs_remotes or is there a better solution to do this?
23:27 pentabular joined #salt
23:29 __number5__ vespakoen: you don't need file:/// just /path/to/your/file
23:30 vespakoen =|
23:30 vespakoen if that works I will punch myself in the face =P
23:32 Brew joined #salt
23:32 josephholsten joined #salt
23:35 Brew1 joined #salt
23:35 vespakoen [INFO    ] {'new': 'file /etc/nginx/sites-available/www created'}
23:35 vespakoen ouch, that hurt
23:36 __number5__ honestly: the certs on moodle.tum.de is for www.moodle.tum.de
23:37 honestly __number5__: yeah but only www.moodle.tum.de is used
23:38 __number5__ honestly: my Chrome is ok with https://www.moodle.tum.de
23:38 josephholsten joined #salt
23:38 honestly __number5__: you probably haven't removed the root ca from your trust root
23:41 __number5__ why should I do that?
23:44 josephholsten joined #salt
23:46 honestly ¯\_(ツ)_/¯
23:46 honestly 01:01:23 < honestly> and I don't want to get pwnd by the german government (:
23:46 honestly augh
23:47 honestly 01:00:59 < honestly> yeah, I'm pretty sure they give out sub-CAs to the german  government
23:47 honestly that first
23:48 josephholsten joined #salt
23:48 krissaxton joined #salt
23:50 josephho_ joined #salt
23:50 delnaught joined #salt
23:51 __number5__ haha, if you don't trust root CA then your Chromium is doing the right thing
23:51 delnaught left #salt
23:51 honestly it
23:51 honestly it isn't
23:51 honestly chromium says the certificate is revoked
23:51 vespakoen __number5__, I get: ValueError: unknown url type: /home/trapps/app/vhost
23:52 vespakoen it worked before because I didn't have the source: property set in my file.managed options, it was still named target: from the symlink that it was before
23:52 honestly for all other telekom-signed certs it just says "this cert isn't trusted" and allows me to override
23:53 __number5__ vespakoen: can you paste your sls to gist or other pastebin?
23:55 vespakoen __number5__,
23:55 vespakoen http://hastebin.com/baponerode.yaml
23:55 vespakoen oops
23:56 ajw0100 joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary