Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-07-17

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 edrocks joined #salt
00:19 bryang joined #salt
00:20 nixjdm_ joined #salt
00:23 * MTecknology grumbles.. http://dpaste.com/0M6R833
00:32 MTecknology the master can't render that pillar, but the minion can. I restarted the server just to be doubly sure nothing was lingering but I can't get the master to render. The minion process on the master server /is/ able to run that command and get the output I expect.
00:32 joe_n joined #salt
00:34 dendazen joined #salt
00:40 MTecknology It looks like this might be something that changed a while back that only started breaking because cache went away when I rebuilt. :S
00:40 MTecknology https://docs.saltstack.com/en/latest/ref/configuration/master.html#extension-modules
00:47 XenophonF aw nuts freebsdpkg doesn't support pkg.uptodate
01:00 MTecknology How do I get back the legacy behavior of the master's modules?
01:09 fracklen joined #salt
01:11 mosen joined #salt
01:13 joe_n joined #salt
01:20 nixjdm_ joined #salt
01:35 MTecknology DANGIT!
01:36 MTecknology If I do 'salt-run saltutil.sync_all" and I see my custom module pulled in, does that not mean I should expect that module to be available from the master context?!
01:56 MTecknology So...   extension_modules: salt://_modules/   ?
02:00 mosen yes you should expect that MT :)
02:01 mosen oh sorry, salt-run not sure
02:03 MTecknology I hate it when the master log tells me to see the master log and I'm reading it from the master log but the master log doesn't log what broke on the master in the master log.
02:05 MTecknology WOOHOO!!!   extension_modules: salt://_modules  <-- this works!
02:07 MTecknology On to the next Debian 8 pet... my WLC
02:19 auzty joined #salt
02:19 edrocks joined #salt
02:19 mavhq joined #salt
02:21 nixjdm_ joined #salt
02:25 joe_n joined #salt
02:28 joe_n @MTecknology - shouldn't it already be available in the master if you put it in /srv/salt/_modules ?
02:28 zerocoolback joined #salt
02:29 zerocoolback joined #salt
02:35 MTecknology joe_n: I don't use the file system
02:36 zerocool_ joined #salt
02:37 XenophonF joined #salt
02:38 MTecknology also, apparently that location or something about it is changing
02:38 MTecknology I really didn't understand what I read.
02:41 joe_n joined #salt
02:41 mosen youre loading them from gitfs?
02:42 evle joined #salt
02:46 MTecknology yup
02:47 MTecknology I keep modules, pillar, orchestration, states, modules, and reactor in git.
02:47 MTecknology gitfs*
02:48 JPT_ joined #salt
02:48 ahrs joined #salt
02:52 TheoSLC joined #salt
03:09 TheoSLC joined #salt
03:21 nixjdm_ joined #salt
03:33 donmichelangelo joined #salt
04:02 MTecknology joined #salt
04:09 joe_n joined #salt
04:10 noraatepernos joined #salt
04:17 ChubYann joined #salt
04:18 seffyroff joined #salt
04:21 nixjdm_ joined #salt
04:23 kerrick joined #salt
04:25 noraatepernos Am I using cmd.run correctly, here? https://gist.github.com/anonymous/83369ebd3f577af5091fcdbfbcaccffd
04:25 noraatepernos I had “sudo” in the command and replaced it with - user: root
04:27 MTecknology icky!!
04:28 MTecknology why such weird quoting?
04:29 wolfpackmars2 joined #salt
04:30 noraatepernos MTecknology: Yeah it’s not ideal.  I got it working but it’s dependent on “which”
04:31 MTecknology What is setcap?
04:31 MTecknology that reminds me of selinux or apparmor
04:32 MTecknology bye
04:52 mbuf joined #salt
04:53 preludedrew joined #salt
05:00 Slimmons joined #salt
05:04 Slimmons This is a pretty noob question, but not sure how to phrase it to google.  I wrote some Java to send our my curl command (httpurlconnection), and it needs the salt-master public key in my keystore (since it's https).  Where would I find the salt-master public key?  Since the root user owns salt, I assumed it would be in /root/.ssh, but I was wrong
05:05 coredumb Slimmons: check in /etc/salt/pki/master/
05:06 Slimmons Thanks, that was it
05:18 c06 joined #salt
05:19 nixjdm_ joined #salt
05:23 MTecknology One more host on Debian 8 (the raspi). I can wait to upgrade that.
05:25 edrocks joined #salt
05:25 debian1121 joined #salt
05:40 c06 hi all
05:41 c06 i am running docker containers using salt, but my system is configured with proxy. From my dokcer conatiner i am unable to get into outside world.
05:41 c06 i need to configure for the containers also is there any state module to configure proxy for docker containers
05:45 heyimawesome joined #salt
05:55 kyuuri joined #salt
06:02 impi joined #salt
06:04 colttt joined #salt
06:05 felskrone joined #salt
06:05 pualj joined #salt
06:07 do3meli joined #salt
06:07 do3meli left #salt
06:12 c06 joined #salt
06:12 c06 anyone on..?
06:16 stduolc joined #salt
06:19 stduolc hi all, I have a sls file in pure python. I want to return some variable from the run function. how can I do that?
06:19 stduolc https://gist.github.com/stduolc/fd2a31d50ebebba5f1e7c72c8001fe81
06:19 nixjdm_ joined #salt
06:24 debian112 joined #salt
06:35 sh123124213 joined #salt
06:38 aldevar joined #salt
06:41 colttt joined #salt
07:07 J0hnSteel joined #salt
07:08 tobiasBora joined #salt
07:13 EthPyth joined #salt
07:19 nixjdm_ joined #salt
07:24 darioleidi joined #salt
07:27 gmoro_ joined #salt
07:31 fracklen joined #salt
07:33 tobiasBora joined #salt
07:37 Ricardo1000 joined #salt
07:42 gmoro_ joined #salt
07:49 fracklen joined #salt
07:49 Ricardo1000 joined #salt
07:51 Ricardo1000 joined #salt
07:53 pbandark joined #salt
07:54 Ni3mm4nd joined #salt
07:58 Rumbles joined #salt
08:00 impi joined #salt
08:03 bdrung_work joined #salt
08:04 mikecmpbll joined #salt
08:05 losh joined #salt
08:07 fracklen joined #salt
08:19 nixjdm_ joined #salt
08:28 joe_n joined #salt
08:33 Mattch joined #salt
08:43 jhauser joined #salt
08:45 gmoro joined #salt
08:49 Naresh joined #salt
08:57 joe_n joined #salt
09:19 nixjdm_ joined #salt
09:30 zerocool_ joined #salt
09:40 JPT joined #salt
09:44 c06 how to get grains data from docker conatiners which created using salt
09:49 mavhq joined #salt
09:50 eliezerlp joined #salt
09:52 mavhq joined #salt
09:57 eliezerlp Hi all
09:58 eliezerlp My Google-fu is failing me on this one...
09:59 eliezerlp Looking to import something from a map.jinja file that is not in the current directory.
10:00 eliezerlp It is in `../base/map.jinja`
10:01 eliezerlp I am trying to do it in a portable way without hardcoding paths.
10:02 eliezerlp Normally I do `{% from slspath + "/map.jinja" import stuff with context %}` for a file alongside the sls file.
10:02 eliezerlp This doesn't work: `{% from slspath + "/../base/map.jinja" import stuff with context %}`
10:05 Score_Under Maybe this will work: salt['file.dirname'](slspath) + "/base/map.jinja"
10:05 Score_Under (Not sure to what extent that's allowed in an import statement but it's worth a shot)
10:06 eliezerlp Lets see
10:13 eliezerlp That most certainly worked!
10:14 eliezerlp Thanks @Score_Under
10:15 eliezerlp Does anyone happen to know if there are any docs on `tpldir`
10:15 eliezerlp I wasn't really clear what it is / when it might be handy...
10:19 nixjdm_ joined #salt
10:22 Score_Under I'm seeing a few bug tickets that mention tpldir as being the actual directory containing the sls
10:22 Score_Under apparently slspath only does that if you're calling from "init.sls"
10:31 citaret joined #salt
10:31 citaret python-pip has different names python-pip/python-pip/python2-pip in ubuntu/centos6/centos7, how can i setup a mapfile using grains.filter_by to  distinguish centos7 from 6?
10:40 nclsclsn joined #salt
10:42 nclsclsn left #salt
10:43 nclsclsn_ joined #salt
10:44 EthPyth joined #salt
10:47 c06 i wrote my custom grains in /srv/salt/_grains/mine.py and its retruns dictionary. i ran salt '*' saltutil.sync_all. but my custom grains is not getting reflected
10:48 c06 when running salt node grains.items
10:48 c06 any suggestions.?
10:50 tkharju joined #salt
10:57 smartalek joined #salt
11:02 Hybrid joined #salt
11:10 zerocoolback joined #salt
11:19 nixjdm_ joined #salt
11:20 evilet joined #salt
11:22 evilet left #salt
11:22 evilet joined #salt
11:30 edrocks joined #salt
11:32 hoonetorg joined #salt
11:44 EthPyth joined #salt
11:47 mishanti1 joined #salt
12:07 dendazen joined #salt
12:14 miruoy joined #salt
12:15 rburkholder joined #salt
12:17 Kelsar joined #salt
12:20 nixjdm_ joined #salt
12:21 WKNiGHT joined #salt
12:26 cgiroua joined #salt
12:43 cyborg-one joined #salt
12:53 jdipierro joined #salt
12:57 jdipierro joined #salt
13:05 Ricardo1000 joined #salt
13:05 dyasny joined #salt
13:08 ccha hello, I want to display some jinja variables in a state. I do that with a cmd.run echo {{var}} ... is there a better way to do that ?
13:13 c06 ccha: write inside a file or you can check the logs(o/p) information
13:16 edrocks joined #salt
13:19 zer0def quick question - can i set the order in which reactors for a given event occur?
13:19 nixjdm_ joined #salt
13:20 zer0def oh, nevermind, requisites work just fine, presumably as long as they're defined in the same sls
13:20 zer0def oh, wait, no. that's in orchestrate
13:21 mbuf joined #salt
13:21 _JZ_ joined #salt
13:23 AvengerMoJo joined #salt
13:26 racooper joined #salt
13:36 sjorge joined #salt
13:36 coredumb zer0def: states in a reactor can't be set in order, if you need order, run an orchestrator from your reactor
13:57 zer0def coredumb, yeah, i've bumped into that suggestion in the documentation; thank you
13:59 BooleanVar joined #salt
14:00 Inveracity joined #salt
14:01 cgiroua joined #salt
14:02 syst0m joined #salt
14:06 ecdhe joined #salt
14:06 ecdhe joined #salt
14:12 lompik joined #salt
14:20 nixjdm_ joined #salt
14:20 jab416171 joined #salt
14:21 donmichelangelo joined #salt
14:22 Ricardo1000 joined #salt
14:25 DoomPatrol joined #salt
14:30 jdipierro joined #salt
14:38 jab416171 joined #salt
14:40 edrocks joined #salt
14:42 do3meli joined #salt
14:42 do3meli left #salt
14:44 fl3sh XenophonF: Did you try to install openvpn from winrepo?
14:46 evle joined #salt
14:52 TheoSLC joined #salt
14:52 sarcasticadmin joined #salt
14:54 XenophonF fl3sh: I don't use OpenVPN.
14:55 XenophonF <insert the usual rant about non-standard, custom-client VPN protocols here>
14:55 XenophonF sorry
14:56 fatal_exception joined #salt
15:10 jdipierro joined #salt
15:11 lordcirth_work joined #salt
15:12 jdipierro joined #salt
15:16 fl3sh ok
15:17 syst0m joined #salt
15:20 nixjdm_ joined #salt
15:23 AvengerMoJo joined #salt
15:24 pbandark1 joined #salt
15:32 JPT Is there a way to base grain code on already existing grains? I would like to assign booleans to ethernet interfaces based on whether they have an address from a certain network on them.
15:33 astronouth7303 JPT: like with https://docs.saltstack.com/en/latest/ref/states/all/salt.states.network.html ?
15:35 JPT Well, not exactly. Those are states.
15:36 JPT I have a state of my own that relies on a grain to put together some crude iptable rules.
15:36 stomith I think I'm looking at similar - how would you do, if network.ifacesstartswith 172 in a sls file?
15:36 stomith <% if network.ifacestartswith 172 == 'true' %> ?
15:37 JPT The idea is that a certain network (10.42.0.0/24) needs to be put through it's own chain. So i created a grain to iterate through each interface and assign "yes/no" to each of them, depending on whether they have an address within that magic network.
15:37 syst0m1 joined #salt
15:37 JPT A later state then uses this grain to create the iptables script.
15:37 JPT Since after an upgrade from debian 8 to debian 9 my grain fails on debian 9, i am looking for a more convenient and solid solution
15:38 astronouth7303 https://docs.saltstack.com/en/latest/topics/targeting/ipcidr.html or https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#salt.modules.network.ip_in_subnet
15:38 NotBobDole joined #salt
15:38 astronouth7303 you may also want to assign data through pillars? That's what I'm doing for my subnet-specific hosts/settings
15:39 TheoSLC joined #salt
15:39 JPT Not yet. Maybe in the future.
15:39 JPT Right now i need input for a jinja template
15:39 syst0m1 how would you go about monitoring a file with a beacon, and fire up a reactor only if the file HASN'T been changed in the last 1h?
15:45 astronouth7303 ... write my own heartbeat beacon?
15:46 astronouth7303 i'm not sure how a reactor handler could track state like that
15:46 aldevar left #salt
15:47 astronouth7303 i suppose you could have file-change beacon and an hourly beacon, and maybe use sdb to track state?
15:47 Cottser joined #salt
15:48 syst0m1 sdb?
15:50 syst0m1 what do you mean by sdb, @astronouth7303 ? the only sdb I know off is the name of a block device on linux :)
15:50 stomith https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.sdb.html
15:51 astronouth7303 https://docs.saltstack.com/en/latest/topics/sdb/
15:51 astronouth7303 i've never used it, i just know it exists
15:52 syst0m1 yeah, thanks, but that seems a bit much, I only want to get notified when a program stops writing to it's log file
15:53 zerocoolback joined #salt
15:58 astronouth7303 is there a script or command beacon?
15:59 syst0m1 no, the app is scheduled to run with cron every hour
16:00 DammitJim joined #salt
16:13 iggy I think engines were created to handle cases where you needed state tracking like that, but it seems like you could just use a scheduled job and check the timestamps on the file
16:16 syst0m1 @iggy, could you elaborate on that last part a bit, please
16:19 astronouth7303 `if os.stat(filename).st_mtime < (time.now() - 60*60): ...`
16:19 fritz09 joined #salt
16:19 xDamox joined #salt
16:20 nixjdm_ joined #salt
16:21 iggy something like that, yeah
16:22 syst0m1 so, I could just embed python code in the reactor then?
16:22 iggy you can, yes
16:23 syst0m1 cool, thanks guys
16:23 iggy basically anything (other than /etc/salt/*) can use whatever renderer you want
16:23 syst0m1 I see
16:23 iggy you just have to set the "shebang" appropriately
16:24 syst0m1 ack
16:25 iggy if you wanted to keep it in jinja though, there's file.stats that will give you that info too
16:25 iggy !salt modules.file.stats
16:25 aldevar joined #salt
16:26 iggy hmm, weird
16:26 MTecknology IT BROKE!!
16:26 MTecknology iggy: fixitfixitfixit!!
16:26 astronouth7303 oh, i keep forgetting the py renderer is a thing
16:26 iggy it works in private msg... not sure why it's ignoring this channel
16:26 tobstone joined #salt
16:26 syst0m1 :)
16:28 astronouth7303 i really need to remember about that when I get into the reactor
16:28 iggy make a blog post too!
16:28 iggy then more people know (and have actual useful examples)
16:29 astronouth7303 i really should be blogging about this
16:30 astronouth7303 it's kinda monday, though...
16:33 edrocks is there any more info about file_tree template support besides https://docs.saltstack.com/en/develop/ref/pillar/all/salt.pillar.file_tree.html?
16:33 edrocks how do you specify a specific renderer?
16:35 simmel_ joined #salt
16:36 astronouth7303 does adding a #! work?
16:38 astronouth7303 edrocks: i assume you mean "a specific renderer for a specific file"
16:38 edrocks astronouth7303: yea
16:38 iggy https://docs.saltstack.com/en/latest/ref/renderers/
16:39 iggy no?
16:39 edrocks I think thats it
16:39 edrocks astronouth7303: I wasn't sure you were talking to me. #! seems to be what I want. Thanks for the link iggy
16:40 adelcast joined #salt
16:44 hoonetorg joined #salt
16:44 mikecmpbll joined #salt
16:44 nledez joined #salt
16:44 nledez joined #salt
16:46 pocketprotector joined #salt
16:47 ChubYann joined #salt
16:48 nethershaw joined #salt
16:49 Ni3mm4nd joined #salt
16:52 astronouth7303 out of curiosity, can i alias minion names?
16:52 astronouth7303 eg, can i have minion `foobar` also answer to the name `master`?
16:53 MTecknology I recall a roster thingy at one point that would let you do that.
16:53 MTecknology !targeting
16:53 MTecknology oh ya.. not sure that was right anyway
16:54 astronouth7303 i think salt roster is just for salt-ssh? https://docs.saltstack.com/en/latest/topics/ssh/roster.html
16:55 jmiven joined #salt
16:55 iggy !targeting isn't a command
16:56 MTecknology https://docs.saltstack.com/en/latest/topics/targeting/#node-group-targeting
16:57 MTecknology https://docs.saltstack.com/en/latest/topics/targeting/globbing.html#lists
16:57 MTecknology astronouth7303: ^ both relevant
16:58 Trauma joined #salt
16:59 astronouth7303 not quite what i was hoping for, but relevant
16:59 astronouth7303 and i'm guessing the closest i'll get
17:01 MTecknology the nodegroup thing can give you exactly what you asked for
17:02 astronouth7303 i was hoping not to specify a different matcher, but it'll work
17:02 astronouth7303 odd you can only use N@ expressions in some contexts?
17:03 hoonetorg joined #salt
17:03 mikecmpbll joined #salt
17:03 astronouth7303 oh, right, rendering and locality
17:03 edrocks joined #salt
17:03 astronouth7303 nodegroups are configured on the master, and minions don't have a concept of what groups they're part of
17:03 astronouth7303 so master-side operations can use nodegroups, but not minion-side ones
17:04 jdipierro joined #salt
17:05 noraatepernos joined #salt
17:05 SaucyElf joined #salt
17:08 SaucyElf joined #salt
17:14 wendall911 joined #salt
17:18 SaucyElf joined #salt
17:19 jdipierro joined #salt
17:20 nixjdm_ joined #salt
17:20 freelock joined #salt
17:27 yuhl______ joined #salt
17:28 Edgan astronouth7303: Is there not a grain for finding their nodegroup?
17:29 astronouth7303 Edgan: :shrug: I was just reading https://docs.saltstack.com/en/latest/topics/targeting/nodegroups.html#using-nodegroups-in-sls-files
17:29 Edgan astronouth7303: Seems like you could probably write one to ask the salt-api.
17:29 stomith so in my sls, I'm trying to set variables for inclusion in a file that's managed. so like, set one = foo, set two = bar. Is there something special I have to do to have {{ one }} and {{ two }} show up in the file besides setting the template to jinja and just putting {{ one }} and {{ two }} as placeholders in the file?
17:30 whytewolf if you enable pillar_opts on the master the nodegroup data is sent to the minions as config.get data.
17:30 whytewolf or master pillar data
17:30 Edgan stomith: show us actual code for the sls and jinja template
17:30 stomith edgan: let me whip up an example, thanks
17:31 debian1121 joined #salt
17:31 Edgan stomith: Should be simple enough, but depends on how you wrote it
17:31 whytewolf stomith: off of your description alone sounnds like you need context:
17:31 Edgan whytewolf: or if it is really simple, contents :)
17:32 whytewolf or if it's pillar pillar_contents
17:32 swills joined #salt
17:32 swills joined #salt
17:33 Edgan whytewolf: If he isn't using a map.jinja, we might also want to lead him in that direction
17:33 v3x you can use contents if you're dropping the actual data directly from the state into the file
17:34 v3x or you can load your variables into the "defaults" declaration for dropping into jinja placeholders in the template file
17:34 stomith https://pastebin.com/TBiuPYQD
17:34 v3x ^ stomith
17:34 Edgan stomith: yeah, context is the simplest answer
17:35 stomith great, like.. let me adjust that
17:35 Edgan stomith: but
17:35 Edgan stomith: Look at how this code does it
17:35 Edgan stomith: https://github.com/saltstack-formulas/salt-formula/tree/master/salt
17:35 Edgan stomith: You can centralize all your configuration into a map.jinja and then include it where ever you need it
17:36 Edgan stomith: Often your variables will get reused, and you don't want to set them twice
17:36 Edgan stomith: You can also create a whole data structure with yaml.
17:37 stomith what would be the advantage of using context vs. defaults?
17:37 vishvendra joined #salt
17:37 Edgan stomith: Instead of 20 individual variables you can create an object.
17:37 vishvendra Hello Friends..
17:37 impi joined #salt
17:37 Edgan stomith: Lets say one is the configuration file name, like nginx.conf
17:37 vishvendra Where the grains of minions are getting stored on master machine??
17:38 vishvendra can someone explain about it
17:38 vishvendra ?
17:39 Edgan stomith: You will need that in the file definition that creates nginx.conf, and you will need it as a watch on the service, to restart it on nginx.conf changes
17:39 stomith edgan, thanks!
17:39 whytewolf vishvendra: somewhere in /var/cache/salt/master
17:39 Edgan stomith: So if you set it in one sls, you have to reset it another, when you could just do it in one place and include
17:39 whytewolf in a msgpack
17:40 Edgan stomith: It is mostly a style thing, but I thinkt he defaults style is more advanced
17:40 vishvendra whytewolf: thr are multiple files in that directory.. one I know about the jobs identity...
17:40 vishvendra but where actually grains are storing it's not visible there
17:40 stomith edgan: gotcha. I'll look into that a lot more. That gives me a place to start
17:41 whytewolf vishvendra: i believe it is /var/cache/salt/master/minions/<minion_id>/data.p
17:41 psychi[m] joined #salt
17:41 toofoo[m] joined #salt
17:41 hackel joined #salt
17:41 ThomasJ|m joined #salt
17:41 gomerus[m] joined #salt
17:41 jerrykan[m] joined #salt
17:41 theblazehen joined #salt
17:41 fujexo[m] joined #salt
17:41 benjiale[m] joined #salt
17:43 vishvendra whytewolf: thnaks
17:48 _aeris_ joined #salt
17:50 pcn Is there an existing module to filter the netstat module on ports, addresses, states, etc?
17:51 whytewolf pcn https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#salt.modules.network.netstat
17:52 whytewolf closest thing i could find
17:52 kerrick joined #salt
17:54 hoonetorg joined #salt
18:02 tiwula joined #salt
18:04 LeProvokateur joined #salt
18:05 mavhq joined #salt
18:07 cyteen joined #salt
18:12 censorshipwreck joined #salt
18:12 SalanderLives joined #salt
18:18 nixjdm_ joined #salt
18:35 heaje joined #salt
18:38 onlyanegg joined #salt
18:38 _KaszpiR_ joined #salt
18:43 ecdhe joined #salt
18:45 debian112 joined #salt
18:45 jeffspeff joined #salt
18:46 noraatepernos joined #salt
18:47 astronouth7303 so on https://docs.saltstack.com/en/latest/ref/states/all/salt.states.network.html where it says "Support for Debian/Ubuntu is new in 2014.1.0 and should be considered experimental."? That should be read as "Doesn't really work. Don't use this."
18:47 cyborg-one joined #salt
18:47 SamYaple joined #salt
18:49 secrgb joined #salt
18:53 fracklen joined #salt
18:57 smartalek joined #salt
18:58 debian112 joined #salt
19:03 om2 joined #salt
19:05 druonysus joined #salt
19:05 druonysus joined #salt
19:05 druonysus_ joined #salt
19:08 rgrundstrom joined #salt
19:08 rgrundstrom Good evning everyone
19:09 rgrundstrom Im experimenting around with salt.modules.mysql.. Anyone know if its possible to change the Authentication Type on an user with salt?
19:10 CheckYourSix joined #salt
19:10 Zachary_DuBois joined #salt
19:10 saltstackbot joined #salt
19:14 aldevar left #salt
19:15 Slimmons_ joined #salt
19:19 nixjdm_ joined #salt
19:21 whytewolf rgrundstrom: the only different in "standard(old) vs standard" is that the new passwords are 41 bytes instead of 16. if you use password_hash. just use the new hash instead of the old hash. also this way you are not storing the password but the hash for the password.
19:21 jdipierro joined #salt
19:22 whytewolf if you are creating new users on a server and just use password it should use the new password hash anyway
19:24 rgrundstrom whytewolf: Reason for this is that when you install mysql-server using salt the root password does not get set. And system sets root user as a "auth_socket", this makes root able to enter mysql regardless of password.
19:25 rgrundstrom Workaround is to remove the mysql root user manually and then run the state again
19:25 rgrundstrom Wanted to eliminate that problem
19:26 whytewolf oh, stupid plugins. auth_socket isn't a thing in normal mysql it is a plugin that is installed
19:26 syst0m joined #salt
19:26 rgrundstrom Ahh im running Percona
19:30 whytewolf I don't work with Percona generally. but if it is anything like normal mysql on debian based systems there is a maint account that is created for the system to use. that uses a config file. typically i setup my saltstack to use that config file as the creds for mysql
19:30 whytewolf but i don't know if percona does that
19:32 rgrundstrom whytewolf: Well that is why im experimenting :)
19:32 Slimmons joined #salt
19:33 whytewolf currently i don't think the current mysql module handles what it takes to set the "auth type" on a user. but you could craft a query to do it.
19:33 whytewolf ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'test';
19:37 oida_ joined #salt
19:38 F30 left #salt
19:39 bowhunter joined #salt
19:43 jdipierro joined #salt
19:53 tiwula joined #salt
19:58 smartalek joined #salt
19:59 felskrone1 joined #salt
20:00 edrocks joined #salt
20:01 Slimmons joined #salt
20:01 gtmanfred joined #salt
20:02 rgrundstrom Ok... soooo i was filling up my pillar files with the information i needed to create the sql stuff i wanted.....This is going to take some time.
20:12 Slimmons This may not be a direct saltstack question, but I'm trying to use the salt-api through a java method using httpsurlconnection, but whenever I try to run it, I'm getting a javax.net.ssl.SSLHandshakeException.  The solution I've found to this is to add the server's (salt-master) key to the java keystore.  But I can't seem to add it because "input not an x.509 certificate"
20:13 Slimmons Any ideas why the default .pem file created from salt-call --local tls.create_self_signed_cert?
20:13 onlyanegg joined #salt
20:13 Slimmons Any ideas why the default .pem file created from salt-call --local tls.create_self_signed_cert would not be x509?
20:13 Slimmons didn't finish my sentence there.
20:18 nixjdm_ joined #salt
20:23 Antiarc joined #salt
20:25 astronouth7303 :/ I have a git repo I want salt to pin to a specific commit (which is set from a pillar and varies over time). Neither git.detached nor git.latest seem to do what i want
20:29 coredumb I'd be happy if anyone would be willing to beta test my pillar/master_tops module https://github.com/saltstack/salt/pull/42349 let me know if you test it :)
20:33 lakewoodweb joined #salt
20:33 TyrMacti_ joined #salt
20:35 nafg__ joined #salt
20:35 nafg__ joined #salt
20:45 Edgan coredumb: Can you give some clear advantages to this over just doing grain matching in pillars, which is now doable in a safe way?
20:47 onlyanegg joined #salt
20:47 coredumb the main advantage for me is to have an single entry point for both pillars and tops
20:57 onlyanegg joined #salt
21:02 Edgan coredumb: you mean pillars' top and states' top?
21:02 gmoro joined #salt
21:04 coredumb Edgan: yes
21:12 Rumbles joined #salt
21:18 nixjdm_ joined #salt
21:19 high_fiver joined #salt
21:35 Ryan_Lane hm. who's here with core rights?
21:36 Ryan_Lane I'd really like to make sure we don't allow any merges for modules with the name `boto3_*`
21:36 Ryan_Lane we've already had one sneak in, and it's a really bad idea
21:42 kerrick_ joined #salt
21:45 whytewolf 1? looking at the repo i see 3 with boto3 :(
21:46 whytewolf whats even worse there are boto3 states
21:47 Ryan_Lane the boto3 states are my biggest issue
21:47 Ryan_Lane we should mark them as deprecated ASAP
21:48 Ryan_Lane if they don't have associated boto state modules, we should rename them
21:48 Edgan Ryan_Lane: Was that Tom?
21:48 Ryan_Lane looks like it
21:49 Edgan Ryan_Lane: He has written a ton of boto3
21:49 Edgan Ryan_Lane: I can yell at him for you
21:49 Ryan_Lane when transitioning from boto to boto3, it should just be within the same execution module
21:49 Ryan_Lane and the state module should be updated to reflect the changes
21:49 Ryan_Lane what I want is some test that simply disallows any modules names boto3_
21:50 whytewolf should be easy with a pre commit hook
21:50 Ryan_Lane can't have pre-commit hooks in github
21:50 Ryan_Lane it can be a PR test, though
21:50 whytewolf oh yeah :(
21:54 onlyanegg joined #salt
21:57 TheoSLC joined #salt
21:58 cgiroua joined #salt
21:59 keldwud joined #salt
21:59 keldwud joined #salt
22:03 _aeris_ joined #salt
22:07 nonsenso joined #salt
22:10 cyteen_ joined #salt
22:13 onlyanegg joined #salt
22:14 edrocks joined #salt
22:18 nixjdm_ joined #salt
22:20 onlyanegg joined #salt
22:20 syst0m joined #salt
22:30 darvon joined #salt
22:33 icebal joined #salt
22:38 ecdhe joined #salt
22:40 TheoSLC joined #salt
22:50 rebbdohr joined #salt
22:53 darioleidi joined #salt
22:56 eichiro joined #salt
22:57 Ryan_Lane @whytewolf any idea on how I'd add a test for this?
22:58 whytewolf not really I was thinking that check the file names for boto3
22:59 Ryan_Lane yeah. trying to see if we had anything similar
22:59 Ryan_Lane test_test_module_names.py maybe
22:59 mikecmpbll joined #salt
23:00 Ryan_Lane hm. or is that just a test to see if things have tests...
23:00 Ryan_Lane ah. it's to test for naming conventions of tests
23:15 manji joined #salt
23:15 edrocks joined #salt
23:18 nixjdm_ joined #salt
23:27 rpb joined #salt
23:27 TheoSLC joined #salt
23:33 kerrick_ joined #salt
23:34 justan0theruser joined #salt
23:38 kerrick_ joined #salt
23:56 mosen joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary