Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-02-04

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:09 onlyanegg joined #salt
00:42 tiwula joined #salt
00:43 justanotheruser joined #salt
01:02 stanchan joined #salt
01:16 shiranaihito joined #salt
01:23 onlyanegg joined #salt
02:10 onlyanegg joined #salt
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:58 nomeed joined #salt
03:04 av_ joined #salt
03:29 Gabemo joined #salt
03:39 onlyanegg joined #salt
03:47 taylorbyte if i'm using users-formula with pillars/users/init.sls but i want some hosts to have different users do i just create files named after the hosts inside pillars/users, then in pillars/top.sls have 'hostname': and under that have - users.hostname for each host that needs specific users?
03:51 onlyaneg1 joined #salt
04:13 tiwula joined #salt
04:15 Psi-Jack joined #salt
04:16 Psi-Jack Hmmm... Multiple GPG keys for a pkgrepo still isn't supported?
04:18 MTecknology Why would you need mulitple keps?
04:18 Psi-Jack Because some repos use it.
04:18 Psi-Jack Rare, but some. For example, Salt's own does.
04:20 Psi-Jack https://github.com/saltstack/salt/issues/40612 is the one issue I see reported about it, but it's still open. :/
04:22 MTecknology The two people that ran into the problem probably didn't feel enough drive to write a patch for it..
04:27 Psi-Jack Kind of annoying. LOL. I doubt it's just two people, but this kind of issue prevents me from even making a successful use of pkrepo to install salt with salt-ssh with. hehe
04:27 MTecknology patches welcome?
04:37 Psi-Jack I may try to take a stab at it sometime soon.
04:38 MTecknology stay the hell outta the debian network templating.
04:38 Psi-Jack Eh? LOL
04:39 MTecknology https://github.com/saltstack/salt/blob/develop/salt/templates/debian_ip/debian_eth.jinja
04:39 MTecknology check out that last commit
04:39 Psi-Jack heh
04:41 MTecknology https://github.com/saltstack/salt/commit/525c74627480ec2b91ee58a0c20281524595a32f
04:42 MTecknology https://github.com/saltstack/salt/commit/88f9d9f22c3821ad8700690b962a07a79697c8df#diff-57aa260f7e62563a79c53fb7497e0eec
04:45 Psi-Jack Hehe, I recently switched companies I work for and the new one happends to use salt, so I'll be getting right back into salt land pretty soon. heh
04:56 MTecknology oh?
04:56 MTecknology CA?
04:58 Psi-Jack Hmm?
05:02 MTecknology there's a new person coming into my team soon
05:03 Psi-Jack Heh oh. Not me. I've already been working at the new company for 2 weeks now. :)
05:08 MTecknology I'm in such a weird as crap position... in line to start pulling rank, but also a new guy coming in that's going to be expected to replace my previous boss.
05:10 MTecknology and the new guy is coming into $client because I've been able to do an acceptable job..
05:11 MTecknology This client sponsored that nightmarish pile of commits to fix up networking stuff. :)
05:27 zulutango joined #salt
05:39 Church- Heya folks
05:44 MTecknology Yo! yo! yo! wut up foo?! wut u got?
05:44 Church- Heh
05:44 Church- A halon system put into my house soon apparently.
05:44 Church- Little worried 'bout that.
05:46 Church- MTecknology: So question.
05:46 Church- When transliterating between module cli commands and writing them in a state file. What's proper practices?
05:46 MTecknology I'm not sober.. (warning)
05:46 Church- heheheh
05:46 Church- Neither am I.
05:46 Church- For example, salt '*' ssh.set_auth_key_from_file <user> salt://ssh_keys/<user>.id_rsa.pub
05:47 Church- I want to translate that to add onto my ssh-server.sls file.
05:47 MTecknology You use enter too much, it makes me angry.
05:47 Church- Apolpgies.
05:47 Church- I.
05:47 Church- Guess.
05:47 Church- :)
05:47 MTecknology I will murder you in the most painful way I can imagine.
05:48 Church- :)
05:48 Church- Okay, looks like I can use module.run for this.
05:48 MTecknology I don't think I really follow the question
05:49 Church- Basically what's the best way to take the cli command and rewrite as a state file?
05:50 MTecknology use jinja so you can write some clean and generic state, and then make it read from a nicely formated pillar structure.
05:51 Church- Alright. So, more stuff for me to read up on. Good to know.
05:51 MTecknology check out my demo
05:51 MTecknology someday I'll update with new magic.
05:52 Church- Heh, aye.
05:52 MTecknology (hopefully around the time of next saltconf)
05:54 Church- Oh cool, found a state file for this.
05:54 Church- Gnarly.
05:57 Church- Just really need to get conditionals going.
05:58 Church- And I think I figured out how to do that.
05:59 MTecknology I think the term you're looking for is "loop"
06:00 Church- Eh, not entirely? Since I just need to determine what variables to plug in based on what my salt minion id ends in.
06:00 Church- Which I got working.
06:00 MTecknology don't make it "conditional", make it "seleciton"
06:00 Church- Hmm, how come?
06:00 MTecknology torvalds- code w/ taste
06:01 Church- Ah.
06:07 leev_ joined #salt
06:07 Grauwolf_ joined #salt
06:07 m0nky_ joined #salt
06:08 kuromagi joined #salt
06:09 dem joined #salt
06:09 esharpmajor joined #salt
06:09 Laogeodritt| joined #salt
06:09 MightyJoe joined #salt
06:10 nku_ joined #salt
06:10 jholtom joined #salt
06:10 matti__ joined #salt
06:11 rickflare2 joined #salt
06:13 Armadill0 joined #salt
06:13 lompik joined #salt
06:13 manfred joined #salt
06:14 twiedenbein_ joined #salt
06:14 MK_FG joined #salt
06:14 MK_FG joined #salt
06:14 CeBe_ joined #salt
06:14 xer0x_ joined #salt
06:14 themacproguy joined #salt
06:14 emid_ joined #salt
06:16 pualj joined #salt
06:19 sayyid9000 joined #salt
06:21 nledez joined #salt
06:21 drags joined #salt
06:22 acantha joined #salt
06:22 ingy joined #salt
06:22 freelock joined #salt
06:23 andi- joined #salt
06:31 cyborg-one joined #salt
06:48 taylorbyte with users-formula: https://github.com/saltstack-formulas/users-formula/blob/master/pillar.example how can i have commo users then for some hosts have users that differ, do i have to have separate pillars for every host?
06:48 hemebond taylorbyte: Yes
06:49 hemebond Well, not really, but that's what it boils down to.
06:49 hemebond There are many different ways to control which pillars are applied to a host.
06:49 hemebond er, minion.
06:49 yuhl joined #salt
06:50 taylorbyte hemebond: thanks, so would that look sort of like pillars/users/host1.sls and that would get called in top.sls as users.host1
06:50 hemebond Yes, that's one way to do it.
06:51 taylorbyte and if i wanted a set of similar users across all hosts/minions id have to replicate them into the individual files or is there some king of include or inherit thing i can do?
06:51 taylorbyte kind*
06:52 hemebond You could just put the common users in a file and apply that file to all minions.
06:53 taylorbyte im a bit new to salt, is that sort of like a deploy once thing?
06:54 hemebond I mean a pillar .sls file
06:54 hemebond e.g., /pillars/users/common.sls
06:55 hemebond '*':\n- users.common
06:56 taylorbyte but if i call 1 sls then another sls that has the same  users:  at the beginning i though salt didn't like having more than 1 i guess you'd call it label
06:57 taylorbyte or you mean from command line?
06:57 hemebond Your state IDs must be unique, but pillar data is merged together.
06:58 taylorbyte oh ok that's probably what confused me so i can have say common.sls, host1.sls, host2.sls and all start with users: on the first line?
06:58 hemebond Correct.
06:58 hemebond Dicts (dictionaries) are merged.
06:59 taylorbyte thanks you helped heaps
06:59 hemebond Lists are not. So if you have a list, the items will be replaced depending on which order Salt reads your pillar files.
07:15 chowmeined joined #salt
07:24 jas02 joined #salt
08:01 Deliant joined #salt
08:07 stanchan joined #salt
08:16 Lionel_Debroux_ joined #salt
08:37 cyborg-one joined #salt
09:18 sjohnsen joined #salt
10:25 yidhra joined #salt
10:31 mikecmpbll joined #salt
10:50 jas02 joined #salt
10:50 cyborg-one left #salt
10:59 Trauma joined #salt
11:58 K0HAX joined #salt
12:06 taylorbyte if i use   source: salt://   can it point to a file in the pillar folder or is it always used to point to a folder in salt (state) directory ?
12:11 taylorbyte because when i look at https://github.com/saltstack-formulas/users-formula/blob/2844c9091ec9b9029bcf348e0e4a1f69659b6a6b/pillar.example#L126 it seems they are encouraging the keeping of static files in the salt state, but what about files that may change from time to time, can i have them stored in pillars?
12:31 pppingme joined #salt
12:32 nkuttler taylorbyte: what's preventing you from modifying files inside the states directory?
12:33 taylorbyte nkuttler: i just thought the states directory was meant to be left alone after being setup properly
12:36 nkuttler then i must be doing it all wrong.. not sure how you came to that conclusion
12:37 nkuttler taylorbyte: ideally i guess you'd render state templates with data from pillars, but imo it doesn't matter
12:38 nkuttler i guess it matters if your approach is to manage *your* infrastructure, or if you want to write generic states
12:40 taylorbyte when i look at some of the salt formulas out there it seems that the data / stuff that changes stays in the pillars, ive been reading though https://github.com/saltstack/salt/issues/1543 its very interesting they also mention salt.pillar.file_tree not sure how that'l go
12:41 taylorbyte they talk about overhead i think too much data in the pillar it might cause problems?
12:42 viq taylorbyte: for users, look up yamlex, it allows for controlled merging of pillars
12:46 viq taylorbyte: and indeed pillars are rendered on master, so you're placing a load on master if you're using them extensively, but I believe that doesn't become an issue until you're well into thousands of items there.
12:50 ahrs joined #salt
12:50 taylorbyte viq: not sure if i need yamlex, this method looks ok don't know if its secure https://github.com/saltstack/salt/issues/1543#issuecomment-11835437
12:51 taylorbyte or is that something that guy tried but isnt part of salt
12:51 viq Nowadays you can also use... varstack? pillarstack?
12:52 viq Haven't looked closely at it yet, but it's supposed to do various merges and includes of pillars, and is in core.
12:54 zerocoolback joined #salt
13:03 taylorbyte i dunno is there a proper neat way to securely distribute binary files with salt and not have them in the state directory?
13:04 _KaszpiR_ use separate storage for that with encrypted files, use salt to download files and decrypt them locally - this way you do not have to use salt as transport layer
13:04 _KaszpiR_ you can apply this pattern to any configuration tool
13:16 taylorbyte _KaszpiR_: got me thinking now... my master is from salt-ssh because i may or may not have a public / static IP all the time... what about open a ssh reverse port map then run salt-ssh and the minion can scp / ftp / curl the file from the mapped port?
13:16 viq It also depends what does and does not tick "securely" for you, and what scale you need. Eg. AFAIK twitter distributes updates to their frontends via internal torrent swarm
13:17 taylorbyte interesting
13:18 viq There's also syncthing, though that has quirks.
13:19 taylorbyte lol syncthing ive used that, its weird it heats up my phone a lot probably has a lot of overhead
13:20 viq So I guess first question is what does "securely" mean for you?
13:21 taylorbyte oh, ssl encrypted transport
13:22 taylorbyte i wouldnt use ftp or something
13:22 taylorbyte sshfs or scp might be good but my master might not have a public IP
13:26 viq Also there's this newfangled wireguard thing that could (or could not) make some things easier for you
13:29 nkuttler taylorbyte: just verify checksums, and/or signatures? hardly matters how you distribute files then
13:37 zerocoolback joined #salt
13:54 mikecmpbll joined #salt
13:54 GrisKo joined #salt
14:00 jas02 joined #salt
14:22 tiwula joined #salt
14:57 jas02 joined #salt
15:06 bildz joined #salt
15:12 inad922 joined #salt
15:28 GrisKo joined #salt
16:23 jas02 joined #salt
16:34 rawzone joined #salt
16:37 schemanic joined #salt
16:51 GrisKo joined #salt
17:03 Hybrid joined #salt
17:08 hph^ joined #salt
17:09 Lionel_Debroux joined #salt
17:15 Lionel_Debroux joined #salt
17:21 Hybrid joined #salt
17:28 pualj joined #salt
17:35 sjorge joined #salt
17:39 taylorbyte i am confusd when i read the "Note" on salt.modules.acme https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.acme.html  by using the words "for example" imply that letsencrypt-formula uses the acme module, but i had a look in the formula and it does not. so is the acme module a replacement / alternative to the letsencrypt-formula ?
17:41 jacksontj joined #salt
17:48 viq taylorbyte: it says "you need acme client to use this module. One of ways to get that executable on your system is to use this formula"
17:50 taylorbyte ok
17:51 sjorge joined #salt
18:18 Bryson joined #salt
18:20 Neighbour taylorbyte: the acme module is a wrapper for the certbot executable
18:21 taylorbyte are salt.modules usually run from command line?
18:22 Neighbour salt execution modules can be called directly like `salt minion module.function args`, yes
18:22 Neighbour other than that, they're also usuallly called from salt state modules
18:43 sjorge joined #salt
18:48 mikecmpbll joined #salt
18:59 Lionel_Debroux joined #salt
19:20 whytewolf joined #salt
19:21 schemanic joined #salt
19:31 whytewolf joined #salt
19:40 pilatii joined #salt
20:05 sjorge joined #salt
20:15 GrisKo joined #salt
20:38 sjorge joined #salt
20:47 sjorge joined #salt
21:09 pualj joined #salt
22:03 pualj joined #salt
22:19 viq mmm, seeing the state progress messages on the event bus is nice, I guess I'll play with having some notifications of them
22:20 NightMonkey joined #salt
22:54 NightMonkey joined #salt
23:30 garphy joined #salt
23:45 yidhra joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary