Time |
Nick |
Message |
00:03 |
|
tobiasBora joined #salt |
00:12 |
|
dxiri_ joined #salt |
00:17 |
|
amontalban joined #salt |
00:17 |
|
amontalban joined #salt |
00:22 |
|
madboxs joined #salt |
00:43 |
hexa- |
augeas with sshd via salt is just painful when it comes to sshd.lns caveeats |
00:43 |
|
DEger joined #salt |
00:45 |
hexa- |
trying to insert hostkeys before the match block like |
00:45 |
hexa- |
- rm HostKey |
00:45 |
hexa- |
- ins HostKey before Match |
00:45 |
hexa- |
- set HostKey[n] path |
00:46 |
hexa- |
it will always tell me it was unable to save the file |
00:46 |
hexa- |
that's not very helpful |
00:46 |
|
dxiri joined #salt |
00:48 |
hexa- |
minion log be like |
00:48 |
hexa- |
2016-12-19 01:47:49,856 [salt.state ][ERROR ][21928] Error: Unable to save to file! |
00:48 |
hexa- |
on loglevel debug |
00:49 |
|
tobiasBora joined #salt |
00:51 |
|
Hazelesque joined #salt |
00:54 |
|
gentoo joined #salt |
00:56 |
|
jeddi joined #salt |
00:57 |
hexa- |
turns out I have to ins for each HostKey |
00:57 |
hexa- |
even though it uses an array-like notation |
00:59 |
|
anotherzero joined #salt |
01:02 |
|
sh123124213 joined #salt |
01:09 |
|
KevinAn27 joined #salt |
01:17 |
|
DEger joined #salt |
01:19 |
|
combinare joined #salt |
01:22 |
|
tobiasBora joined #salt |
01:33 |
|
shoemonkey joined #salt |
01:37 |
|
madboxs joined #salt |
01:43 |
|
madboxs_ joined #salt |
01:44 |
|
vod1k joined #salt |
02:01 |
|
stooj joined #salt |
02:01 |
|
shoemonkey joined #salt |
02:09 |
|
gentoo joined #salt |
02:09 |
|
gentoo joined #salt |
02:10 |
|
gentoo joined #salt |
02:10 |
|
gentoo joined #salt |
02:11 |
|
gentoo joined #salt |
02:25 |
|
amontalban joined #salt |
02:25 |
|
amontalban joined #salt |
02:26 |
|
jeddi joined #salt |
02:28 |
|
mavhq joined #salt |
02:29 |
|
swills joined #salt |
02:31 |
|
gentoo_ joined #salt |
02:40 |
|
mpanetta joined #salt |
02:40 |
|
evle joined #salt |
02:41 |
|
sebastian-w joined #salt |
02:48 |
|
ilbot3 joined #salt |
02:48 |
|
Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers |
02:48 |
|
shoemonkey joined #salt |
02:55 |
|
gentoo_ joined #salt |
02:59 |
|
catpiggest joined #salt |
03:02 |
|
m0nky_ joined #salt |
03:03 |
|
sh123124213 joined #salt |
03:03 |
|
skeezix-hf joined #salt |
03:05 |
|
esharpmajor joined #salt |
03:06 |
|
georgemarshall joined #salt |
03:07 |
|
djhaskin987_ joined #salt |
03:10 |
|
smcquay joined #salt |
03:12 |
|
ws2k3 joined #salt |
03:12 |
|
CaptTofu joined #salt |
03:13 |
|
futuredale joined #salt |
03:14 |
|
godlike joined #salt |
03:14 |
|
godlike joined #salt |
03:19 |
|
shoemonkey joined #salt |
03:20 |
|
darvon_ joined #salt |
03:23 |
|
k_sze[work] joined #salt |
03:26 |
|
JamieH joined #salt |
03:26 |
|
frew joined #salt |
03:27 |
|
bastiand1 joined #salt |
03:27 |
|
dxiri joined #salt |
03:28 |
|
feld joined #salt |
03:29 |
|
godlike joined #salt |
03:42 |
|
madboxs_ joined #salt |
03:45 |
|
JPT joined #salt |
04:00 |
|
shoemonkey joined #salt |
04:14 |
|
vodik joined #salt |
04:27 |
|
amontalban joined #salt |
04:32 |
|
hvn joined #salt |
04:33 |
hvn |
hi all, is there any exist effort to create something like "ansible galaxy" for Salt? in short, it is a command line tool to download (git pull) from GitHub a specified formula? Coz I'm thinking to create one |
04:34 |
|
digitalhighway joined #salt |
04:39 |
hemebond |
hvn: How would that work? |
04:39 |
hemebond |
If I want a formula I just clone the repo and I'm done. |
04:44 |
iggy |
hvn: you mean like spm? |
04:48 |
|
aidin joined #salt |
05:00 |
hvn |
hemebond: it more organized, it like will put the formula into /srv/salt or a configured place |
05:00 |
hvn |
iggy: I will have a look at spm, maybe the same |
05:01 |
hvn |
beside that, it has a dashboard for community, than current we only look at salt-formula github user, which is not user friendly and not meet all other community like Chef or Ansible |
05:06 |
|
DEger joined #salt |
05:08 |
|
dxiri joined #salt |
05:13 |
hemebond |
hvn: But can't you already kind of do that with gitfs for forumlas? |
05:13 |
hemebond |
I've not used formulas like that; I just clone the repo and symlink it where I want it available. Easier than playing with master config every time. |
05:15 |
hvn |
hemebond: we ditched the gitfs totally, it's painfully slow and consume CPU , so now just git clone in cron |
05:15 |
hvn |
hemebond: you have a good workaround, I don't say that is impossible for we to setup that but a tool to easy all that seems be good for everyone |
05:22 |
hvn |
I skimmed the spm and it seems also deal with pillar, which is different thing |
05:22 |
hvn |
and how does SPM doing, anyone really use it? |
05:27 |
|
mattl joined #salt |
05:31 |
|
om2 joined #salt |
05:31 |
|
prg3 joined #salt |
05:32 |
|
dxiri_ joined #salt |
05:34 |
|
bocaneri joined #salt |
05:47 |
|
DEger joined #salt |
05:50 |
|
rdas joined #salt |
05:56 |
|
dxiri joined #salt |
06:10 |
|
preludedrew joined #salt |
06:28 |
|
vodik joined #salt |
06:31 |
|
bayindirh joined #salt |
06:34 |
|
samodid joined #salt |
06:42 |
|
mpanetta joined #salt |
06:44 |
|
teclator joined #salt |
06:48 |
|
sarlalian joined #salt |
06:58 |
|
swa_work joined #salt |
07:02 |
iggy |
the maintainers of the formulas are already pretty overworked, I hope whatever you're planning doesn't add more work for them |
07:07 |
|
DEger joined #salt |
07:09 |
|
colttt joined #salt |
07:12 |
|
hvn joined #salt |
07:12 |
|
hvn joined #salt |
07:29 |
|
amontalban joined #salt |
07:30 |
|
nidr0x joined #salt |
07:44 |
|
fracklen joined #salt |
07:45 |
|
stooj joined #salt |
07:45 |
|
aidin joined #salt |
07:49 |
yuhl__ |
hi, I try to set up some configuration depending on the state of ipv6. How can I do to do something in a file template if and only if ipv6 contains more than "link local" (the one who starts with fe80 to talk to the router) and the loopback (::1) |
07:51 |
|
dkrae joined #salt |
08:02 |
|
sh123124213 joined #salt |
08:15 |
|
uu joined #salt |
08:18 |
|
sh123124213 joined #salt |
08:23 |
|
sh123124213 joined #salt |
08:28 |
|
o1e9 joined #salt |
08:31 |
|
samodid joined #salt |
08:33 |
|
aidin joined #salt |
08:42 |
|
JohnnyRun joined #salt |
08:43 |
|
darioleidi joined #salt |
08:47 |
|
dunz0r joined #salt |
08:58 |
|
SpX joined #salt |
09:00 |
|
fracklen joined #salt |
09:05 |
|
mikecmpbll joined #salt |
09:05 |
hemebond |
yuhl__: Use Jinja in your state to check the network grains. |
09:14 |
|
keimlink joined #salt |
09:18 |
|
sh123124213 joined #salt |
09:24 |
|
ReV013 joined #salt |
09:28 |
zer0def |
um, quick question - is there any reason redhat network-scripts templates don't have an option which controlls whether you'd like your interface managed by NetworkManager or not? or is it just an oversight? |
09:30 |
|
kbaikov joined #salt |
09:35 |
|
Kelsar joined #salt |
09:38 |
|
N-Mi__ joined #salt |
09:39 |
|
s_kunk joined #salt |
09:45 |
yuhl__ |
hemebond: I did it like this: {% if [e for e in q if grains["ipv6"] in ["fd69:620:600", "2001:620:600"]] %} |
09:46 |
yuhl__ |
and it does not want to work |
09:47 |
zer0def |
i'm not sure list comprehensions work in jinja |
09:53 |
|
onmeac joined #salt |
10:01 |
babilen |
They don't |
10:15 |
|
jhauser joined #salt |
10:20 |
|
oida joined #salt |
10:20 |
|
dxiri joined #salt |
10:21 |
|
greeny___ joined #salt |
10:24 |
|
bluenemo joined #salt |
10:32 |
|
amontalban joined #salt |
10:32 |
|
amontalban joined #salt |
10:33 |
yuhl__ |
zer0def: I also try with lambda and filter... but it does not seems to work neither |
10:35 |
zer0def |
yuhl__: let me just get that clear - you're looking for addresses with these prefixes, correct? |
10:37 |
hlub |
Hmm, I've organized my sls files to formulas, separate groups of sls and other files. It would be nice, if I can develop those formulas without creating too much dependencies between them. For instance, if a formula needs reactors, that means adding some configuration for the master. but the master configurations are generated within the salt formula... |
10:38 |
|
jeddi joined #salt |
10:39 |
zer0def |
yuhl__: for starters, the ipv6 grain is a list, so you'll need to iterate over it and you'll most likely need to do a flag variable that gets set (or remains unset) if a set of conditions occur |
10:40 |
hlub |
what if I write a hack to the salt formula that searches for files salt://*/reactors/*.sls and automatically adds them to the reactor config. The event tags could simply be contained on the first line (commented) of those files. |
10:42 |
hlub |
any comments on this? :) |
10:43 |
|
mpanetta joined #salt |
10:46 |
|
Miouge joined #salt |
10:49 |
babilen |
hlub: What I would do is to ship certain information in the formulas pillar file .. That way you could have a "reactors: reactor_paths: - salt://foo_service/reactors" in the foo_service pillar SLS and rely on pillar merging to combine that in a coherent whole |
10:50 |
babilen |
If you use salt-formula for this you could also populate salt:reactor (cf. https://github.com/saltstack-formulas/salt-formula/blob/master/pillar.example#L218) from different, service specific, SLSs |
10:50 |
|
raspado joined #salt |
10:52 |
babilen |
Alternatively stick to your salt://*/reactors/*.sls plan and parse the output of cp.list_master -- It really depends on the way you already configure your master really |
10:53 |
babilen |
But given that you need the event_match/SLS combo for reactors, it might be easiest to simply populate salt:reactor right away |
10:54 |
|
stooj joined #salt |
10:57 |
|
fracklen joined #salt |
10:59 |
hlub |
yeah, using the pillar might be the easiest way. However, I have tried to avoid such pillar configurations that are always required and really need not be customized. |
10:59 |
hlub |
i.e. trying to keep pillar as simple as possible. |
11:01 |
|
mikecmpb_ joined #salt |
11:01 |
|
sh123124213 joined #salt |
11:02 |
|
N-Mi__ joined #salt |
11:02 |
|
amcorreia joined #salt |
11:04 |
|
mjimeneznet joined #salt |
11:05 |
|
theblazehen joined #salt |
11:07 |
mjimeneznet |
Hello! Do you know a optimal way to do this? I'm getting Conflicting ID http://hastebin.com/tulevehide.cs |
11:07 |
yuhl__ |
zer0def: exactly |
11:07 |
R_afk |
that doesn’t exist |
11:07 |
R_afk |
mjimeneznet^ |
11:08 |
|
stooj joined #salt |
11:08 |
|
DEger joined #salt |
11:09 |
yuhl__ |
zer0def: I'm okay to iterate against grains["ipv6"], but I'm not wanting to have an output for each value. |
11:11 |
mjimeneznet |
Reverend: What does not exists? |
11:13 |
|
theblazehen joined #salt |
11:19 |
Reverend |
nevermind |
11:19 |
Reverend |
our internal dns borker |
11:20 |
Reverend |
mjimeneznet - your for loop is creating two `/etc/init.d/sidekiq-bla-blerp` files |
11:20 |
Reverend |
check your chache-file for duplicates |
11:21 |
|
hvn joined #salt |
11:23 |
|
const joined #salt |
11:23 |
const |
Hi, is it possible to use {% if my_var %} inside file.managed jinja template? |
11:23 |
mjimeneznet |
But I'm trying to create only on file if only is backend02 or backend04 |
11:24 |
mjimeneznet |
if I remove one backend from the if, the task works |
11:24 |
Reverend |
try putting your for loop in a jinja template... and see what it outputs |
11:25 |
zer0def |
yuhl__: one doesn't imply the other, since all you could do is generate values as basis for rendering file content; even better, you could (and probably should) move that logic back to the sls and just pass a context variable to rendered file |
11:29 |
|
cebreidian joined #salt |
11:29 |
|
oida joined #salt |
11:33 |
|
abednarik joined #salt |
11:34 |
|
aidin joined #salt |
11:52 |
|
mikecmpbll joined #salt |
12:05 |
|
teclator joined #salt |
12:07 |
|
Bico_Fino joined #salt |
12:10 |
|
fgimian joined #salt |
12:18 |
|
stooj joined #salt |
12:26 |
|
stooj joined #salt |
12:34 |
|
keimlink joined #salt |
12:39 |
|
keimlink joined #salt |
12:40 |
Reverend |
mjimeneznet - did you figure it out? |
12:44 |
|
mpanetta joined #salt |
12:45 |
|
riftman joined #salt |
12:45 |
|
keimlink joined #salt |
12:46 |
|
johnkeates joined #salt |
12:47 |
|
austin_ joined #salt |
12:47 |
|
stooj joined #salt |
12:49 |
|
Bico_Fino joined #salt |
12:51 |
austin_ |
i'm looking to seed the syndic master with either minion or syndic keys. is it a good pattern to use the salt-api to generate these keys? |
12:52 |
|
amontalban joined #salt |
12:52 |
|
amontalban joined #salt |
12:58 |
|
fredvd joined #salt |
13:06 |
|
aidin joined #salt |
13:08 |
mjimeneznet |
Reverend: Nop, I don't know why have this behaviour |
13:10 |
yuhl__ |
zer0def: I tried what you told me: |
13:10 |
yuhl__ |
{% set ipv6_enabled = False %} |
13:10 |
yuhl__ |
{% for ip in grains["ipv6"] %} |
13:10 |
yuhl__ |
ip {{ ip }} |
13:10 |
yuhl__ |
{% if ip[:12] in ["fd69:620:600", "2001:620:600"] %} |
13:10 |
yuhl__ |
{% set ipv6_enabled = True %} |
13:10 |
yuhl__ |
ipv6 {{ ipv6_enabled }} |
13:10 |
yuhl__ |
{% endif %} |
13:10 |
yuhl__ |
{% endfor %} |
13:11 |
yuhl__ |
oups sorry |
13:11 |
yuhl__ |
{% set ipv6_enabled = False %} |
13:11 |
yuhl__ |
{% for ip in grains["ipv6"] %} |
13:11 |
yuhl__ |
{% if ip[:12] in ["fd69:620:600", "2001:620:600"] %} |
13:11 |
yuhl__ |
{% set ipv6_enabled = True %} |
13:11 |
yuhl__ |
{% endif %} |
13:11 |
yuhl__ |
{% endfor %} |
13:11 |
austin_ |
gist works :) |
13:13 |
yuhl__ |
https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff |
13:14 |
yuhl__ |
it seems that ipv6_enabled is somehow scoped ! |
13:20 |
austin_ |
just looking but is this the right file ? it says *_master.conf in the minion dir :)https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff#file-ipv6-sls-L8 |
13:22 |
|
ivanjaros joined #salt |
13:24 |
yuhl__ |
austin_: yep this is where I instruct where the master is. |
13:25 |
austin_ |
yuhl__: heeh. yea it was just like, let me just state something obvious before i take a look |
13:25 |
yuhl__ |
;P |
13:27 |
|
theblazehen joined #salt |
13:30 |
|
numkem joined #salt |
13:39 |
|
cyborg-one joined #salt |
13:40 |
|
edrocks joined #salt |
13:41 |
|
sh123124213 joined #salt |
13:46 |
|
Nahual joined #salt |
13:50 |
zer0def |
yuhl__: you're probably better off using something more refined than simple string comparison for ipv6 addresses |
13:51 |
zer0def |
try using https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html |
13:53 |
|
dyasny joined #salt |
13:53 |
|
sh123124213 joined #salt |
13:54 |
|
flyboy82 joined #salt |
13:58 |
|
lasseknudsen joined #salt |
13:58 |
yuhl__ |
zer0def: what you said is really interesting or bugging me. |
13:58 |
yuhl__ |
I really never understood what such salt modules could do. |
13:59 |
yuhl__ |
Are you telling me that I can use such module as a python module within my state ' |
13:59 |
yuhl__ |
? |
13:59 |
zer0def |
yes, you just do `{{ salt['network.in_subnet']('127.0.0.0.8') }}` for example |
14:00 |
zer0def |
erm, i messed up the argument, but you get the idea |
14:01 |
yuhl__ |
that is surprising |
14:01 |
zer0def |
ipv6 addresses are peculiar in the sense that multiple notations can stand for the same set of bits |
14:02 |
Reverend |
mjimeneznet: did you try outputting your for loop to a file and seeing what it has in it? |
14:03 |
zer0def |
yuhl__: basically, if you want to check if your machine is in a 192.168. private subnet, for example, you could set a value like `{% set priv_net192 = salt['network.in_subnet']('192.168.0.0/16') %}` and then operate with the `priv_net192` variable |
14:03 |
Reverend |
mjimeneznet: you’re gonna have conflicts if the filename (the name of the block in your sls) is the duplicated. that’s why it’s erroring. |
14:03 |
yuhl__ |
that is really interesting. |
14:04 |
zer0def |
just be sure to consult what a particular execution module function returns |
14:04 |
yuhl__ |
but I still do not know how do I do if I got a list of ips that must match different cidr |
14:05 |
zer0def |
my idea is that you create a list of CIDRs to match up against and set a flag, which you then use for populating the file |
14:06 |
yuhl__ |
This is sad, that the network module did not give a way to exclude the "link local" as they do with the "loopback" |
14:06 |
zer0def |
your idea is would work just fine with ipv4, though |
14:07 |
yuhl__ |
zer0def: I try to have a "master" in the minion config, that change its value from an ipv4 ip if the host as ipv4 enabled to an ipv6 ip if the host as ipv6 enabled. |
14:08 |
|
lasseknudsen joined #salt |
14:08 |
|
hvn joined #salt |
14:09 |
yuhl__ |
zer0def: and so my gist: https://gist.github.com/briner/4453a3e644a942347549f2afe9f469ff where I iterate the ip still not work, as ipv6_enabled is always false in my case (even if grains returns me ipv6 address) |
14:09 |
zer0def |
so basically preferring ipv6 over ipv4… wouldn't it be simpler to use dns? unless you can't |
14:14 |
zer0def |
ok, even if you can't, you could use the "contents" kwarg, instead of "source", because ideally, that file only contains "master: <master_ip>"… i'm not yet sure, how to fetch a minion's master ip |
14:14 |
|
dyasny joined #salt |
14:15 |
|
abednarik joined #salt |
14:16 |
zer0def |
yuhl__: also, as mentioned previously, i'm not sure that using direct string comparison with ipv6 addresses is a good idea |
14:17 |
yuhl__ |
zer0def: Yeah !!! https://gist.github.com/briner/beca757865ba0dbfcdeab78edecfeefb |
14:18 |
yuhl__ |
zer0def: Thanks a lot.. I did learn a lot todax |
14:18 |
zer0def |
yuhl__: that's an interesting usage of an addition operator |
14:19 |
zer0def |
but as long as it works for you, good :) |
14:20 |
|
abednarik joined #salt |
14:23 |
|
dyasny joined #salt |
14:24 |
|
saintpablo joined #salt |
14:24 |
|
fxhp joined #salt |
14:25 |
|
boggle joined #salt |
14:28 |
|
nicksloan joined #salt |
14:29 |
|
hvn joined #salt |
14:32 |
|
abednarik joined #salt |
14:32 |
|
austin_ joined #salt |
14:32 |
austin_ |
yuhl__: idk if you already found the answer but https://gist.github.com/austinpapp/ce1bb4fa80223b3645532dfa3b7fecb2 |
14:36 |
zer0def |
austin_: he has, just pointed him at network.in_subnet, because direct string comparison in ipv6 works unreliably due to multiplicity of notation |
14:37 |
|
fracklen joined #salt |
14:37 |
austin_ |
zer0def: o ok. cool. yea but it does highlight at least a workaround for those situations. what was the network.in_subnet solution? |
14:37 |
zer0def |
austin_: https://gist.github.com/briner/beca757865ba0dbfcdeab78edecfeefb |
14:38 |
zer0def |
much cleaner, too |
14:38 |
austin_ |
ah yea. way better :) |
14:41 |
|
fracklen_ joined #salt |
14:42 |
|
fracklen joined #salt |
14:45 |
|
ekristen joined #salt |
14:45 |
|
cachedout joined #salt |
14:49 |
|
seanz joined #salt |
14:53 |
|
hvn joined #salt |
14:53 |
|
saintpablo joined #salt |
14:58 |
|
nickabbey joined #salt |
15:00 |
|
fracklen joined #salt |
15:01 |
|
dxiri joined #salt |
15:01 |
|
fracklen joined #salt |
15:08 |
|
fracklen joined #salt |
15:11 |
|
abednarik joined #salt |
15:14 |
|
fracklen joined #salt |
15:21 |
|
dyasny joined #salt |
15:26 |
|
ecdhe joined #salt |
15:26 |
|
ecdhe joined #salt |
15:26 |
austin_ |
i am calling http://ip:8000/keys to generate 2 keypair for a syndic |
15:26 |
austin_ |
however, i'm seeing ==> tar: minion.pub: implausibly old time stamp 1970-01-01 00:00:00 |
15:27 |
austin_ |
has anyone see this problem ? |
15:27 |
austin_ |
its unclear to me why it would be corrupt |
15:27 |
austin_ |
in this situation, i am purposely disabling ssl for testing |
15:29 |
|
nZac joined #salt |
15:31 |
|
schemanic_ joined #salt |
15:32 |
|
tobiasBora joined #salt |
15:43 |
|
anotherzero joined #salt |
15:44 |
|
abednarik joined #salt |
15:52 |
|
esharpmajor joined #salt |
15:53 |
|
Brew joined #salt |
15:55 |
|
mk-fg joined #salt |
15:56 |
cscf |
austin_, while that's strange, an epoch 0 timestamp shouldn't cause much trouble. |
15:58 |
yuhl__ |
austin_, zer0def: should I do a bug report, to add a include_local_link not modules.network.ip_addrs6 |
15:59 |
yuhl__ |
s/not/in/ |
15:59 |
|
sarcasticadmin joined #salt |
16:01 |
sh123124213 |
gtmanfred: Following our conversation on whether minions can listen on all other minions communication in saltstack. I see there is 'zmq_filtering': bool which is supposed to restrict this ? Can you please confirm ? |
16:09 |
|
ALLmightySPIFF joined #salt |
16:09 |
|
pipps joined #salt |
16:10 |
|
the_lalelu joined #salt |
16:10 |
|
ALLmightySPIFF joined #salt |
16:10 |
|
promorphus joined #salt |
16:11 |
|
pipps joined #salt |
16:12 |
|
Ludo- joined #salt |
16:12 |
|
debian112 joined #salt |
16:13 |
|
aarontc joined #salt |
16:14 |
|
chmod666org joined #salt |
16:16 |
|
fracklen joined #salt |
16:17 |
bfrog |
got this today... https://gist.github.com/bfrog/85774394d5a9eff0d3786f8b8e8b0824 |
16:17 |
bfrog |
nice stack trace about lspci |
16:17 |
bfrog |
bug worthy? |
16:20 |
zer0def |
yuhl__: to be frank, i'm not one to answer this question, but try your odds at posting an issue about it |
16:20 |
|
Ssquidly joined #salt |
16:23 |
|
dxiri joined #salt |
16:26 |
sh123124213 |
bfrog: can you run /usr/bin/lspci in your box ? |
16:29 |
|
fracklen joined #salt |
16:30 |
|
tiwula joined #salt |
16:33 |
|
theblazehen joined #salt |
16:34 |
|
nickabbey joined #salt |
16:34 |
|
mpanetta joined #salt |
16:36 |
|
mpanetta joined #salt |
16:38 |
|
Horgix joined #salt |
16:40 |
bfrog |
will try in a few |
16:40 |
|
tobiasBora joined #salt |
16:41 |
|
armguy_ joined #salt |
16:42 |
|
abednarik joined #salt |
16:43 |
|
dxiri joined #salt |
16:46 |
|
usernkey joined #salt |
16:47 |
|
tobiasBora joined #salt |
16:48 |
|
samodid joined #salt |
16:49 |
|
usernkey joined #salt |
16:50 |
|
pmcg joined #salt |
16:58 |
|
ubahmapk joined #salt |
17:01 |
|
DEger joined #salt |
17:02 |
|
pipps joined #salt |
17:03 |
|
Sarph joined #salt |
17:07 |
|
raspado joined #salt |
17:11 |
|
eprice joined #salt |
17:11 |
|
aidin joined #salt |
17:14 |
|
aarontc joined #salt |
17:17 |
|
pipps joined #salt |
17:22 |
|
dxiri joined #salt |
17:23 |
|
abednarik joined #salt |
17:23 |
|
averell joined #salt |
17:25 |
|
raspado joined #salt |
17:29 |
|
lws joined #salt |
17:31 |
|
esharpmajor joined #salt |
17:31 |
|
pipps joined #salt |
17:42 |
|
nickabbey joined #salt |
17:44 |
|
dxiri joined #salt |
17:46 |
|
Trauma joined #salt |
17:53 |
|
aw110f joined #salt |
17:54 |
|
Edgan joined #salt |
17:59 |
|
bowhunter joined #salt |
18:00 |
|
Salander27 joined #salt |
18:04 |
|
mpanetta joined #salt |
18:08 |
|
pipps joined #salt |
18:09 |
|
dxiri joined #salt |
18:12 |
|
Kelsar joined #salt |
18:15 |
|
stooj joined #salt |
18:17 |
|
sp0097 joined #salt |
18:19 |
|
onlyanegg joined #salt |
18:23 |
|
Praematura joined #salt |
18:30 |
|
mikecmpbll joined #salt |
18:32 |
|
CrummyGummy joined #salt |
18:34 |
|
wendall911 joined #salt |
18:35 |
|
pipps joined #salt |
18:38 |
|
dxiri joined #salt |
18:39 |
|
onlyanegg joined #salt |
18:43 |
|
SpX joined #salt |
18:45 |
|
stooj joined #salt |
18:53 |
|
nickabbey joined #salt |
18:54 |
|
oida joined #salt |
18:57 |
|
jschoolcraft joined #salt |
18:59 |
|
Miouge joined #salt |
18:59 |
|
Miouge left #salt |
19:10 |
|
ntropy_ joined #salt |
19:10 |
|
fracklen_ joined #salt |
19:11 |
|
raspado joined #salt |
19:14 |
|
notCalle joined #salt |
19:14 |
|
JPT joined #salt |
19:17 |
|
s_kunk joined #salt |
19:28 |
|
bluethundr joined #salt |
19:28 |
bluethundr |
hey guys, if I want to specify an internal IP for an ec2 instance using a salt cloud profile |
19:29 |
bluethundr |
how would I do that? |
19:29 |
bluethundr |
this is what I have so far for a profile |
19:29 |
bluethundr |
https://gist.github.com/bluethundr/411d08f084f7408f09d3b9942f0c649f |
19:34 |
|
ivanjaros joined #salt |
19:35 |
|
jhauser joined #salt |
19:36 |
|
DammitJim joined #salt |
19:37 |
DammitJim |
anyone doing an ubuntu upgrade from 14.04 LTS to 16.04 using salt? |
19:38 |
|
promorphus joined #salt |
19:38 |
|
Kelsar joined #salt |
19:38 |
|
eprice joined #salt |
19:42 |
|
lionel joined #salt |
19:45 |
|
lws joined #salt |
19:47 |
|
sarcasticadmin joined #salt |
19:48 |
iggy |
someone at the office suggested that and I punched them in the genitals |
19:48 |
|
onlyanegg joined #salt |
19:49 |
DammitJim |
ouch |
19:51 |
|
sarcasticadmin joined #salt |
19:53 |
|
dxiri joined #salt |
19:56 |
wangofett |
any clue why a git.latest would work on a VPS but not on a raspberry pi? |
19:56 |
|
stooj joined #salt |
19:56 |
wangofett |
specifically a permissions error |
19:56 |
|
nickabbey joined #salt |
19:56 |
cscf |
wangofett, what error? |
19:56 |
iggy |
you aren't like checking it out onto a usb flash drive formatted as fat32 or something? |
19:57 |
cscf |
^ That sounds likely |
19:57 |
|
pipps joined #salt |
20:00 |
wangofett |
2/dev/mmcblk0p1 8192 137215 129024 63M c W95 FAT32 (LBA) |
20:00 |
wangofett |
/dev/mmcblk0p2 137216 60874751 60737536 29G 83 Linux |
20:00 |
iggy |
that's the partition type, what kind of fs is it? |
20:01 |
wangofett |
how do I check that? |
20:01 |
wangofett |
(it was created following the raspbian lite install directions, using dd) |
20:02 |
iggy |
`mount` will tell you |
20:04 |
wangofett |
/dev/mmcblk0p2 on / type ext4 (rw,noatime,data=ordered) |
20:04 |
|
fracklen joined #salt |
20:04 |
wangofett |
/dev/mmcblk0p1 on /boot type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro) |
20:05 |
wangofett |
I don't have any other permission issues... I can clone the repo as the root user just fine, but I think I'm using a different key |
20:08 |
wangofett |
looks like that's the difference. Removing the user and identity bits make it happy |
20:08 |
wangofett |
adding back identity was fine |
20:08 |
DammitJim |
are there any well known issues between running salt master version 2016.11.1 |
20:08 |
|
woaminor joined #salt |
20:08 |
DammitJim |
and salt minion 2015.8.12? |
20:09 |
|
swills joined #salt |
20:10 |
|
jhauser joined #salt |
20:11 |
wangofett |
I don't get it. Using `www-data` for my user works on my *other* minion, but not this one. `cat /etc/passwd` shows www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin |
20:11 |
wangofett |
for both |
20:12 |
cscf |
wangofett, does one have an ssh key that the other doesnt? |
20:13 |
|
Trauma joined #salt |
20:13 |
|
tercenya joined #salt |
20:13 |
whytewolf |
you sure you don't have a permission issue? you said it works as root, but user: doesn't run the command as root |
20:14 |
wangofett |
cscf: I'm putting the ssh key on there in a state file, so it darn well better have the same key :P |
20:15 |
|
onmeac joined #salt |
20:15 |
wangofett |
oh hey... looks like this *other* state fails, though: fatal: could not create work tree dir '/var/www/waynewerner.com'.: Permission denied |
20:16 |
wangofett |
oh man if it's this trailing slash... |
20:16 |
wangofett |
okay no, lol |
20:18 |
|
fredvd joined #salt |
20:19 |
cscf |
wangofett, well, try doing the commands that Salt would be running, as the same user, etc and see what happens |
20:19 |
|
Salander27_ joined #salt |
20:19 |
wangofett |
Well, the user has a shell of `/usr/sbin/nologin` -_- |
20:20 |
wangofett |
Not sure how salt manages to run the commands as that user :P |
20:20 |
whytewolf |
sudo <command> |
20:21 |
|
irctc532 joined #salt |
20:21 |
whytewolf |
sorry sudo -u <user> <command> |
20:21 |
|
tercenya joined #salt |
20:23 |
cscf |
Indeed |
20:23 |
irctc532 |
what's the best way to set a pillar value based on other pillar values stored as yaml? |
20:23 |
wangofett |
oh. Well. I see now. How the heck did that happen? o.o |
20:24 |
wangofett |
dr-sr-sr-t 2 www-data www-data 4.0K Dec 19 20:09 . |
20:24 |
wangofett |
I'm 90% sure I looked earlier and it had 755 |
20:25 |
wangofett |
ermagersh. *facepalm*. 7555 != 755. FML |
20:25 |
cscf |
lol |
20:25 |
cscf |
That's all sorts of odd settings |
20:25 |
cscf |
That first digit does some strange stuff |
20:26 |
whytewolf |
sticky bits ... fun for the whole family |
20:30 |
wangofett |
yeah. Thanks for the help! Second typo today :P |
20:30 |
|
Salander27 joined #salt |
20:30 |
whytewolf |
humm so, a 7555 = setuid + setgid + sticky bit and no one can write. frankly not sure why you had a problem with that :P |
20:31 |
wangofett |
first one: `salt://letsencrypt/files/manuale-reqs.txt` != `salt://letsencrypt/files/manaule-reqs.txt` |
20:33 |
whytewolf |
although sometimes i wish setuid and setgid would die in a fire |
20:34 |
irctc532 |
my pillar top file includes .yml style .sls files. But now at the end i need some auto calculated values based on those. But it seems i cannot use pillar data. |
20:34 |
whytewolf |
irctc532: pillars can no access pillars. |
20:34 |
|
onlyanegg joined #salt |
20:34 |
wangofett |
Though, templates can access pillars on pillars ;) |
20:34 |
irctc532 |
whytewolf: yes i read those in the docs. But what's the best workaround or way to workaround this. I |
20:35 |
hemebond |
Templates can access pillars on pillars? Asking for trouble if you try that. |
20:35 |
wangofett |
i.e. {{ pillar['this']['thing'][pillar['that']['thing']] }} is a thing that you can do |
20:35 |
hemebond |
Unless you mean state files. |
20:35 |
whytewolf |
by not trying it in the first place and access pillars and do your calulations in your states |
20:35 |
wangofett |
(in a state or template, that is) |
20:36 |
whytewolf |
state/file template |
20:36 |
irctc532 |
whytewolf: if i do it in the state file i need todo those calculation multiple times. Which i would like to avoid. |
20:37 |
irctc532 |
hemebond: What kind of Templates? |
20:37 |
hemebond |
irctc532: Every file is a template really. |
20:37 |
hemebond |
Jinja can be used in pillars, states or managed files. |
20:38 |
whytewolf |
irctc532: map.jinja can be your friend. |
20:39 |
irctc532 |
whytewolf: mhm yes not familiar with that one but saw it already multiple times. |
20:39 |
|
s_kunk joined #salt |
20:40 |
|
jav joined #salt |
20:40 |
whytewolf |
irctc532: learn jinja... you don't need to put all your code multiple times in the different files. just build a set of files that you can inport with context in jinja |
20:40 |
whytewolf |
import |
20:40 |
whytewolf |
you can even get kind of crazy and do things like macros |
20:40 |
whytewolf |
:P |
20:42 |
|
kingscott joined #salt |
20:42 |
|
pipps joined #salt |
20:42 |
kingscott |
is anyone familiar with the zabbix formula that could answer a couple questions? |
20:43 |
cscf |
kingscott, don't ask to ask |
20:44 |
* Sketch |
wonders how hard it is to get a formula into saltstack-formulas |
20:44 |
irctc532 |
whytewolf: jinja is no problem just did not wrote any mappings. macros and import with context is already in use. I just found it nice to use pillar.items on a host to see the REAL settings for a system which matter instead of all which are processed in sls. |
20:45 |
whytewolf |
sketch: looking at the quility of some of the formulas in saltstack-formulas, pretty frigging easy |
20:45 |
|
bltmille_ joined #salt |
20:47 |
Sketch |
whytewolf: heh, that was sort of why i was wondering. the ones i have looked at seem pretty basic, and i ended up just writing my own states |
20:47 |
whytewolf |
irctc532: thats nice and all however nothing will get pillar to read pillar. esp, since you have to consider the "calculations" are being done in jinja. which is rendered before pillars exist |
20:47 |
Sketch |
but my needs currently tend to be little specific |
20:50 |
whytewolf |
Sketch: thats why i don't bother with formulas. i work with systems that need a lot of customization that also have a ton of different styles of configurations. formulas tend to be a one stop show. |
20:52 |
Sketch |
whytewolf: yeah, same here. but i've been wondering if i've been doing it rong :) |
20:52 |
Sketch |
wrong |
20:52 |
whytewolf |
the only wrong way is the way that doesn't work. |
20:54 |
wangofett |
For a variety of factors of "work" ;) |
20:56 |
wangofett |
The biggest thing I think that the formulas do that I'm not quite as strict on as I should is the enabled/disabled bit |
20:56 |
wangofett |
like right now with my sites-enabled on nginx :P |
21:01 |
|
Derailed joined #salt |
21:01 |
|
pipps joined #salt |
21:02 |
|
xbglowx joined #salt |
21:03 |
|
pipps joined #salt |
21:03 |
|
Bico_Fino joined #salt |
21:07 |
|
putak joined #salt |
21:07 |
|
pipps99 joined #salt |
21:09 |
|
bltmiller joined #salt |
21:10 |
Edgan |
Sketch: I am not sure I see the point to getting into that repository. My formulas are more advanced and pretty much always end up including specific stuff that doesn't apply to anyone else. I also don't use them, because I like having things in a consistent style. |
21:10 |
Edgan |
Sketch: I see them as a learning tool. |
21:18 |
|
Bico_Fino joined #salt |
21:27 |
|
promorphus joined #salt |
21:32 |
|
Bico_Fino_ joined #salt |
21:35 |
|
Praematura joined #salt |
21:39 |
|
seanz joined #salt |
21:41 |
|
combinare left #salt |
21:49 |
|
mansquid joined #salt |
21:50 |
mansquid |
Hey y'all I was wondering why the client.cmd() would return a cached hostname when the job cache is empty? Is there another cache I should clear? |
21:53 |
|
cyborg-one joined #salt |
21:56 |
|
tercenya joined #salt |
22:01 |
|
tercenya joined #salt |
22:17 |
|
xbglowx joined #salt |
22:17 |
|
amontalban joined #salt |
22:17 |
|
amontalban joined #salt |
22:17 |
|
swills_ joined #salt |
22:23 |
|
orianbsilva joined #salt |
22:23 |
|
pipps joined #salt |
22:27 |
|
swills_ joined #salt |
22:28 |
orianbsilva |
hello! |
22:28 |
|
Bico_Fino joined #salt |
22:29 |
whytewolf |
greetings |
22:32 |
|
netcho joined #salt |
22:32 |
orianbsilva |
i am following this doc page |
22:33 |
orianbsilva |
its possible to run this on windows using cygwin |
22:33 |
orianbsilva |
https://docs.saltstack.com/en/latest/topics/development/hacking.html |
22:33 |
|
DEger joined #salt |
22:33 |
orianbsilva |
virtual env is ok. but can i ga futher? and run an sal environment |
22:33 |
|
PeterO joined #salt |
22:33 |
orianbsilva |
?? |
22:34 |
|
Derailed joined #salt |
22:34 |
whytewolf |
in thoery, yes.... although might need some heavy tweeking and might be better done if you were just to install virtualbox and use a vm running linux |
22:35 |
whytewolf |
the enviroment in cygwin could really through off the tests |
22:36 |
wangofett |
Yeah, I'd run inside virtualbox if you're going to hack on salt |
22:36 |
orianbsilva |
ok thks. |
22:42 |
|
jeddi joined #salt |
22:43 |
|
Trauma joined #salt |
22:50 |
|
orianbsilva joined #salt |
22:51 |
|
sarcasticadmin joined #salt |
22:55 |
|
netcho joined #salt |
23:04 |
|
bfrog joined #salt |
23:06 |
bfrog |
so I'm confused... I thought {% load_yaml as myvar %} ... would actually add the yaml as a variable to the local sls as well as any imports |
23:06 |
bfrog |
I want to shared some pillar data to reuse in other pillars, that seemed like a nice way of doing it at first |
23:08 |
bfrog |
in the docs https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html the last example was what I was basing things on, my assumption was that doc1 would have var1 and var2 in it |
23:08 |
bfrog |
but salt complains it can't find it |
23:09 |
|
tercenya joined #salt |
23:10 |
|
sarcasticadm joined #salt |
23:11 |
|
felskrone joined #salt |
23:12 |
|
jeddi joined #salt |
23:13 |
bfrog |
I guess that doesn't make sense now that I think about it |
23:14 |
binocvlar |
http://www.dailyedge.ie/christmas-tree-ornament-3146596-Dec2016/ |
23:14 |
|
wangofett joined #salt |
23:14 |
bfrog |
I guess I could use template inheritance to get what I want |
23:14 |
bfrog |
seems hokey though |
23:14 |
bfrog |
oh well |
23:14 |
ponyofdeath |
hi, how can I get unless to execute as a specific user and not root? |
23:20 |
|
Trauma joined #salt |
23:23 |
wangofett |
You could definitely do it with sudo/su |
23:23 |
wangofett |
not sure if that's the "best" way |
23:29 |
|
Sammichmaker joined #salt |
23:30 |
|
debian112 joined #salt |
23:35 |
|
nicksloan joined #salt |
23:38 |
whytewolf |
sicne the only config that changes how unless reacts is the unless setting that is about the only option. sudo -u <user> <command> the caveat being that the sudo could also fail |
23:40 |
|
mikecmpbll joined #salt |
23:44 |
|
TyrfingMjolnir joined #salt |
23:46 |
|
pipps99 joined #salt |
23:50 |
|
pipps joined #salt |