IRC log for #salt, 2016-12-19

Time	Nick	Message
00:03		tobiasBora joined #salt
00:12		dxiri_ joined #salt
00:17		amontalban joined #salt
00:17		amontalban joined #salt
00:22		madboxs joined #salt
00:43	hexa-	augeas with sshd via salt is just painful when it comes to sshd.lns caveeats
00:43		DEger joined #salt
00:45	hexa-	trying to insert hostkeys before the match block like
00:45	hexa-	- rm HostKey
00:45	hexa-	- ins HostKey before Match
00:45	hexa-	- set HostKey[n] path
00:46	hexa-	it will always tell me it was unable to save the file
00:46	hexa-	that's not very helpful
00:46		dxiri joined #salt
00:48	hexa-	minion log be like
00:48	hexa-	2016-12-19 01:47:49,856 [salt.state ][ERROR ][21928] Error: Unable to save to file!
00:48	hexa-	on loglevel debug
00:49		tobiasBora joined #salt
00:51		Hazelesque joined #salt
00:54		gentoo joined #salt
00:56		jeddi joined #salt
00:57	hexa-	turns out I have to ins for each HostKey
00:57	hexa-	even though it uses an array-like notation
00:59		anotherzero joined #salt
01:02		sh123124213 joined #salt
01:09		KevinAn27 joined #salt
01:17		DEger joined #salt
01:19		combinare joined #salt
01:22		tobiasBora joined #salt
01:33		shoemonkey joined #salt
01:37		madboxs joined #salt
01:43		madboxs_ joined #salt
01:44		vod1k joined #salt
02:01		stooj joined #salt
02:01		shoemonkey joined #salt
02:09		gentoo joined #salt
02:09		gentoo joined #salt
02:10		gentoo joined #salt
02:10		gentoo joined #salt
02:11		gentoo joined #salt
02:25		amontalban joined #salt
02:25		amontalban joined #salt
02:26		jeddi joined #salt
02:28		mavhq joined #salt
02:29		swills joined #salt
02:31		gentoo_ joined #salt
02:40		mpanetta joined #salt
02:40		evle joined #salt
02:41		sebastian-w joined #salt
02:48		ilbot3 joined #salt
02:48		Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
02:48		shoemonkey joined #salt
02:55		gentoo_ joined #salt
02:59		catpiggest joined #salt
03:02		m0nky_ joined #salt
03:03		sh123124213 joined #salt
03:03		skeezix-hf joined #salt
03:05		esharpmajor joined #salt
03:06		georgemarshall joined #salt
03:07		djhaskin987_ joined #salt
03:10		smcquay joined #salt
03:12		ws2k3 joined #salt
03:12		CaptTofu joined #salt
03:13		futuredale joined #salt
03:14		godlike joined #salt
03:14		godlike joined #salt
03:19		shoemonkey joined #salt
03:20		darvon_ joined #salt
03:23		k_sze[work] joined #salt
03:26		JamieH joined #salt
03:26		frew joined #salt
03:27		bastiand1 joined #salt
03:27		dxiri joined #salt
03:28		feld joined #salt
03:29		godlike joined #salt
03:42		madboxs_ joined #salt
03:45		JPT joined #salt
04:00		shoemonkey joined #salt
04:14		vodik joined #salt
04:27		amontalban joined #salt
04:32		hvn joined #salt
04:33	hvn	hi all, is there any exist effort to create something like "ansible galaxy" for Salt? in short, it is a command line tool to download (git pull) from GitHub a specified formula? Coz I'm thinking to create one
04:34		digitalhighway joined #salt
04:39	hemebond	hvn: How would that work?
04:39	hemebond	If I want a formula I just clone the repo and I'm done.
04:44	iggy	hvn: you mean like spm?
04:48		aidin joined #salt
05:00	hvn	hemebond: it more organized, it like will put the formula into /srv/salt or a configured place
05:00	hvn	iggy: I will have a look at spm, maybe the same
05:01	hvn	beside that, it has a dashboard for community, than current we only look at salt-formula github user, which is not user friendly and not meet all other community like Chef or Ansible
05:06		DEger joined #salt
05:08		dxiri joined #salt
05:13	hemebond	hvn: But can't you already kind of do that with gitfs for forumlas?
05:13	hemebond	I've not used formulas like that; I just clone the repo and symlink it where I want it available. Easier than playing with master config every time.
05:15	hvn	hemebond: we ditched the gitfs totally, it's painfully slow and consume CPU , so now just git clone in cron
05:15	hvn	hemebond: you have a good workaround, I don't say that is impossible for we to setup that but a tool to easy all that seems be good for everyone
05:22	hvn	I skimmed the spm and it seems also deal with pillar, which is different thing
05:22	hvn	and how does SPM doing, anyone really use it?
05:27		mattl joined #salt
05:31		om2 joined #salt
05:31		prg3 joined #salt
05:32		dxiri_ joined #salt
05:34		bocaneri joined #salt
05:47		DEger joined #salt
05:50		rdas joined #salt
05:56		dxiri joined #salt
06:10		preludedrew joined #salt
06:28		vodik joined #salt
06:31		bayindirh joined #salt
06:34		samodid joined #salt
06:42		mpanetta joined #salt
06:44		teclator joined #salt
06:48		sarlalian joined #salt
06:58		swa_work joined #salt
07:02	iggy	the maintainers of the formulas are already pretty overworked, I hope whatever you're planning doesn't add more work for them
07:07		DEger joined #salt
07:09		colttt joined #salt
07:12		hvn joined #salt
07:12		hvn joined #salt
07:29		amontalban joined #salt
07:30		nidr0x joined #salt
07:44		fracklen joined #salt
07:45		stooj joined #salt
07:45		aidin joined #salt
07:49	yuhl__	hi, I try to set up some configuration depending on the state of ipv6. How can I do to do something in a file template if and only if ipv6 contains more than "link local" (the one who starts with fe80 to talk to the router) and the loopback (::1)
07:51		dkrae joined #salt
08:02		sh123124213 joined #salt
08:15		uu joined #salt
08:18		sh123124213 joined #salt
08:23		sh123124213 joined #salt
08:28		o1e9 joined #salt
08:31		samodid joined #salt
08:33		aidin joined #salt
08:42		JohnnyRun joined #salt
08:43		darioleidi joined #salt
08:47		dunz0r joined #salt
08:58		SpX joined #salt
09:00		fracklen joined #salt
09:05		mikecmpbll joined #salt
09:05	hemebond	yuhl__: Use Jinja in your state to check the network grains.
09:14		keimlink joined #salt
09:18		sh123124213 joined #salt
09:24		ReV013 joined #salt
09:28	zer0def	um, quick question - is there any reason redhat network-scripts templates don't have an option which controlls whether you'd like your interface managed by NetworkManager or not? or is it just an oversight?
09:30		kbaikov joined #salt
09:35		Kelsar joined #salt
09:38		N-Mi__ joined #salt
09:39		s_kunk joined #salt
09:45	yuhl__	hemebond: I did it like this: {% if [e for e in q if grains["ipv6"] in ["fd69:620:600", "2001:620:600"]] %}
09:46	yuhl__	and it does not want to work
09:47	zer0def	i'm not sure list comprehensions work in jinja
09:53		onmeac joined #salt
10:01	babilen	They don't
10:15		jhauser joined #salt
10:20		oida joined #salt
10:20		dxiri joined #salt
10:21		greeny___ joined #salt
10:24		bluenemo joined #salt
10:32		amontalban joined #salt
10:32		amontalban joined #salt
10:33	yuhl__	zer0def: I also try with lambda and filter... but it does not seems to work neither
10:35	zer0def	yuhl__: let me just get that clear - you're looking for addresses with these prefixes, correct?
10:37	hlub	Hmm, I've organized my sls files to formulas, separate groups of sls and other files. It would be nice, if I can develop those formulas without creating too much dependencies between them. For instance, if a formula needs reactors, that means adding some configuration for the master. but the master configurations are generated within the salt formula...
10:38		jeddi joined #salt
10:39	zer0def	yuhl__: for starters, the ipv6 grain is a list, so you'll need to iterate over it and you'll most likely need to do a flag variable that gets set (or remains unset) if a set of conditions occur
10:40	hlub	what if I write a hack to the salt formula that searches for files salt:///reactors/.sls and automatically adds them to the reactor config. The event tags could simply be contained on the first line (commented) of those files.
10:42	hlub	any comments on this? :)
10:43		mpanetta joined #salt
10:46		Miouge joined #salt
10:49	babilen	hlub: What I would do is to ship certain information in the formulas pillar file .. That way you could have a "reactors: reactor_paths: - salt://foo_service/reactors" in the foo_service pillar SLS and rely on pillar merging to combine that in a coherent whole
10:50	babilen	If you use salt-formula for this you could also populate salt:reactor (cf. https://github.com/saltstack-formulas/salt-formula/blob/master/pillar.example#L218) from different, service specific, SLSs
10:50		raspado joined #salt
10:52	babilen	Alternatively stick to your salt:///reactors/.sls plan and parse the output of cp.list_master -- It really depends on the way you already configure your master really
10:53	babilen	But given that you need the event_match/SLS combo for reactors, it might be easiest to simply populate salt:reactor right away
10:54		stooj joined #salt
10:57		fracklen joined #salt
10:59	hlub	yeah, using the pillar might be the easiest way. However, I have tried to avoid such pillar configurations that are always required and really need not be customized.
10:59	hlub	i.e. trying to keep pillar as simple as possible.
11:01		mikecmpb_ joined #salt
11:01		sh123124213 joined #salt
11:02		N-Mi__ joined #salt
11:02		amcorreia joined #salt
11:04		mjimeneznet joined #salt
11:05		theblazehen joined #salt
11:07	mjimeneznet	Hello! Do you know a optimal way to do this? I'm getting Conflicting ID http://hastebin.com/tulevehide.cs
11:07	yuhl__	zer0def: exactly
11:07	R_afk	that doesn’t exist
11:07	R_afk	mjimeneznet^
11:08		stooj joined #salt
11:08		DEger joined #salt
11:09	yuhl__	zer0def: I'm okay to iterate against grains["ipv6"], but I'm not wanting to have an output for each value.
11:11	mjimeneznet	Reverend: What does not exists?
11:13		theblazehen joined #salt
11:19	Reverend	nevermind
11:19	Reverend	our internal dns borker
11:20	Reverend	mjimeneznet - your for loop is creating two `/etc/init.d/sidekiq-bla-blerp` files
11:20	Reverend	check your chache-file for duplicates
11:21		hvn joined #salt
11:23		const joined #salt
11:23	const	Hi, is it possible to use {% if my_var %} inside file.managed jinja template?
11:23	mjimeneznet	But I'm trying to create only on file if only is backend02 or backend04
11:24	mjimeneznet	if I remove one backend from the if, the task works
11:24	Reverend	try putting your for loop in a jinja template... and see what it outputs
11:25	zer0def	yuhl__: one doesn't imply the other, since all you could do is generate values as basis for rendering file content; even better, you could (and probably should) move that logic back to the sls and just pass a context variable to rendered file
11:29		cebreidian joined #salt
11:29		oida joined #salt
11:33		abednarik joined #salt
11:34		aidin joined #salt
11:52		mikecmpbll joined #salt
12:05		teclator joined #salt
12:07		Bico_Fino joined #salt
12:10		fgimian joined #salt
12:18		stooj joined #salt
12:26		stooj joined #salt
12:34		keimlink joined #salt
12:39		keimlink joined #salt
12:40	Reverend	mjimeneznet - did you figure it out?
12:44		mpanetta joined #salt
12:45		riftman joined #salt
12:45		keimlink joined #salt
12:46		johnkeates joined #salt
12:47		austin_ joined #salt
12:47		stooj joined #salt
12:49		Bico_Fino joined #salt
12:51	austin_	i'm looking to seed the syndic master with either minion or syndic keys. is it a good pattern to use the salt-api to generate these keys?
12:52		amontalban joined #salt
12:52		amontalban joined #salt
12:58		fredvd joined #salt
13:06		aidin joined #salt
13:08	mjimeneznet	Reverend: Nop, I don't know why have this behaviour
13:10	yuhl__	zer0def: I tried what you told me:
13:10	yuhl__	{% set ipv6_enabled = False %}
13:10	yuhl__	{% for ip in grains["ipv6"] %}
13:10	yuhl__	ip {{ ip }}
13:10	yuhl__	{% if ip[:12] in ["fd69:620:600", "2001:620:600"] %}
13:10	yuhl__	{% set ipv6_enabled = True %}
13:10	yuhl__	ipv6 {{ ipv6_enabled }}
13:10	yuhl__	{% endif %}
13:10	yuhl__	{% endfor %}
13:11	yuhl__	oups sorry
13:11	yuhl__	{% set ipv6_enabled = False %}
13:11	yuhl__	{% for ip in grains["ipv6"] %}
13:11	yuhl__	{% if ip[:12] in ["fd69:620:600", "2001:620:600"] %}
13:11	yuhl__	{% set ipv6_enabled = True %}
13:11	yuhl__	{% endif %}
13:11	yuhl__	{% endfor %}
13:11	austin_	gist works :)
13:13	yuhl__	https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff
13:14	yuhl__	it seems that ipv6_enabled is somehow scoped !
13:20	austin_	just looking but is this the right file ? it says *_master.conf in the minion dir :)https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff#file-ipv6-sls-L8
13:22		ivanjaros joined #salt
13:24	yuhl__	austin_: yep this is where I instruct where the master is.
13:25	austin_	yuhl__: heeh. yea it was just like, let me just state something obvious before i take a look
13:25	yuhl__	;P
13:27		theblazehen joined #salt
13:30		numkem joined #salt
13:39		cyborg-one joined #salt
13:40		edrocks joined #salt
13:41		sh123124213 joined #salt
13:46		Nahual joined #salt
13:50	zer0def	yuhl__: you're probably better off using something more refined than simple string comparison for ipv6 addresses
13:51	zer0def	try using https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html
13:53		dyasny joined #salt
13:53		sh123124213 joined #salt
13:54		flyboy82 joined #salt
13:58		lasseknudsen joined #salt
13:58	yuhl__	zer0def: what you said is really interesting or bugging me.
13:58	yuhl__	I really never understood what such salt modules could do.
13:59	yuhl__	Are you telling me that I can use such module as a python module within my state '
13:59	yuhl__	?
13:59	zer0def	yes, you just do `{{ salt['network.in_subnet']('127.0.0.0.8') }}` for example
14:00	zer0def	erm, i messed up the argument, but you get the idea
14:01	yuhl__	that is surprising
14:01	zer0def	ipv6 addresses are peculiar in the sense that multiple notations can stand for the same set of bits
14:02	Reverend	mjimeneznet: did you try outputting your for loop to a file and seeing what it has in it?
14:03	zer0def	yuhl__: basically, if you want to check if your machine is in a 192.168. private subnet, for example, you could set a value like `{% set priv_net192 = salt['network.in_subnet']('192.168.0.0/16') %}` and then operate with the `priv_net192` variable
14:03	Reverend	mjimeneznet: you’re gonna have conflicts if the filename (the name of the block in your sls) is the duplicated. that’s why it’s erroring.
14:03	yuhl__	that is really interesting.
14:04	zer0def	just be sure to consult what a particular execution module function returns
14:04	yuhl__	but I still do not know how do I do if I got a list of ips that must match different cidr
14:05	zer0def	my idea is that you create a list of CIDRs to match up against and set a flag, which you then use for populating the file
14:06	yuhl__	This is sad, that the network module did not give a way to exclude the "link local" as they do with the "loopback"
14:06	zer0def	your idea is would work just fine with ipv4, though
14:07	yuhl__	zer0def: I try to have a "master" in the minion config, that change its value from an ipv4 ip if the host as ipv4 enabled to an ipv6 ip if the host as ipv6 enabled.
14:08		lasseknudsen joined #salt
14:08		hvn joined #salt
14:09	yuhl__	zer0def: and so my gist: https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff where I iterate the ip still not work, as ipv6_enabled is always false in my case (even if grains returns me ipv6 address)
14:09	zer0def	so basically preferring ipv6 over ipv4… wouldn't it be simpler to use dns? unless you can't
14:14	zer0def	ok, even if you can't, you could use the "contents" kwarg, instead of "source", because ideally, that file only contains "master: <master_ip>"… i'm not yet sure, how to fetch a minion's master ip
14:14		dyasny joined #salt
14:15		abednarik joined #salt
14:16	zer0def	yuhl__: also, as mentioned previously, i'm not sure that using direct string comparison with ipv6 addresses is a good idea
14:17	yuhl__	zer0def: Yeah !!! https://gist.github.com/briner/beca757865ba0dbfcdeab78edecfeefb
14:18	yuhl__	zer0def: Thanks a lot.. I did learn a lot todax
14:18	zer0def	yuhl__: that's an interesting usage of an addition operator
14:19	zer0def	but as long as it works for you, good :)
14:20		abednarik joined #salt
14:23		dyasny joined #salt
14:24		saintpablo joined #salt
14:24		fxhp joined #salt
14:25		boggle joined #salt
14:28		nicksloan joined #salt
14:29		hvn joined #salt
14:32		abednarik joined #salt
14:32		austin_ joined #salt
14:32	austin_	yuhl__: idk if you already found the answer but https://gist.github.com/austinpapp/ce1bb4fa80223b3645532dfa3b7fecb2
14:36	zer0def	austin_: he has, just pointed him at network.in_subnet, because direct string comparison in ipv6 works unreliably due to multiplicity of notation
14:37		fracklen joined #salt
14:37	austin_	zer0def: o ok. cool. yea but it does highlight at least a workaround for those situations. what was the network.in_subnet solution?
14:37	zer0def	austin_: https://gist.github.com/briner/beca757865ba0dbfcdeab78edecfeefb
14:38	zer0def	much cleaner, too
14:38	austin_	ah yea. way better :)
14:41		fracklen_ joined #salt
14:42		fracklen joined #salt
14:45		ekristen joined #salt
14:45		cachedout joined #salt
14:49		seanz joined #salt
14:53		hvn joined #salt
14:53		saintpablo joined #salt
14:58		nickabbey joined #salt
15:00		fracklen joined #salt
15:01		dxiri joined #salt
15:01		fracklen joined #salt
15:08		fracklen joined #salt
15:11		abednarik joined #salt
15:14		fracklen joined #salt
15:21		dyasny joined #salt
15:26		ecdhe joined #salt
15:26		ecdhe joined #salt
15:26	austin_	i am calling http://ip:8000/keys to generate 2 keypair for a syndic
15:26	austin_	however, i'm seeing ==> tar: minion.pub: implausibly old time stamp 1970-01-01 00:00:00
15:27	austin_	has anyone see this problem ?
15:27	austin_	its unclear to me why it would be corrupt
15:27	austin_	in this situation, i am purposely disabling ssl for testing
15:29		nZac joined #salt
15:31		schemanic_ joined #salt
15:32		tobiasBora joined #salt
15:43		anotherzero joined #salt
15:44		abednarik joined #salt
15:52		esharpmajor joined #salt
15:53		Brew joined #salt
15:55		mk-fg joined #salt
15:56	cscf	austin_, while that's strange, an epoch 0 timestamp shouldn't cause much trouble.
15:58	yuhl__	austin_, zer0def: should I do a bug report, to add a include_local_link not modules.network.ip_addrs6
15:59	yuhl__	s/not/in/
15:59		sarcasticadmin joined #salt
16:01	sh123124213	gtmanfred: Following our conversation on whether minions can listen on all other minions communication in saltstack. I see there is 'zmq_filtering': bool which is supposed to restrict this ? Can you please confirm ?
16:09		ALLmightySPIFF joined #salt
16:09		pipps joined #salt
16:10		the_lalelu joined #salt
16:10		ALLmightySPIFF joined #salt
16:10		promorphus joined #salt
16:11		pipps joined #salt
16:12		Ludo- joined #salt
16:12		debian112 joined #salt
16:13		aarontc joined #salt
16:14		chmod666org joined #salt
16:16		fracklen joined #salt
16:17	bfrog	got this today... https://gist.github.com/bfrog/85774394d5a9eff0d3786f8b8e8b0824
16:17	bfrog	nice stack trace about lspci
16:17	bfrog	bug worthy?
16:20	zer0def	yuhl__: to be frank, i'm not one to answer this question, but try your odds at posting an issue about it
16:20		Ssquidly joined #salt
16:23		dxiri joined #salt
16:26	sh123124213	bfrog: can you run /usr/bin/lspci in your box ?
16:29		fracklen joined #salt
16:30		tiwula joined #salt
16:33		theblazehen joined #salt
16:34		nickabbey joined #salt
16:34		mpanetta joined #salt
16:36		mpanetta joined #salt
16:38		Horgix joined #salt
16:40	bfrog	will try in a few
16:40		tobiasBora joined #salt
16:41		armguy_ joined #salt
16:42		abednarik joined #salt
16:43		dxiri joined #salt
16:46		usernkey joined #salt
16:47		tobiasBora joined #salt
16:48		samodid joined #salt
16:49		usernkey joined #salt
16:50		pmcg joined #salt
16:58		ubahmapk joined #salt
17:01		DEger joined #salt
17:02		pipps joined #salt
17:03		Sarph joined #salt
17:07		raspado joined #salt
17:11		eprice joined #salt
17:11		aidin joined #salt
17:14		aarontc joined #salt
17:17		pipps joined #salt
17:22		dxiri joined #salt
17:23		abednarik joined #salt
17:23		averell joined #salt
17:25		raspado joined #salt
17:29		lws joined #salt
17:31		esharpmajor joined #salt
17:31		pipps joined #salt
17:42		nickabbey joined #salt
17:44		dxiri joined #salt
17:46		Trauma joined #salt
17:53		aw110f joined #salt
17:54		Edgan joined #salt
17:59		bowhunter joined #salt
18:00		Salander27 joined #salt
18:04		mpanetta joined #salt
18:08		pipps joined #salt
18:09		dxiri joined #salt
18:12		Kelsar joined #salt
18:15		stooj joined #salt
18:17		sp0097 joined #salt
18:19		onlyanegg joined #salt
18:23		Praematura joined #salt
18:30		mikecmpbll joined #salt
18:32		CrummyGummy joined #salt
18:34		wendall911 joined #salt
18:35		pipps joined #salt
18:38		dxiri joined #salt
18:39		onlyanegg joined #salt
18:43		SpX joined #salt
18:45		stooj joined #salt
18:53		nickabbey joined #salt
18:54		oida joined #salt
18:57		jschoolcraft joined #salt
18:59		Miouge joined #salt
18:59		Miouge left #salt
19:10		ntropy_ joined #salt
19:10		fracklen_ joined #salt
19:11		raspado joined #salt
19:14		notCalle joined #salt
19:14		JPT joined #salt
19:17		s_kunk joined #salt
19:28		bluethundr joined #salt
19:28	bluethundr	hey guys, if I want to specify an internal IP for an ec2 instance using a salt cloud profile
19:29	bluethundr	how would I do that?
19:29	bluethundr	this is what I have so far for a profile
19:29	bluethundr	https://gist.github.com/bluethundr/411d08f084f7408f09d3b9942f0c649f
19:34		ivanjaros joined #salt
19:35		jhauser joined #salt
19:36		DammitJim joined #salt
19:37	DammitJim	anyone doing an ubuntu upgrade from 14.04 LTS to 16.04 using salt?
19:38		promorphus joined #salt
19:38		Kelsar joined #salt
19:38		eprice joined #salt
19:42		lionel joined #salt
19:45		lws joined #salt
19:47		sarcasticadmin joined #salt
19:48	iggy	someone at the office suggested that and I punched them in the genitals
19:48		onlyanegg joined #salt
19:49	DammitJim	ouch
19:51		sarcasticadmin joined #salt
19:53		dxiri joined #salt
19:56	wangofett	any clue why a git.latest would work on a VPS but not on a raspberry pi?
19:56		stooj joined #salt
19:56	wangofett	specifically a permissions error
19:56		nickabbey joined #salt
19:56	cscf	wangofett, what error?
19:56	iggy	you aren't like checking it out onto a usb flash drive formatted as fat32 or something?
19:57	cscf	^ That sounds likely
19:57		pipps joined #salt
20:00	wangofett	2/dev/mmcblk0p1 8192 137215 129024 63M c W95 FAT32 (LBA)
20:00	wangofett	/dev/mmcblk0p2 137216 60874751 60737536 29G 83 Linux
20:00	iggy	that's the partition type, what kind of fs is it?
20:01	wangofett	how do I check that?
20:01	wangofett	(it was created following the raspbian lite install directions, using dd)
20:02	iggy	`mount` will tell you
20:04	wangofett	/dev/mmcblk0p2 on / type ext4 (rw,noatime,data=ordered)
20:04		fracklen joined #salt
20:04	wangofett	/dev/mmcblk0p1 on /boot type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro)
20:05	wangofett	I don't have any other permission issues... I can clone the repo as the root user just fine, but I think I'm using a different key
20:08	wangofett	looks like that's the difference. Removing the user and identity bits make it happy
20:08	wangofett	adding back identity was fine
20:08	DammitJim	are there any well known issues between running salt master version 2016.11.1
20:08		woaminor joined #salt
20:08	DammitJim	and salt minion 2015.8.12?
20:09		swills joined #salt
20:10		jhauser joined #salt
20:11	wangofett	I don't get it. Using `www-data` for my user works on my other minion, but not this one. `cat /etc/passwd` shows www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
20:11	wangofett	for both
20:12	cscf	wangofett, does one have an ssh key that the other doesnt?
20:13		Trauma joined #salt
20:13		tercenya joined #salt
20:13	whytewolf	you sure you don't have a permission issue? you said it works as root, but user: doesn't run the command as root
20:14	wangofett	cscf: I'm putting the ssh key on there in a state file, so it darn well better have the same key :P
20:15		onmeac joined #salt
20:15	wangofett	oh hey... looks like this other state fails, though: fatal: could not create work tree dir '/var/www/waynewerner.com'.: Permission denied
20:16	wangofett	oh man if it's this trailing slash...
20:16	wangofett	okay no, lol
20:18		fredvd joined #salt
20:19	cscf	wangofett, well, try doing the commands that Salt would be running, as the same user, etc and see what happens
20:19		Salander27_ joined #salt
20:19	wangofett	Well, the user has a shell of `/usr/sbin/nologin` -_-
20:20	wangofett	Not sure how salt manages to run the commands as that user :P
20:20	whytewolf	sudo <command>
20:21		irctc532 joined #salt
20:21	whytewolf	sorry sudo -u <user> <command>
20:21		tercenya joined #salt
20:23	cscf	Indeed
20:23	irctc532	what's the best way to set a pillar value based on other pillar values stored as yaml?
20:23	wangofett	oh. Well. I see now. How the heck did that happen? o.o
20:24	wangofett	dr-sr-sr-t 2 www-data www-data 4.0K Dec 19 20:09 .
20:24	wangofett	I'm 90% sure I looked earlier and it had 755
20:25	wangofett	ermagersh. facepalm. 7555 != 755. FML
20:25	cscf	lol
20:25	cscf	That's all sorts of odd settings
20:25	cscf	That first digit does some strange stuff
20:26	whytewolf	sticky bits ... fun for the whole family
20:30	wangofett	yeah. Thanks for the help! Second typo today :P
20:30		Salander27 joined #salt
20:30	whytewolf	humm so, a 7555 = setuid + setgid + sticky bit and no one can write. frankly not sure why you had a problem with that :P
20:31	wangofett	first one: `salt://letsencrypt/files/manuale-reqs.txt` != `salt://letsencrypt/files/manaule-reqs.txt`
20:33	whytewolf	although sometimes i wish setuid and setgid would die in a fire
20:34	irctc532	my pillar top file includes .yml style .sls files. But now at the end i need some auto calculated values based on those. But it seems i cannot use pillar data.
20:34	whytewolf	irctc532: pillars can no access pillars.
20:34		onlyanegg joined #salt
20:34	wangofett	Though, templates can access pillars on pillars ;)
20:34	irctc532	whytewolf: yes i read those in the docs. But what's the best workaround or way to workaround this. I
20:35	hemebond	Templates can access pillars on pillars? Asking for trouble if you try that.
20:35	wangofett	i.e. {{ pillar['this']['thing'][pillar['that']['thing']] }} is a thing that you can do
20:35	hemebond	Unless you mean state files.
20:35	whytewolf	by not trying it in the first place and access pillars and do your calulations in your states
20:35	wangofett	(in a state or template, that is)
20:36	whytewolf	state/file template
20:36	irctc532	whytewolf: if i do it in the state file i need todo those calculation multiple times. Which i would like to avoid.
20:37	irctc532	hemebond: What kind of Templates?
20:37	hemebond	irctc532: Every file is a template really.
20:37	hemebond	Jinja can be used in pillars, states or managed files.
20:38	whytewolf	irctc532: map.jinja can be your friend.
20:39	irctc532	whytewolf: mhm yes not familiar with that one but saw it already multiple times.
20:39		s_kunk joined #salt
20:40		jav joined #salt
20:40	whytewolf	irctc532: learn jinja... you don't need to put all your code multiple times in the different files. just build a set of files that you can inport with context in jinja
20:40	whytewolf	import
20:40	whytewolf	you can even get kind of crazy and do things like macros
20:40	whytewolf	:P
20:42		kingscott joined #salt
20:42		pipps joined #salt
20:42	kingscott	is anyone familiar with the zabbix formula that could answer a couple questions?
20:43	cscf	kingscott, don't ask to ask
20:44	* Sketch	wonders how hard it is to get a formula into saltstack-formulas
20:44	irctc532	whytewolf: jinja is no problem just did not wrote any mappings. macros and import with context is already in use. I just found it nice to use pillar.items on a host to see the REAL settings for a system which matter instead of all which are processed in sls.
20:45	whytewolf	sketch: looking at the quility of some of the formulas in saltstack-formulas, pretty frigging easy
20:45		bltmille_ joined #salt
20:47	Sketch	whytewolf: heh, that was sort of why i was wondering. the ones i have looked at seem pretty basic, and i ended up just writing my own states
20:47	whytewolf	irctc532: thats nice and all however nothing will get pillar to read pillar. esp, since you have to consider the "calculations" are being done in jinja. which is rendered before pillars exist
20:47	Sketch	but my needs currently tend to be little specific
20:50	whytewolf	Sketch: thats why i don't bother with formulas. i work with systems that need a lot of customization that also have a ton of different styles of configurations. formulas tend to be a one stop show.
20:52	Sketch	whytewolf: yeah, same here. but i've been wondering if i've been doing it rong :)
20:52	Sketch	wrong
20:52	whytewolf	the only wrong way is the way that doesn't work.
20:54	wangofett	For a variety of factors of "work" ;)
20:56	wangofett	The biggest thing I think that the formulas do that I'm not quite as strict on as I should is the enabled/disabled bit
20:56	wangofett	like right now with my sites-enabled on nginx :P
21:01		Derailed joined #salt
21:01		pipps joined #salt
21:02		xbglowx joined #salt
21:03		pipps joined #salt
21:03		Bico_Fino joined #salt
21:07		putak joined #salt
21:07		pipps99 joined #salt
21:09		bltmiller joined #salt
21:10	Edgan	Sketch: I am not sure I see the point to getting into that repository. My formulas are more advanced and pretty much always end up including specific stuff that doesn't apply to anyone else. I also don't use them, because I like having things in a consistent style.
21:10	Edgan	Sketch: I see them as a learning tool.
21:18		Bico_Fino joined #salt
21:27		promorphus joined #salt
21:32		Bico_Fino_ joined #salt
21:35		Praematura joined #salt
21:39		seanz joined #salt
21:41		combinare left #salt
21:49		mansquid joined #salt
21:50	mansquid	Hey y'all I was wondering why the client.cmd() would return a cached hostname when the job cache is empty? Is there another cache I should clear?
21:53		cyborg-one joined #salt
21:56		tercenya joined #salt
22:01		tercenya joined #salt
22:17		xbglowx joined #salt
22:17		amontalban joined #salt
22:17		amontalban joined #salt
22:17		swills_ joined #salt
22:23		orianbsilva joined #salt
22:23		pipps joined #salt
22:27		swills_ joined #salt
22:28	orianbsilva	hello!
22:28		Bico_Fino joined #salt
22:29	whytewolf	greetings
22:32		netcho joined #salt
22:32	orianbsilva	i am following this doc page
22:33	orianbsilva	its possible to run this on windows using cygwin
22:33	orianbsilva	https://docs.saltstack.com/en/latest/topics/development/hacking.html
22:33		DEger joined #salt
22:33	orianbsilva	virtual env is ok. but can i ga futher? and run an sal environment
22:33		PeterO joined #salt
22:33	orianbsilva	??
22:34		Derailed joined #salt
22:34	whytewolf	in thoery, yes.... although might need some heavy tweeking and might be better done if you were just to install virtualbox and use a vm running linux
22:35	whytewolf	the enviroment in cygwin could really through off the tests
22:36	wangofett	Yeah, I'd run inside virtualbox if you're going to hack on salt
22:36	orianbsilva	ok thks.
22:42		jeddi joined #salt
22:43		Trauma joined #salt
22:50		orianbsilva joined #salt
22:51		sarcasticadmin joined #salt
22:55		netcho joined #salt
23:04		bfrog joined #salt
23:06	bfrog	so I'm confused... I thought {% load_yaml as myvar %} ... would actually add the yaml as a variable to the local sls as well as any imports
23:06	bfrog	I want to shared some pillar data to reuse in other pillars, that seemed like a nice way of doing it at first
23:08	bfrog	in the docs https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html the last example was what I was basing things on, my assumption was that doc1 would have var1 and var2 in it
23:08	bfrog	but salt complains it can't find it
23:09		tercenya joined #salt
23:10		sarcasticadm joined #salt
23:11		felskrone joined #salt
23:12		jeddi joined #salt
23:13	bfrog	I guess that doesn't make sense now that I think about it
23:14	binocvlar	http://www.dailyedge.ie/christmas-tree-ornament-3146596-Dec2016/
23:14		wangofett joined #salt
23:14	bfrog	I guess I could use template inheritance to get what I want
23:14	bfrog	seems hokey though
23:14	bfrog	oh well
23:14	ponyofdeath	hi, how can I get unless to execute as a specific user and not root?
23:20		Trauma joined #salt
23:23	wangofett	You could definitely do it with sudo/su
23:23	wangofett	not sure if that's the "best" way
23:29		Sammichmaker joined #salt
23:30		debian112 joined #salt
23:35		nicksloan joined #salt
23:38	whytewolf	sicne the only config that changes how unless reacts is the unless setting that is about the only option. sudo -u <user> <command> the caveat being that the sudo could also fail
23:40		mikecmpbll joined #salt
23:44		TyrfingMjolnir joined #salt
23:46		pipps99 joined #salt
23:50		pipps joined #salt

← Previous day | Channels | #salt index | Today | Next day → | Search | Google Search | Plain-Text | summary