Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-02-03

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 bowhunter joined #salt
00:01 whytewolf ugh were did i build that
00:02 whytewolf well basiclly it amounted to a defaults.yml a single grains.filter_by that merged in the pillar i was looking for.
00:03 doubletwist Something like this perhaps? https://github.com/saltstack-formulas/template-formula/issues/12
00:04 whytewolf i still wouldn't have that pillar.get
00:05 pipps joined #salt
00:05 whytewolf with the merge
00:05 whytewolf i would just pass the output of the grains.filter_by to the template. instead of trying to merge it back into pillar
00:06 doubletwist I barely have a vague idea how any of this works
00:09 whytewolf okay, the grains.filter_by will take the input of the list from the defaults.yml, select an item in it based on the grain selected and merge the merge field ontop of that.
00:10 whytewolf oh in your case instead of passing the defaults.yml to the grains.filter_by you have yet another weird set of settings
00:12 whytewolf the do line in your case updates the clamav subset of your default.yml to include what ever os_family_map has. which could in some cases [but most likely not this one] overwrite intended situations
00:13 whytewolf then the last set line creates a new clamav dict that starts off as the default settings, merges the pillar information over that and also is supposed to merge back into pillar.
00:13 whytewolf however i think the merge functionality changed to not merge back into pillar
00:14 whytewolf and you would be better off instead of doing a pillar.get on your config line just passing in the clamav from the map.jinja
00:14 doubletwist my intent is that os_family_map will overwrite values from defaults.yaml
00:14 doubletwist does/will the pillar.get obtain data from the defaults.yaml?
00:14 whytewolf no
00:15 whytewolf pass the clamav from the map.jinja
00:15 doubletwist So your suggestion is effectively to forget the defaults.yaml?
00:15 whytewolf wwhen did i say that
00:15 whytewolf the pillar.get on your config line is only going to have what is in pillar
00:16 doubletwist I dunno, like I said, I don't fully understand this stuff, including some of what you're saying/suggesting so I'm grasping at straws trying to understand what you're suggesting
00:18 doubletwist I *think* I get what you're saying except this last bit:
00:18 doubletwist "and you would be better off instead of doing a pillar.get on your
00:18 doubletwist config line just passing in the clamav from the map.jinja
00:19 doubletwist passing in clamav from map.jinja how?
00:20 whytewolf instead of `config: {{ salt['pillar.get']('clamav', {}) }}` `use config: {{ clamav }}`
00:21 doubletwist Ok
00:21 XenophonF doubletwist: This is the pattern I follow, which is similar to rsyslog - https://github.com/irtnog/openssh-formula/tree/master/sshd
00:22 doubletwist XenophonF: Yeah that's what I did [I think] and it isn't working. And whytewolf suggests that's not a good way to do it.
00:22 XenophonF the contents of Pillar key `sshd` overrides the OS-specific stuff in map.jinja which overrides the stuff in defaults.yaml
00:22 * XenophonF shrugs
00:22 XenophonF There's more than one way to do it.
00:22 doubletwist XenophonF: That's what I expected but it's not working
00:23 whytewolf it is fine to do that. but you are not USEING that data after all that you just grab the pillar instead
00:23 XenophonF ??
00:23 XenophonF I don't understand that, whytewolf
00:23 XenophonF oh - do you mean in his stuff?
00:23 whytewolf XenophonF: he has config: {{ salt['pillar.get']('clamav', {}) }} instead of config: {{ clamav|yaml }}
00:24 XenophonF oh so doubletwist you don't import the clamav var from map.jinja?
00:24 whytewolf he does
00:24 XenophonF cf. https://github.com/irtnog/openssh-formula/blob/master/sshd/init.sls#L32
00:24 XenophonF and cf. https://github.com/irtnog/openssh-formula/blob/master/sshd/init.sls#L36
00:24 doubletwist hold on testing something
00:25 XenophonF sorry the paste you posted is taking forever to load
00:26 XenophonF I should remove "_settings" from those variable names.
00:26 Edgan How do I add to PATH for the salt minion outside a state? It doesn't seem to be picking up /etc/profile.d.
00:27 saltslackbridge <gtmanfred> it won’t pick up /etc/profile.d because it is not a bash thing
00:27 saltslackbridge <gtmanfred> you will need to set it either in the /etc/defaults/salt or whatever the init.d file sources, or add the path to a drop-in file for the salt-minion service
00:27 Edgan gtmanfred: yeah, I was just looking at that
00:27 saltslackbridge <gtmanfred> look for drop in in this https://www.freedesktop.org/software/systemd/man/systemd.unit.html
00:28 saltslackbridge <gtmanfred> ‘drop-in’
00:28 saltslackbridge <gtmanfred> just put [Service]\nEnvironment=PATH=fulll:path:you:want:available into a file at /etc/systemd/system/salt-minion.service.d/path.conf
00:29 Edgan gtmanfred: sadly this is ubuntu 14.04, so still upstart, but about to try /etc/default/salt-minion
00:29 saltslackbridge <gtmanfred> if it is with upstart, i don’t think that will work, look at the actual init script
00:29 saltslackbridge <gtmanfred> it will tell you what file it is sourcing
00:29 Edgan gtmanfred: I already have
00:29 saltslackbridge <gtmanfred> cool
00:33 doubletwist I think for now I'm going to give up, throw defaults.yaml out the window and just put everything in the os_family_map in map.jinja because this is farking ridiculous
00:37 XenophonF oh i see what whytewolf is saying
00:37 XenophonF so doubletwist, why are you using context vars?
00:37 XenophonF just import map.jinja in files/freshclam.conf
00:37 doubletwist XenophonF: I'm just following what rsyslog-formula did which also happens to be what's referenced in https://github.com/saltstack-formulas/template-formula
00:37 XenophonF also
00:37 XenophonF yeah well template-formula is stupid ;)
00:38 Edgan doubletwist: I dropped defaults.yaml long ago. I prefer the power of jinja in the map.jinja to be used in the defaults. https://storage.cygnusx-1.org/formula.txt
00:38 doubletwist XenophonF: and yet rsyslog-formula, openssh-formula and a bunch of others do
00:38 XenophonF yeah well they're stupid too ;)
00:38 doubletwist XenophonF: Hah! You started by linking one as a reference of what to do! :)
00:38 XenophonF oh no I didn't
00:38 XenophonF i linked to _my_ openssh-formula
00:39 XenophonF go look at it
00:39 XenophonF it's bliss ;)
00:39 XenophonF I don't use context vars because that hides where the variables come from.
00:39 XenophonF plus, you aren't serializing it properly
00:40 doubletwist I think I'm going to go with Edgan's method
00:40 XenophonF that should be {{ salt['pillar.get']('clamav', {})|yaml }} if you're going pass a structure like that
00:41 XenophonF that's cool!
00:42 XenophonF nice use of load_yaml
00:42 XenophonF interesting
01:11 shiranaihito joined #salt
01:23 justanotheruser joined #salt
01:26 stanchan joined #salt
01:26 zerocoolback joined #salt
01:36 swills joined #salt
01:36 swills joined #salt
02:04 pipps joined #salt
02:09 zerocoolback joined #salt
02:38 mastrofrancesco joined #salt
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:59 nomeed joined #salt
03:18 onlyanegg joined #salt
03:22 _6pedrosa9_ joined #salt
03:33 _6pedrosa9_ joined #salt
03:36 ahrs joined #salt
03:46 Church- Hey folks
03:58 _6pedrosa9_ joined #salt
04:10 _6pedrosa9_ joined #salt
04:30 sjorge joined #salt
04:59 lompik joined #salt
05:04 onlyanegg joined #salt
05:13 _6pedrosa9_ joined #salt
05:39 cgiroua joined #salt
05:43 _6pedrosa9_ joined #salt
05:52 _6pedrosa9_ joined #salt
06:23 LocaMocha joined #salt
06:24 AvengerMoJo joined #salt
06:25 onlyanegg joined #salt
06:41 justanotheruser joined #salt
06:42 justanotheruser joined #salt
06:47 _6pedrosa9_ joined #salt
06:52 av_ joined #salt
06:55 Church- So I'm curious, got a small docker.sls to deploy a specific version of docker to all my machines. Anybody see anything wrong with this sls file?
06:55 Church- https://bpaste.net/show/798d48dd27b4
06:56 hemebond Does it not work?
06:58 Church- Nyope, reports as not finding the correct version. However I've verified it as being the same version on other machines.
06:58 hemebond oph
06:58 whytewolf what is the exact error
06:58 hemebond pkgs
06:58 hemebond It should be a list of packages.
06:58 hemebond Pretty sure you're not trying to install something called "version"
06:59 Church- Oh, doy.
06:59 whytewolf docker-ce : 17.09.0~ce-0~ubuntu
06:59 whytewolf sorry was an extra space in that
06:59 Church- Was following the guide page for pkgs. Must have misread.
07:00 whytewolf link?
07:00 Church- https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html
07:01 Church- Although what you wrote works whytewolf. So, thanks.
07:01 whytewolf ahh i see. you confused - version with - pkgs
07:02 whytewolf - version is for pkg.installed directly with - name
07:02 whytewolf when installing a single package
07:02 whytewolf easy mistake
07:03 Church- Ahhh, gotcha. Thanks.
07:03 Church- Now, time to go diagnose a shittly written python module.
07:03 Church- Fun times.
07:06 Church- whytewolf: Another quick question, to make things easier. I'm attempting to create a user using the salt.states.user module. However it's giving off an error and failing to create it. Config and error are here.
07:07 Church- https://bpaste.net/show/d38bb9325b0b
07:08 Church- Unless I'm misusing the module on accident or not understanding it's actual usage of course.
07:08 whytewolf that paste did not work
07:08 Church- Ugh, sec. Error got shunted onto one line.
07:10 hemebond Have you checked the minion log or minion syslog for errors?
07:10 whytewolf ^
07:10 whytewolf or ran it locally on the minion with -l debug
07:10 hemebond ^
07:11 Church- Hmm, an idea.
07:12 Church- Okay, fails on every single minion.
07:12 Church- Odd
07:13 _6pedrosa9_ joined #salt
07:14 Church- whytewolf: What would be the quickest command to return minion logs from my salt master?
07:14 Church- I'm assuming just a quick grep of the logs using cmd.run
07:15 whytewolf well. https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cp.html#salt.modules.cp.get_file_str
07:15 whytewolf but you can also do something like `salt 'minion' cmd.run_all 'salt-call -l debug state.apply state'`
07:16 Church- Okay yeah, found the error.
07:16 Church- Ugh, stupid one too. User group doesn't exist.
07:16 whytewolf that was ging to be my guess but didn't want to assume
07:17 hemebond Isn't there a separate option for adding a user to sudoers?
07:17 Church- Probably?
07:17 hemebond Oh, I'm thinking of the users formula.
07:17 hemebond It handles that for you.
07:17 whytewolf some distros the simplist way is just adding them to wheel
07:17 Church- Yeah, haven't moved onto formulas yet.
07:19 whytewolf for editing the sudoers file you just add a check_cmd that calls vissudo -c -f
07:19 whytewolf to a file.managed
07:19 lompik joined #salt
07:19 Church- Hmm, don't suppose there's a module for messing with iptables or firewalls is there?
07:19 _6pedrosa9_ joined #salt
07:19 Church- I see it, nevermind.
07:20 whytewolf there are several :P
07:20 Church- Heheheh
07:20 Church- What's the most favored one? Looking at salt.states.iptables right now.
07:20 MTecknology I like ferm
07:24 Church- MTecknology: That a formula?
07:24 Church- Didn't see it when searching on the site.
07:24 whytewolf Church-: http://ferm.foo-projects.org/
07:24 Church- Yeah, found it,
07:24 Church- So what's the point of formulas exactly?
07:25 whytewolf to drive me nuts
07:25 hemebond LOL
07:25 hemebond Formulas are just a collection of states for managing something.
07:25 hemebond They take your pillars, and do stuff.
07:25 Church- Ah, but we already can call states within states. So what's the deeper point?
07:25 Church- What does it add?
07:25 hemebond Nothing.
07:25 MTecknology Church-: I hate formulas
07:25 Church- heheheh
07:25 hemebond They're just a collection of states.
07:25 Church- So stay away from formulas then.
07:26 whytewolf Church-: it is basicly other users writing states you can use
07:26 hemebond They're written to be generic and reusable.
07:26 MTecknology ^ that
07:26 Church- Ahhhhh.
07:28 Church- Alright, iptables is all set up.
07:28 Church- Fucking hell I love salt.
07:28 Church- One could even say, I'm feeling... salty.
07:28 whytewolf i loved salt enough i started working for the company
07:29 Church- heh
07:29 hemebond eh? you did?
07:29 whytewolf yes
07:29 Church- Now I just need to fix this script and get rancher working correctly.
07:29 Church- Ugh.
07:29 whytewolf I gave up my bank job and got hired by salt
07:29 Church- Why the fuck am I doing this at 2:30am?
07:29 Church- God.
07:29 Church- whytewolf: Sounds like a way better trade.
07:29 Church- No more COBOL for you.
07:30 whytewolf lol. I was a cloud engineer. my job was ELK, puppet and making sure users didn't blow up our private cloud
07:30 whytewolf [i didn't write puppet, i just made sure it was up and working]
07:31 Church- Aye.
07:31 Church- Basically my job, sys engineer/cloud engineer/the ops in devops.
07:31 Church- Plus I'm a manager now.... yay.
07:31 Church- I need a bottle of whiskey for my desk.
07:32 whytewolf hehe you will start to love and hate salt. it does all of those jobs
07:32 Church- Oh definitely our stack is docker and rancher, with elk for monitoring and now salt for doing everything I don't want to do anymore.
07:34 hemebond Anyone know what https://github.com/saltstack/salt/blob/v2016.11.0rc2/salt/template.py#L30 returns?
07:35 hemebond Ignore that.
07:37 whytewolf I want to be playing with my new toy. instead of waiting until i am reading to nuke my home cloud
07:40 Church- New toy?
07:40 hemebond joined #salt
07:42 whytewolf https://www.newegg.com/Product/Product.aspx?Item=9SIA4GH6KB0059
07:42 Church- Shiny
07:42 whytewolf https://imgur.com/rIOzWcH
07:43 Church- Got a nice old r710 sitting next to me.
07:43 Church- Gonna get some more from the auction soon. I like $3-10 r710's.
07:47 onlyanegg joined #salt
08:04 pipps joined #salt
08:07 _6pedrosa9_ joined #salt
08:48 AidanWong joined #salt
08:48 wongster80 joined #salt
09:47 jas02 joined #salt
09:58 jas02 joined #salt
10:15 mikecmpbll joined #salt
10:20 jas02 joined #salt
10:22 _6pedrosa9_ joined #salt
10:23 jas02_ joined #salt
10:31 Hybrid joined #salt
10:33 jas02 joined #salt
10:39 Hybrid joined #salt
10:46 _6pedrosa9_ joined #salt
10:51 jas02 joined #salt
10:55 dencom joined #salt
11:00 _6pedrosa9_ joined #salt
11:16 _6pedrosa9_ joined #salt
11:25 gmacon joined #salt
11:29 jas02 joined #salt
11:31 viq I don't have luck with engines recently :P https://github.com/saltstack/salt/issues/45853
11:31 hammer065 joined #salt
11:34 _6pedrosa9_1 joined #salt
11:35 pualj_ joined #salt
11:38 _6pedrosa9_1 joined #salt
11:45 jas02 joined #salt
12:02 _6pedrosa9_ joined #salt
12:09 _6pedrosa9_ joined #salt
12:13 _6pedrosa9_ joined #salt
12:13 jas02 joined #salt
12:16 Trauma joined #salt
13:03 tiwula joined #salt
13:10 K0HAX joined #salt
13:11 matt___ joined #salt
13:21 jas02 joined #salt
13:42 yujunz joined #salt
13:51 evle1 joined #salt
13:51 jas02 joined #salt
14:04 taylorbyte joined #salt
14:08 taylorbyte is it possible to run a salt cloud master from a NATed machine / not need to specify a master ip in the minion/s, or maybe i should use salt-ssh?
14:09 viq I guess salt could spin up VMs, but if you want to use minions on them, they need to connect somewhere
14:10 viq Why not have one of them be master?
14:14 MTecknology taylorbyte: Why wouldn't it be possible?
14:16 taylorbyte MTecknology: i watched this video https://www.youtube.com/watch?v=fs0UFjvWA_c it just seems like the master needs to be accessible from a public IP, im thinking of configuring a salt minion on a vps from home on shit internet
14:17 XenophonF taylorbyte: Salt works through NAT just fine.
14:17 XenophonF just make sure DNS points at the right thing in the right networks
14:18 taylorbyte oh ok, wasnt sure if the minions comunicated back to the masters on their own
14:18 XenophonF They do?
14:18 taylorbyte or does the master try to keep an open connection to all minions
14:18 XenophonF They do and it does.
14:18 taylorbyte oh ok
14:19 XenophonF But minions use DNS to look up the master's IP.
14:19 taylorbyte but that means i need a public IP
14:19 XenophonF obvs
14:19 XenophonF for the master
14:19 MTecknology yes, or else you have no route
14:19 MTecknology and with no route, your bits will just fall out the end of the ether
14:20 taylorbyte yeah my original question i mean the master bing NATed
14:25 yujunz left #salt
14:38 taylorbyte found what i wanted to know in here https://groups.google.com/forum/#!topic/salt-users/4BDWyQBJXs0
14:39 yujunz joined #salt
14:40 yujunz-zte joined #salt
14:40 MTecknology you're uing salt-ssh?
14:43 taylorbyte MTecknology: i have used it, but i was wondering if i should set up a linode vps with salt cloud or salt-ssh
14:43 taylorbyte if i use salt cloud i'll have to map a port/s to my router
14:45 MTecknology I personally don't like either option. I have openvpn setup part of my deploy script.
14:46 taylorbyte now im wondering if i do map a port and use salt cloud, could i use salt ssh from a laptop on a different internet connection
14:46 taylorbyte so does the minion run its own vpn server ?
14:49 taylorbyte if the minion has a vpn server the link i found above mentioned a neat trick "ssh reverse port forwarding" instead of using openvpn
14:51 MTecknology server? .. no
14:52 MTecknology https://i.imgur.com/qh3hMjn.png
15:02 MTecknology I need to rebuild that diagram someday.
15:02 MTecknology I way over-complicated it
15:05 jas02 joined #salt
15:06 taylorbyte yeah im trying to use as little devices as i can atm i just wanted to have 1 master(possibly mobile laptop using weird internet connections)  and 2 vps minion with public IPs
15:08 MTecknology You only need a firewall/router and a salt master for my setup.
15:08 MTecknology You also only need a firewall/router and a salt master to forward ports and not worry about vpn.
15:09 taylorbyte yeah
15:09 MTecknology it's pretty basic networking stuff, so basic that even netgear tends to properly support it in their clunky web interfaces
15:09 stanchan joined #salt
15:10 taylorbyte all my routers that i can get my hands on have openwrt
15:10 * MTecknology shudders
15:10 taylorbyte lol why
15:10 MTecknology I remember those days of pain
15:11 MTecknology Here's a nickle, kid. Get yourself a real firewall.
15:11 taylorbyte lol
15:11 MTecknology https://www.pfsense.org/
15:12 taylorbyte nice
15:13 jas02_ joined #salt
15:14 MTecknology ftr- https://i.pinimg.com/736x/6a/09/f4/6a09f4c78c82187da893f311ee48f5e3--geek-humour-open-source.jpg
15:17 taylorbyte lol
15:32 cyteen joined #salt
15:36 cyteen joined #salt
15:49 viq https://pbot.rmdir.de/--YJR-2pQmGHfzJ33oEpVg  - what am I doing wrong? Trying to run master as normal user from pip, for some testing
15:51 viq It obviously *is* reading Saltfile and ./master.d/master.conf, since the dirs in /tmp were created. But I don't even see a setting for queues in https://docs.saltstack.com/en/latest/ref/configuration/master.html
16:03 jas02 joined #salt
16:04 jas02 joined #salt
16:09 tiwula joined #salt
16:10 evle2 joined #salt
16:13 jas02 joined #salt
16:20 viq https://github.com/saltstack/salt/issues/45854
16:30 taylorbyte joined #salt
16:41 banditthecat joined #salt
16:42 onlyanegg joined #salt
17:02 mikecmpbll joined #salt
17:03 viq So, slack engine works from a pip install, but insists I'm not authorised to run commands...
17:04 taylorbyte joined #salt
17:09 zeromorphism__ joined #salt
17:38 ahrs joined #salt
17:40 stanchan joined #salt
17:57 Freeaqingme joined #salt
17:57 Freeaqingme left #salt
17:58 Freeaqingme joined #salt
18:00 hasues joined #salt
18:06 cyteen joined #salt
18:07 zeromorphism joined #salt
18:10 onlyanegg joined #salt
18:15 pualj joined #salt
18:44 Hybrid joined #salt
18:47 cyborg-one joined #salt
18:48 jas02 joined #salt
18:49 onlyanegg joined #salt
18:49 jas02 joined #salt
18:56 zeromorphism joined #salt
19:03 Hybrid joined #salt
19:17 gmacon joined #salt
19:54 wongster80 joined #salt
20:08 jeblair joined #salt
20:22 Trauma joined #salt
20:28 onlyanegg joined #salt
20:38 ry joined #salt
21:03 miruoy joined #salt
21:04 eprice joined #salt
21:05 eprice joined #salt
21:08 onlyanegg joined #salt
21:09 armyriad joined #salt
21:12 sjorge joined #salt
21:14 felixhummel joined #salt
21:23 jeblair joined #salt
21:40 yidhra joined #salt
21:41 hunter joined #salt
21:48 onlyanegg joined #salt
22:03 jeblair joined #salt
22:28 felixhummel joined #salt
22:41 onlyanegg joined #salt
23:33 Trauma joined #salt
23:57 oida joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary