Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-12-19

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 tobiasBora joined #salt
00:12 dxiri_ joined #salt
00:17 amontalban joined #salt
00:17 amontalban joined #salt
00:22 madboxs joined #salt
00:43 hexa- augeas with sshd via salt is just painful when it comes to sshd.lns caveeats
00:43 DEger joined #salt
00:45 hexa- trying to insert hostkeys before the match block like
00:45 hexa- - rm HostKey
00:45 hexa- - ins HostKey before Match
00:45 hexa- - set HostKey[n] path
00:46 hexa- it will always tell me it was unable to save the file
00:46 hexa- that's not very helpful
00:46 dxiri joined #salt
00:48 hexa- minion log be like
00:48 hexa- 2016-12-19 01:47:49,856 [salt.state       ][ERROR   ][21928] Error: Unable to save to file!
00:48 hexa- on loglevel debug
00:49 tobiasBora joined #salt
00:51 Hazelesque joined #salt
00:54 gentoo joined #salt
00:56 jeddi joined #salt
00:57 hexa- turns out I have to ins for each HostKey
00:57 hexa- even though it uses an array-like notation
00:59 anotherzero joined #salt
01:02 sh123124213 joined #salt
01:09 KevinAn27 joined #salt
01:17 DEger joined #salt
01:19 combinare joined #salt
01:22 tobiasBora joined #salt
01:33 shoemonkey joined #salt
01:37 madboxs joined #salt
01:43 madboxs_ joined #salt
01:44 vod1k joined #salt
02:01 stooj joined #salt
02:01 shoemonkey joined #salt
02:09 gentoo joined #salt
02:09 gentoo joined #salt
02:10 gentoo joined #salt
02:10 gentoo joined #salt
02:11 gentoo joined #salt
02:25 amontalban joined #salt
02:25 amontalban joined #salt
02:26 jeddi joined #salt
02:28 mavhq joined #salt
02:29 swills joined #salt
02:31 gentoo_ joined #salt
02:40 mpanetta joined #salt
02:40 evle joined #salt
02:41 sebastian-w joined #salt
02:48 ilbot3 joined #salt
02:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
02:48 shoemonkey joined #salt
02:55 gentoo_ joined #salt
02:59 catpiggest joined #salt
03:02 m0nky_ joined #salt
03:03 sh123124213 joined #salt
03:03 skeezix-hf joined #salt
03:05 esharpmajor joined #salt
03:06 georgemarshall joined #salt
03:07 djhaskin987_ joined #salt
03:10 smcquay joined #salt
03:12 ws2k3 joined #salt
03:12 CaptTofu joined #salt
03:13 futuredale joined #salt
03:14 godlike joined #salt
03:14 godlike joined #salt
03:19 shoemonkey joined #salt
03:20 darvon_ joined #salt
03:23 k_sze[work] joined #salt
03:26 JamieH joined #salt
03:26 frew joined #salt
03:27 bastiand1 joined #salt
03:27 dxiri joined #salt
03:28 feld joined #salt
03:29 godlike joined #salt
03:42 madboxs_ joined #salt
03:45 JPT joined #salt
04:00 shoemonkey joined #salt
04:14 vodik joined #salt
04:27 amontalban joined #salt
04:32 hvn joined #salt
04:33 hvn hi all, is there any exist effort to create something like "ansible galaxy" for Salt? in short, it is a command line tool to download (git pull) from GitHub a specified formula? Coz I'm thinking to create one
04:34 digitalhighway joined #salt
04:39 hemebond hvn: How would that work?
04:39 hemebond If I want a formula I just clone the repo and I'm done.
04:44 iggy hvn: you mean like spm?
04:48 aidin joined #salt
05:00 hvn hemebond: it more organized, it like will put the formula into /srv/salt or a configured place
05:00 hvn iggy: I will have a look at spm, maybe the same
05:01 hvn beside that, it has a dashboard for community, than current we only look at salt-formula github user, which is not user friendly and not meet all other community like Chef or Ansible
05:06 DEger joined #salt
05:08 dxiri joined #salt
05:13 hemebond hvn: But can't you already kind of do that with gitfs for forumlas?
05:13 hemebond I've not used formulas like that; I just clone the repo and symlink it where I want it available. Easier than playing with master config every time.
05:15 hvn hemebond: we ditched the gitfs totally, it's painfully slow and consume CPU , so now just git clone in cron
05:15 hvn hemebond: you have a good workaround, I don't say that is impossible for we to setup that but a tool to easy all that seems be good for everyone
05:22 hvn I skimmed the spm and it seems also deal with pillar, which is different thing
05:22 hvn and how does SPM doing, anyone really use it?
05:27 mattl joined #salt
05:31 om2 joined #salt
05:31 prg3 joined #salt
05:32 dxiri_ joined #salt
05:34 bocaneri joined #salt
05:47 DEger joined #salt
05:50 rdas joined #salt
05:56 dxiri joined #salt
06:10 preludedrew joined #salt
06:28 vodik joined #salt
06:31 bayindirh joined #salt
06:34 samodid joined #salt
06:42 mpanetta joined #salt
06:44 teclator joined #salt
06:48 sarlalian joined #salt
06:58 swa_work joined #salt
07:02 iggy the maintainers of the formulas are already pretty overworked, I hope whatever you're planning doesn't add more work for them
07:07 DEger joined #salt
07:09 colttt joined #salt
07:12 hvn joined #salt
07:12 hvn joined #salt
07:29 amontalban joined #salt
07:30 nidr0x joined #salt
07:44 fracklen joined #salt
07:45 stooj joined #salt
07:45 aidin joined #salt
07:49 yuhl__ hi, I try to set up some configuration depending on the state of ipv6. How can I do to do something in a file template if and only if ipv6 contains more than "link local" (the one who starts with fe80 to talk to the router) and the loopback (::1)
07:51 dkrae joined #salt
08:02 sh123124213 joined #salt
08:15 uu joined #salt
08:18 sh123124213 joined #salt
08:23 sh123124213 joined #salt
08:28 o1e9 joined #salt
08:31 samodid joined #salt
08:33 aidin joined #salt
08:42 JohnnyRun joined #salt
08:43 darioleidi joined #salt
08:47 dunz0r joined #salt
08:58 SpX joined #salt
09:00 fracklen joined #salt
09:05 mikecmpbll joined #salt
09:05 hemebond yuhl__: Use Jinja in your state to check the network grains.
09:14 keimlink joined #salt
09:18 sh123124213 joined #salt
09:24 ReV013 joined #salt
09:28 zer0def um, quick question - is there any reason redhat network-scripts templates don't have an option which controlls whether you'd like your interface managed by NetworkManager or not? or is it just an oversight?
09:30 kbaikov joined #salt
09:35 Kelsar joined #salt
09:38 N-Mi__ joined #salt
09:39 s_kunk joined #salt
09:45 yuhl__ hemebond: I did  it like this: {% if [e for e in q if grains["ipv6"] in ["fd69:620:600", "2001:620:600"]] %}
09:46 yuhl__ and it does not want to work
09:47 zer0def i'm not sure list comprehensions work in jinja
09:53 onmeac joined #salt
10:01 babilen They don't
10:15 jhauser joined #salt
10:20 oida joined #salt
10:20 dxiri joined #salt
10:21 greeny___ joined #salt
10:24 bluenemo joined #salt
10:32 amontalban joined #salt
10:32 amontalban joined #salt
10:33 yuhl__ zer0def: I also try with lambda and filter... but it does not seems to work neither
10:35 zer0def yuhl__: let me just get that clear - you're looking for addresses with these prefixes, correct?
10:37 hlub Hmm, I've organized my sls files to formulas, separate groups of sls and other files. It would be nice, if I can develop those formulas without creating too much dependencies between them. For instance, if a formula needs reactors, that means adding some configuration for the master. but the master configurations are generated within the salt formula...
10:38 jeddi joined #salt
10:39 zer0def yuhl__: for starters, the ipv6 grain is a list, so you'll need to iterate over it and you'll most likely need to do a flag variable that gets set (or remains unset) if a set of conditions occur
10:40 hlub what if I write a hack to the salt formula that searches for files salt://*/reactors/*.sls and automatically adds them to the reactor config. The event tags could simply be contained on the first line (commented) of those files.
10:42 hlub any comments on this? :)
10:43 mpanetta joined #salt
10:46 Miouge joined #salt
10:49 babilen hlub: What I would do is to ship certain information in the formulas pillar file .. That way you could have a "reactors: reactor_paths: - salt://foo_service/reactors" in the foo_service pillar SLS and rely on pillar merging to combine that in a coherent whole
10:50 babilen If you use salt-formula for this you could also populate salt:reactor (cf. https://github.com/saltstack-formulas/salt-formula/blob/master/pillar.example#L218) from different, service specific, SLSs
10:50 raspado joined #salt
10:52 babilen Alternatively stick to your salt://*/reactors/*.sls plan and parse the output of cp.list_master -- It really depends on the way you already configure your master really
10:53 babilen But given that you need the event_match/SLS combo for reactors, it might be easiest to simply populate salt:reactor right away
10:54 stooj joined #salt
10:57 fracklen joined #salt
10:59 hlub yeah, using the pillar might be the easiest way. However, I have tried to avoid such pillar configurations that are always required and really need not be customized.
10:59 hlub i.e. trying to keep pillar as simple as possible.
11:01 mikecmpb_ joined #salt
11:01 sh123124213 joined #salt
11:02 N-Mi__ joined #salt
11:02 amcorreia joined #salt
11:04 mjimeneznet joined #salt
11:05 theblazehen joined #salt
11:07 mjimeneznet Hello! Do you know a optimal way to do this? I'm getting Conflicting ID http://hastebin.com/tulevehide.cs
11:07 yuhl__ zer0def: exactly
11:07 R_afk that doesn’t exist
11:07 R_afk mjimeneznet^
11:08 stooj joined #salt
11:08 DEger joined #salt
11:09 yuhl__ zer0def: I'm okay to iterate against grains["ipv6"], but I'm not wanting to have an output for each value.
11:11 mjimeneznet Reverend: What does not exists?
11:13 theblazehen joined #salt
11:19 Reverend nevermind
11:19 Reverend our internal dns borker
11:20 Reverend mjimeneznet - your for loop is creating two `/etc/init.d/sidekiq-bla-blerp` files
11:20 Reverend check your chache-file for duplicates
11:21 hvn joined #salt
11:23 const joined #salt
11:23 const Hi, is it possible to use {% if my_var %} inside file.managed jinja template?
11:23 mjimeneznet But I'm trying to create only on file if only is backend02 or backend04
11:24 mjimeneznet if I remove one backend from the if, the task works
11:24 Reverend try putting your for loop in a jinja template... and see what it outputs
11:25 zer0def yuhl__: one doesn't imply the other, since all you could do is generate values as basis for rendering file content; even better, you could (and probably should) move that logic back to the sls and just pass a context variable to rendered file
11:29 cebreidian joined #salt
11:29 oida joined #salt
11:33 abednarik joined #salt
11:34 aidin joined #salt
11:52 mikecmpbll joined #salt
12:05 teclator joined #salt
12:07 Bico_Fino joined #salt
12:10 fgimian joined #salt
12:18 stooj joined #salt
12:26 stooj joined #salt
12:34 keimlink joined #salt
12:39 keimlink joined #salt
12:40 Reverend mjimeneznet - did you figure it out?
12:44 mpanetta joined #salt
12:45 riftman joined #salt
12:45 keimlink joined #salt
12:46 johnkeates joined #salt
12:47 austin_ joined #salt
12:47 stooj joined #salt
12:49 Bico_Fino joined #salt
12:51 austin_ i'm looking to seed the syndic master with either minion or syndic keys. is it a good pattern to use the salt-api to generate these keys?
12:52 amontalban joined #salt
12:52 amontalban joined #salt
12:58 fredvd joined #salt
13:06 aidin joined #salt
13:08 mjimeneznet Reverend: Nop, I don't know why have this behaviour
13:10 yuhl__ zer0def: I tried what you told me:
13:10 yuhl__ {% set ipv6_enabled = False %}
13:10 yuhl__ {% for ip in grains["ipv6"] %}
13:10 yuhl__ ip {{ ip }}
13:10 yuhl__ {%     if ip[:12] in ["fd69:620:600", "2001:620:600"] %}
13:10 yuhl__ {%         set ipv6_enabled = True %}
13:10 yuhl__ ipv6 {{ ipv6_enabled }}
13:10 yuhl__ {%     endif %}
13:10 yuhl__ {% endfor %}
13:11 yuhl__ oups sorry
13:11 yuhl__ {% set ipv6_enabled = False %}
13:11 yuhl__ {% for ip in grains["ipv6"] %}
13:11 yuhl__ {%     if ip[:12] in ["fd69:620:600", "2001:620:600"] %}
13:11 yuhl__ {%         set ipv6_enabled = True %}
13:11 yuhl__ {%     endif %}
13:11 yuhl__ {% endfor %}
13:11 austin_ gist works :)
13:13 yuhl__ https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff
13:14 yuhl__ it seems that ipv6_enabled is somehow scoped !
13:20 austin_ just looking but is this the right file ? it says *_master.conf in the minion dir :)https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff#file-ipv6-sls-L8
13:22 ivanjaros joined #salt
13:24 yuhl__ austin_: yep this is where I instruct where the master is.
13:25 austin_ yuhl__: heeh. yea it was just like, let me just state something obvious before i take a look
13:25 yuhl__ ;P
13:27 theblazehen joined #salt
13:30 numkem joined #salt
13:39 cyborg-one joined #salt
13:40 edrocks joined #salt
13:41 sh123124213 joined #salt
13:46 Nahual joined #salt
13:50 zer0def yuhl__: you're probably better off using something more refined than simple string comparison for ipv6 addresses
13:51 zer0def try using https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html
13:53 dyasny joined #salt
13:53 sh123124213 joined #salt
13:54 flyboy82 joined #salt
13:58 lasseknudsen joined #salt
13:58 yuhl__ zer0def: what you said is really interesting or bugging me.
13:58 yuhl__ I really never understood what such salt modules could do.
13:59 yuhl__ Are you telling me that I can use such module as a python module within my state '
13:59 yuhl__ ?
13:59 zer0def yes, you just do `{{ salt['network.in_subnet']('127.0.0.0.8') }}` for example
14:00 zer0def erm, i messed up the argument, but you get the idea
14:01 yuhl__ that is surprising
14:01 zer0def ipv6 addresses are peculiar in the sense that multiple notations can stand for the same set of bits
14:02 Reverend mjimeneznet: did you try outputting your for loop to a file and seeing what it has in it?
14:03 zer0def yuhl__: basically, if you want to check if your machine is in a 192.168. private subnet, for example, you could set a value like `{% set priv_net192 = salt['network.in_subnet']('192.168.0.0/16') %}` and then operate with the `priv_net192` variable
14:03 Reverend mjimeneznet: you’re gonna have conflicts if the filename (the name of the block in your sls) is the duplicated. that’s why it’s erroring.
14:03 yuhl__ that is really interesting.
14:04 zer0def just be sure to consult what a particular execution module function returns
14:04 yuhl__ but I still do not know how do I do if I got a list of ips that must match different cidr
14:05 zer0def my idea is that you create a list of CIDRs to match up against and set a flag, which you then use for populating the file
14:06 yuhl__ This is sad, that the network module did not give a way to exclude the "link local" as they do with the "loopback"
14:06 zer0def your idea is would work just fine with ipv4, though
14:07 yuhl__ zer0def: I try to have a "master" in the minion config, that change its value from an ipv4 ip if the host as ipv4 enabled to an ipv6 ip if the host as ipv6 enabled.
14:08 lasseknudsen joined #salt
14:08 hvn joined #salt
14:09 yuhl__ zer0def: and so my gist: https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff where I iterate the ip still not work, as ipv6_enabled is always false in my case (even if grains returns me ipv6 address)
14:09 zer0def so basically preferring ipv6 over ipv4… wouldn't it be simpler to use dns? unless you can't
14:14 zer0def ok, even if you can't, you could use the "contents" kwarg, instead of "source", because ideally, that file only contains "master: <master_ip>"… i'm not yet sure, how to fetch a minion's master ip
14:14 dyasny joined #salt
14:15 abednarik joined #salt
14:16 zer0def yuhl__: also, as mentioned previously, i'm not sure that using direct string comparison with ipv6 addresses is a good idea
14:17 yuhl__ zer0def: Yeah !!! https://gist.github.com/briner/beca757865ba0dbfcdeab78edecfeefb
14:18 yuhl__ zer0def: Thanks a lot.. I did learn a lot todax
14:18 zer0def yuhl__: that's an interesting usage of an addition operator
14:19 zer0def but as long as it works for you, good :)
14:20 abednarik joined #salt
14:23 dyasny joined #salt
14:24 saintpablo joined #salt
14:24 fxhp joined #salt
14:25 boggle joined #salt
14:28 nicksloan joined #salt
14:29 hvn joined #salt
14:32 abednarik joined #salt
14:32 austin_ joined #salt
14:32 austin_ yuhl__: idk if you already found the answer but https://gist.github.com/austinpapp/ce1bb4fa80223b3645532dfa3b7fecb2
14:36 zer0def austin_: he has, just pointed him at network.in_subnet, because direct string comparison in ipv6 works unreliably due to multiplicity of notation
14:37 fracklen joined #salt
14:37 austin_ zer0def: o ok. cool. yea but it does highlight at least a workaround for those situations. what was the network.in_subnet solution?
14:37 zer0def austin_: https://gist.github.com/briner/beca757865ba0dbfcdeab78edecfeefb
14:38 zer0def much cleaner, too
14:38 austin_ ah yea. way better :)
14:41 fracklen_ joined #salt
14:42 fracklen joined #salt
14:45 ekristen joined #salt
14:45 cachedout joined #salt
14:49 seanz joined #salt
14:53 hvn joined #salt
14:53 saintpablo joined #salt
14:58 nickabbey joined #salt
15:00 fracklen joined #salt
15:01 dxiri joined #salt
15:01 fracklen joined #salt
15:08 fracklen joined #salt
15:11 abednarik joined #salt
15:14 fracklen joined #salt
15:21 dyasny joined #salt
15:26 ecdhe joined #salt
15:26 ecdhe joined #salt
15:26 austin_ i am calling http://ip:8000/keys to generate 2 keypair for a syndic
15:26 austin_ however, i'm seeing ==> tar: minion.pub: implausibly old time stamp 1970-01-01 00:00:00
15:27 austin_ has anyone see this problem ?
15:27 austin_ its unclear to me why it would be corrupt
15:27 austin_ in this situation, i am purposely disabling ssl for testing
15:29 nZac joined #salt
15:31 schemanic_ joined #salt
15:32 tobiasBora joined #salt
15:43 anotherzero joined #salt
15:44 abednarik joined #salt
15:52 esharpmajor joined #salt
15:53 Brew joined #salt
15:55 mk-fg joined #salt
15:56 cscf austin_, while that's strange, an epoch 0 timestamp shouldn't cause much trouble.
15:58 yuhl__ austin_, zer0def: should I do a bug report, to add a include_local_link not modules.network.ip_addrs6
15:59 yuhl__ s/not/in/
15:59 sarcasticadmin joined #salt
16:01 sh123124213 gtmanfred: Following our conversation on whether minions can listen on all other minions communication in saltstack. I see there is 'zmq_filtering': bool which is supposed to restrict this ? Can you please confirm ?
16:09 ALLmightySPIFF joined #salt
16:09 pipps joined #salt
16:10 the_lalelu joined #salt
16:10 ALLmightySPIFF joined #salt
16:10 promorphus joined #salt
16:11 pipps joined #salt
16:12 Ludo- joined #salt
16:12 debian112 joined #salt
16:13 aarontc joined #salt
16:14 chmod666org joined #salt
16:16 fracklen joined #salt
16:17 bfrog got this today... https://gist.github.com/bfrog/85774394d5a9eff0d3786f8b8e8b0824
16:17 bfrog nice stack trace about lspci
16:17 bfrog bug worthy?
16:20 zer0def yuhl__: to be frank, i'm not one to answer this question, but try your odds at posting an issue about it
16:20 Ssquidly joined #salt
16:23 dxiri joined #salt
16:26 sh123124213 bfrog: can you run /usr/bin/lspci in your box ?
16:29 fracklen joined #salt
16:30 tiwula joined #salt
16:33 theblazehen joined #salt
16:34 nickabbey joined #salt
16:34 mpanetta joined #salt
16:36 mpanetta joined #salt
16:38 Horgix joined #salt
16:40 bfrog will try in a few
16:40 tobiasBora joined #salt
16:41 armguy_ joined #salt
16:42 abednarik joined #salt
16:43 dxiri joined #salt
16:46 usernkey joined #salt
16:47 tobiasBora joined #salt
16:48 samodid joined #salt
16:49 usernkey joined #salt
16:50 pmcg joined #salt
16:58 ubahmapk joined #salt
17:01 DEger joined #salt
17:02 pipps joined #salt
17:03 Sarph joined #salt
17:07 raspado joined #salt
17:11 eprice joined #salt
17:11 aidin joined #salt
17:14 aarontc joined #salt
17:17 pipps joined #salt
17:22 dxiri joined #salt
17:23 abednarik joined #salt
17:23 averell joined #salt
17:25 raspado joined #salt
17:29 lws joined #salt
17:31 esharpmajor joined #salt
17:31 pipps joined #salt
17:42 nickabbey joined #salt
17:44 dxiri joined #salt
17:46 Trauma joined #salt
17:53 aw110f joined #salt
17:54 Edgan joined #salt
17:59 bowhunter joined #salt
18:00 Salander27 joined #salt
18:04 mpanetta joined #salt
18:08 pipps joined #salt
18:09 dxiri joined #salt
18:12 Kelsar joined #salt
18:15 stooj joined #salt
18:17 sp0097 joined #salt
18:19 onlyanegg joined #salt
18:23 Praematura joined #salt
18:30 mikecmpbll joined #salt
18:32 CrummyGummy joined #salt
18:34 wendall911 joined #salt
18:35 pipps joined #salt
18:38 dxiri joined #salt
18:39 onlyanegg joined #salt
18:43 SpX joined #salt
18:45 stooj joined #salt
18:53 nickabbey joined #salt
18:54 oida joined #salt
18:57 jschoolcraft joined #salt
18:59 Miouge joined #salt
18:59 Miouge left #salt
19:10 ntropy_ joined #salt
19:10 fracklen_ joined #salt
19:11 raspado joined #salt
19:14 notCalle joined #salt
19:14 JPT joined #salt
19:17 s_kunk joined #salt
19:28 bluethundr joined #salt
19:28 bluethundr hey guys, if I want to specify an internal IP for an ec2 instance using a salt cloud profile
19:29 bluethundr how would I do that?
19:29 bluethundr this is what I have so far for a profile
19:29 bluethundr https://gist.github.com/bluethundr/411d08f084f7408f09d3b9942f0c649f
19:34 ivanjaros joined #salt
19:35 jhauser joined #salt
19:36 DammitJim joined #salt
19:37 DammitJim anyone doing an ubuntu upgrade from 14.04 LTS to 16.04 using salt?
19:38 promorphus joined #salt
19:38 Kelsar joined #salt
19:38 eprice joined #salt
19:42 lionel joined #salt
19:45 lws joined #salt
19:47 sarcasticadmin joined #salt
19:48 iggy someone at the office suggested that and I punched them in the genitals
19:48 onlyanegg joined #salt
19:49 DammitJim ouch
19:51 sarcasticadmin joined #salt
19:53 dxiri joined #salt
19:56 wangofett any clue why a git.latest would work on a VPS but not on a raspberry pi?
19:56 stooj joined #salt
19:56 wangofett specifically a permissions error
19:56 nickabbey joined #salt
19:56 cscf wangofett, what error?
19:56 iggy you aren't like checking it out onto a usb flash drive formatted as fat32 or something?
19:57 cscf ^ That sounds likely
19:57 pipps joined #salt
20:00 wangofett 2/dev/mmcblk0p1        8192   137215   129024  63M  c W95 FAT32 (LBA)
20:00 wangofett /dev/mmcblk0p2      137216 60874751 60737536  29G 83 Linux
20:00 iggy that's the partition type, what kind of fs is it?
20:01 wangofett how do I check that?
20:01 wangofett (it was created following the raspbian lite install directions, using dd)
20:02 iggy `mount` will tell you
20:04 wangofett /dev/mmcblk0p2 on / type ext4 (rw,noatime,data=ordered)
20:04 fracklen joined #salt
20:04 wangofett /dev/mmcblk0p1 on /boot type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro)
20:05 wangofett I don't have any other permission issues... I can clone the repo as the root user just fine, but I think I'm using a different key
20:08 wangofett looks like that's the difference. Removing the user and identity bits make it happy
20:08 wangofett adding back identity was fine
20:08 DammitJim are there any well known issues between running salt master version 2016.11.1
20:08 woaminor joined #salt
20:08 DammitJim and salt minion 2015.8.12?
20:09 swills joined #salt
20:10 jhauser joined #salt
20:11 wangofett I don't get it. Using `www-data` for my user works on my *other* minion, but not this one. `cat /etc/passwd` shows www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
20:11 wangofett for both
20:12 cscf wangofett, does one have an ssh key that the other doesnt?
20:13 Trauma joined #salt
20:13 tercenya joined #salt
20:13 whytewolf you sure you don't have a permission issue? you said it works as root, but user: doesn't run the command as root
20:14 wangofett cscf: I'm putting the ssh key on there in a state file, so it darn well better have the same key :P
20:15 onmeac joined #salt
20:15 wangofett oh hey... looks like this *other* state fails, though:  fatal: could not create work tree dir '/var/www/waynewerner.com'.: Permission denied
20:16 wangofett oh man if it's this trailing slash...
20:16 wangofett okay no, lol
20:18 fredvd joined #salt
20:19 cscf wangofett, well, try doing the commands that Salt would be running, as the same user, etc and see what happens
20:19 Salander27_ joined #salt
20:19 wangofett Well, the user has a shell of `/usr/sbin/nologin` -_-
20:20 wangofett Not sure how salt manages to run the commands as that user :P
20:20 whytewolf sudo <command>
20:21 irctc532 joined #salt
20:21 whytewolf sorry sudo -u <user> <command>
20:21 tercenya joined #salt
20:23 cscf Indeed
20:23 irctc532 what's the best way to set a pillar value based on other pillar values stored as yaml?
20:23 wangofett oh. Well. I see now. How the heck did that happen? o.o
20:24 wangofett dr-sr-sr-t  2 www-data www-data 4.0K Dec 19 20:09 .
20:24 wangofett I'm 90% sure I looked earlier and it had 755
20:25 wangofett ermagersh. *facepalm*. 7555 != 755. FML
20:25 cscf lol
20:25 cscf That's all sorts of odd settings
20:25 cscf That first digit does some strange stuff
20:26 whytewolf sticky bits ... fun for the whole family
20:30 wangofett yeah. Thanks for the help! Second typo today :P
20:30 Salander27 joined #salt
20:30 whytewolf humm so, a 7555 = setuid + setgid + sticky bit and no one can write. frankly not sure why you had a problem with that :P
20:31 wangofett first one: `salt://letsencrypt/files/manuale-reqs.txt` != `salt://letsencrypt/files/manaule-reqs.txt`
20:33 whytewolf although sometimes i wish setuid and setgid would die in a fire
20:34 irctc532 my pillar top file includes .yml style .sls files. But now at the end i need some auto calculated values based on those. But it seems i cannot use pillar data.
20:34 whytewolf irctc532: pillars can no access pillars.
20:34 onlyanegg joined #salt
20:34 wangofett Though, templates can access pillars on pillars ;)
20:34 irctc532 whytewolf: yes i read those in the docs. But what's the best workaround or way to workaround this. I
20:35 hemebond Templates can access pillars on pillars? Asking for trouble if you try that.
20:35 wangofett i.e. {{ pillar['this']['thing'][pillar['that']['thing']] }} is a thing that you can do
20:35 hemebond Unless you mean state files.
20:35 whytewolf by not trying it in the first place and access pillars and do your calulations in your states
20:35 wangofett (in a state or template, that is)
20:36 whytewolf state/file template
20:36 irctc532 whytewolf: if i do it in the state file i need todo those calculation multiple times. Which i would like to avoid.
20:37 irctc532 hemebond: What kind of Templates?
20:37 hemebond irctc532: Every file is a template really.
20:37 hemebond Jinja can be used in pillars, states or managed files.
20:38 whytewolf irctc532: map.jinja can be your friend.
20:39 irctc532 whytewolf: mhm yes not familiar with that one but saw it already multiple times.
20:39 s_kunk joined #salt
20:40 jav joined #salt
20:40 whytewolf irctc532: learn jinja... you don't need to put all your code multiple times in the different files. just build a set of files that you can inport with context in jinja
20:40 whytewolf import
20:40 whytewolf you can even get kind of crazy and do things like macros
20:40 whytewolf :P
20:42 kingscott joined #salt
20:42 pipps joined #salt
20:42 kingscott is anyone familiar with the zabbix formula that could answer a couple questions?
20:43 cscf kingscott, don't ask to ask
20:44 * Sketch wonders how hard it is to get a formula into saltstack-formulas
20:44 irctc532 whytewolf: jinja is no problem just did not wrote any mappings. macros and import with context is already in use. I just found it nice to use pillar.items on a host to see the REAL settings for a system which matter instead of all which are processed in sls.
20:45 whytewolf sketch: looking at the quility of some of the formulas in saltstack-formulas, pretty frigging easy
20:45 bltmille_ joined #salt
20:47 Sketch whytewolf: heh, that was sort of why i was wondering.  the ones i have looked at seem pretty basic, and i ended up just writing my own states
20:47 whytewolf irctc532: thats nice and all however nothing will get pillar to read pillar. esp, since you have to consider the "calculations" are being done in jinja. which is rendered before pillars exist
20:47 Sketch but my needs currently tend to be little specific
20:50 whytewolf Sketch: thats why i don't bother with formulas. i work with systems that need a lot of customization that also have a ton of different styles of configurations. formulas tend to be a one stop show.
20:52 Sketch whytewolf: yeah, same here.  but i've been wondering if i've been doing it rong :)
20:52 Sketch wrong
20:52 whytewolf the only wrong way is the way that doesn't work.
20:54 wangofett For a variety of factors of "work" ;)
20:56 wangofett The biggest thing I think that the formulas do that I'm not quite as strict on as I should is the enabled/disabled bit
20:56 wangofett like right now with my sites-enabled on nginx :P
21:01 Derailed joined #salt
21:01 pipps joined #salt
21:02 xbglowx joined #salt
21:03 pipps joined #salt
21:03 Bico_Fino joined #salt
21:07 putak joined #salt
21:07 pipps99 joined #salt
21:09 bltmiller joined #salt
21:10 Edgan Sketch: I am not sure I see the point to getting into that repository. My formulas are more advanced and pretty much always end up including specific stuff that doesn't apply to anyone else. I also don't use them, because I like having things in a consistent style.
21:10 Edgan Sketch: I see them as a learning tool.
21:18 Bico_Fino joined #salt
21:27 promorphus joined #salt
21:32 Bico_Fino_ joined #salt
21:35 Praematura joined #salt
21:39 seanz joined #salt
21:41 combinare left #salt
21:49 mansquid joined #salt
21:50 mansquid Hey y'all I was wondering why the client.cmd() would return a cached hostname when the job cache is empty? Is there another cache I should clear?
21:53 cyborg-one joined #salt
21:56 tercenya joined #salt
22:01 tercenya joined #salt
22:17 xbglowx joined #salt
22:17 amontalban joined #salt
22:17 amontalban joined #salt
22:17 swills_ joined #salt
22:23 orianbsilva joined #salt
22:23 pipps joined #salt
22:27 swills_ joined #salt
22:28 orianbsilva hello!
22:28 Bico_Fino joined #salt
22:29 whytewolf greetings
22:32 netcho joined #salt
22:32 orianbsilva i am following this doc page
22:33 orianbsilva its possible to run this on windows using cygwin
22:33 orianbsilva https://docs.saltstack.com/en/latest/topics/development/hacking.html
22:33 DEger joined #salt
22:33 orianbsilva virtual env is ok. but can i ga futher? and run an sal environment
22:33 PeterO joined #salt
22:33 orianbsilva ??
22:34 Derailed joined #salt
22:34 whytewolf in thoery, yes.... although might need some heavy tweeking and might be better done if you were just to install virtualbox and use a vm running linux
22:35 whytewolf the enviroment in cygwin could really through off the tests
22:36 wangofett Yeah, I'd run inside virtualbox if you're going to hack on salt
22:36 orianbsilva ok thks.
22:42 jeddi joined #salt
22:43 Trauma joined #salt
22:50 orianbsilva joined #salt
22:51 sarcasticadmin joined #salt
22:55 netcho joined #salt
23:04 bfrog joined #salt
23:06 bfrog so I'm confused... I thought {% load_yaml as myvar %} ... would actually add the yaml as a variable to the local sls as well as any imports
23:06 bfrog I want to shared some pillar data to reuse in other pillars, that seemed like a nice way of doing it at first
23:08 bfrog in the docs https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html the last example was what I was basing things on, my assumption was that doc1 would have var1 and var2 in it
23:08 bfrog but salt complains it can't find it
23:09 tercenya joined #salt
23:10 sarcasticadm joined #salt
23:11 felskrone joined #salt
23:12 jeddi joined #salt
23:13 bfrog I guess that doesn't make sense now that I think about it
23:14 binocvlar http://www.dailyedge.ie/christmas-tree-ornament-3146596-Dec2016/
23:14 wangofett joined #salt
23:14 bfrog I guess I could use template inheritance to get what I want
23:14 bfrog seems hokey though
23:14 bfrog oh well
23:14 ponyofdeath hi, how can I get unless to execute as a specific user and not root?
23:20 Trauma joined #salt
23:23 wangofett You could definitely do it with sudo/su
23:23 wangofett not sure if that's the "best" way
23:29 Sammichmaker joined #salt
23:30 debian112 joined #salt
23:35 nicksloan joined #salt
23:38 whytewolf sicne the only config that changes how unless reacts is the unless setting that is about the only option. sudo -u <user> <command> the caveat being that the sudo could also fail
23:40 mikecmpbll joined #salt
23:44 TyrfingMjolnir joined #salt
23:46 pipps99 joined #salt
23:50 pipps joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary