Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-04-02

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 rollniak_ joined #salt
00:24 rollniak__ joined #salt
00:25 zulutango joined #salt
00:38 mrBen2k2k2k joined #salt
01:00 zerocoolback joined #salt
01:11 armin_ joined #salt
01:17 armin joined #salt
01:56 ilbot3 joined #salt
01:56 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.9, 2017.7.4 <+> RC for 2018.3.0 is out, please test it! <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:05 hooksie1 joined #salt
02:21 colin_stubbs joined #salt
02:40 evle joined #salt
02:48 JPT joined #salt
03:14 shiranaihito joined #salt
03:36 zulutango joined #salt
04:12 mrBen2k2k2k_ joined #salt
04:33 tzero joined #salt
06:53 tyx joined #salt
07:15 eekrano joined #salt
07:44 sjorge joined #salt
07:54 Hybrid joined #salt
08:40 pf_moore joined #salt
09:51 k1412_ joined #salt
09:51 aldevar joined #salt
10:20 jcristau joined #salt
11:01 hhsdadas joined #salt
11:04 hhsdadas joined #salt
11:05 hhsdadas joined #salt
11:05 hhsdadas joined #salt
11:08 zulutango joined #salt
11:11 rollniak_ joined #salt
11:34 hammer065 joined #salt
11:42 Arendtse1 left #salt
11:42 Arendtsen joined #salt
12:28 Nahual joined #salt
12:33 cdunklau joined #salt
12:39 DammitJim joined #salt
13:11 armin joined #salt
13:14 Bico_Fino Hi. It's possible to create a variable like this? {% import_yaml "/tmp/{{ grains['fqdn'] }}.yaml" as server %}
13:23 babilen What happens if you try? And how did you try?
13:27 evle joined #salt
13:28 Trauma joined #salt
13:29 Bico_Fino It doesn't read the grain, just use it as plain text.
13:30 babilen Where?
13:30 Bico_Fino inside a state
13:30 babilen And I don't think you need {{ ... }} inside {% ... %}
13:30 babilen In fact, I'm pretty certain you don't
13:31 Bico_Fino testing
13:32 Bico_Fino Same thing. It doens't convert the grain, TemplateNotFound: /tmp/grains['fqdn'].yaml
13:32 babilen There you go then
13:33 ecdhe joined #salt
13:33 babilen What was the exact incantation you used? Did you concatenate the strings correctly?
13:34 Bico_Fino {% import_yaml "/tmp/grains['fqdn'].yaml" as token %}
13:34 babilen It looks as if you passed the literal string, rather than concatenating
13:34 babilen Yeah
13:34 babilen That's not what you want .. as you want grains['fqdn'] to be evaluated
13:34 Bico_Fino oh yeah
13:34 babilen Try {% import_yaml "/tmp/" ~ grains['fqdn'] ~ ".yaml" as token %}
13:35 Bico_Fino yeah
13:35 Bico_Fino Worked. :)
13:35 Bico_Fino Thanks
13:35 cdunklau Bico_Fino: if i remember my jinja right... "/tmp/%s.yaml"|format(grains['fqdn'])
13:35 babilen Or that
13:36 Bico_Fino good, thanks guys!
13:36 babilen What are you using this for?
13:44 Bico_Fino Loading the minion name configuration
13:50 cdunklau ugh this is so frustrating
13:50 cdunklau so i'm using git for the .sls and pillar
13:51 cdunklau but... only the pillar is working. none of my states can be found, and the fileserver.file_list gives me empty
13:52 cdunklau the pillar and states are both in the same repo, and the configuration is the same for ext_pillar and gitfs_remotes
13:52 cdunklau https://bpaste.net/show/d3dc2f4f02e5
13:53 cdunklau the master log is showing the git fetch for the git_pillar, but not for the states bit
13:53 cdunklau i've entirely removed /var/cache/salt/master and restarted the master, no change
13:54 cdunklau where the heck should i go from here?
13:56 edrocks joined #salt
13:59 tiwula joined #salt
14:01 dobby1 joined #salt
14:09 cdunklau oh yeah, /var/cache/salt/master/gitfs doesn't even exist
14:09 cdunklau even after attempting a state.apply... which seems quite odd
14:10 lordcirth_work cdunklau, isn't root: supposed to be relative to the states path?
14:10 ECDHE_RSA_AES256 joined #salt
14:10 lordcirth_work eg I have the shorewall-formula synced to root: 'shorewall'
14:11 cdunklau lordcirth_work: right, so this mydomain-infra repo has the states tree at salt/roots/salt
14:11 cdunklau and pillar stuff at salt/roots/pillar
14:11 lordcirth_work Oh I'm thinking of mountpoint
14:12 cdunklau lordcirth_work: so i want the repo's salt/roots/salt mounted at salt://
14:12 cdunklau which AFAICT is the default
14:12 cdunklau i guess i could try being explicit about that
14:15 cdunklau i just tried it with mountpoint: salt://  but no change
14:15 edrocks joined #salt
14:18 babilen Bico_Fino: Yeah, obviously. I ask because it is a lot more common to define that data in pillars rather than rely on local files to be present.
14:26 cdunklau ahaha wow
14:26 cdunklau fileserver_backend needs to be a list. i had it as `fileserver_backend: git`
14:26 cdunklau i'm pretty surprised i don't get a nasty error with that...
14:26 cdunklau but oh well
14:30 exarkun joined #salt
14:31 eekrano joined #salt
14:38 schemanic joined #salt
14:44 cgiroua joined #salt
14:45 Hybrid joined #salt
14:55 lordcirth_work I wish I could use N@ in command line compound matching
14:55 lordcirth_work Is there some deep technical reason that doesn't work?
15:00 zerocoolback joined #salt
15:06 zer0def lordcirth_work: `N@`?
15:06 lordcirth_work zer0def, nodegroup test
15:07 zer0def couldn't you associate a grain or pillar with a particular group of hosts you currently bundle into a nodegroup?
15:08 lordcirth_work I could, but N@ already exists, but just has this note: The N@ classifier cannot be used in compound matches within the CLI or top file, it is only recognized in the nodegroups master config file parameter.
15:08 lordcirth_work No explanation as to why it doesn't work in both places
15:21 Hybrid joined #salt
15:22 heaje joined #salt
15:48 nielsk joined #salt
15:49 rollniak joined #salt
15:54 Nahual I'm looking for a way to store a GPG encrypted file in Salt and then have it decrypted via the GPG renderer. I have the GPG encrypted pillar working fine but I think it would be nice if people could commit their encrypted file in its entirety, specify it as a file.managed resource, and template: gpg. I don't see support for this currently and I don't see a pluggable way to do some experimenting and get GPG working as a template to render o
15:54 Nahual ut the file. Is there a better alternative I am not thinking of?
15:56 dendazen joined #salt
15:58 zerocoolback joined #salt
15:58 babilen Nahual: You could either use the filetree pillar (not really that useful as it conflates targetting and data) and decrypt the corresponding pillar subtree in toto or import files with import_text
15:59 babilen But then .. I can't really think of a reason why "- template: gpg" wouldn't work.
15:59 Nahual It doesn't exist as a template according to the utils/templates.py, some extra work required.
16:00 Nahual As for file_tree, I'd have to keep that outside of gitfs to take advantage? Similar to how pillarstack needs to be read in?
16:00 babilen Let me take a look
16:00 babilen Yeah, file_tree isn't really useful for that and the "conflate targeting / data" malarky
16:01 Nahual My largest worry is that to get this working I'd have to commit code upstream to avoid local support since the templating system is not pluggable although renderers are.
16:03 babilen aye
16:04 babilen I completely agree with you and still don't think that the "whole file in pillar tree" (encrypted/unencrypted/...) is solved
16:04 Nahual I think contents_pillar takes care of it, but I don't want to spew a bunch of GPG blocks into the stack.
16:05 Nahual I'd prefer to just render out the file, just like I would a jinja template.
16:05 babilen file_tree is the right idea in that it automatically populates a pillar subtree from a given directory, but unfortunately it bakes the targeting into the directory structure
16:08 babilen So the way it *should* work is: You add foo_file_tree/bar/foo.gpg to your pillar (doesn't matter if its in git, local, ...) and set "file_tree_source: - foo_file_tree" and then also "decrypt_pillar: - 'bar': gpg" to decrypt files in there
16:08 nielsk joined #salt
16:08 babilen And then you can throw in a top.sls anywhere, that targets data in - bar.foo to whereever you want it
16:13 babilen Unfortunately it doesn't work that way
16:13 Nahual I was just about to starting testing that.
16:15 babilen A #!gpg is worth a try with gpg encrypted data in file_tree though
16:15 babilen (that is if the targeting isn't problematic to you)
16:16 babilen I mean .. normally you want to target the same file to multiple hosts and, well, having to copy them all over the place sort of defeats the purpose
16:16 babilen Not being able to keep it in git is also slightly suboptimal
16:16 Nahual Correct.
16:17 Nahual Is my template: gpg remotely feasible? Is it worth trying to get that working?
16:17 babilen I don't necessarily see why it wouldn't
16:17 babilen The renderer exists and the "integration" into the templating engine should be fairly straightforward
16:19 Nahual Let me spend some time on that then and see what I see. Thanks for the talk.
16:19 justanotheruser joined #salt
16:20 GrisKo joined #salt
16:33 dendazen joined #salt
17:03 edrocks joined #salt
17:03 ponyofdeath joined #salt
17:11 Trauma joined #salt
17:20 aldevar joined #salt
17:24 JawnAuz joined #salt
17:25 JawnAuz joined #salt
17:37 eekrano joined #salt
17:41 sjorge joined #salt
17:43 GnuLxUsr joined #salt
17:50 exarkun joined #salt
17:51 aldevar joined #salt
17:53 Durkee joined #salt
17:55 eseyman joined #salt
18:15 aldevar joined #salt
18:26 nixjdm joined #salt
18:29 joe___ joined #salt
18:29 Nahual babilen: I did get it working with some edits to utils/templates.py and renderes/gpg.py. It's not pretty by any stretch.
18:30 Nahual Also assumes you're comfortable laying down the private key into /etc/salt/gpgkeys or wherever gpg_keydir is specified for the renderer.
18:32 aldevar joined #salt
18:47 nielsk joined #salt
18:47 DammitJim joined #salt
19:00 aldevar joined #salt
19:07 wryfi i'm having an issue with pkgrepo.absent/aptpkg.del_repo
19:08 wryfi i have a local repo that my devs use in their vagrants, 'deb [trusted=yes] file:/var/tmp/apt/ ./'
19:08 wryfi and i can't seem to get pkgrepo.absent or aptpkg.del_repo to delete it
19:09 wryfi it always returns "Error running 'pkg.del_repo': Repo deb [trusted=yes] file:/var/tmp/apt/ ./ doesn't exist in the sources.list(s)'
19:10 wryfi but it is very much there in /etc/apt/sources.list.d/local.list, and it is displayed in the output of pkg.list_repos.
19:12 tyx joined #salt
19:12 wryfi and 'pkg.get_repo "deb [trusted=yes] file:/var/tmp/apt/ ./"' also displays it as expected
19:12 Edgan wryfi: I would delete the file, not the repo
19:13 wryfi Edgan: that's what i will resort to, but this seems like a bug
19:14 Edgan wryfi: I agree, but I think managing the files is generally a better way to go than using pkgrepo in the first place. I would file an issue, if there isn't already one, and then delete the file.
19:26 rollniak_ joined #salt
19:31 rollniak__ joined #salt
19:31 thelocehiliosan joined #salt
19:32 Trauma joined #salt
19:34 Deliant joined #salt
19:35 supermike___ left #salt
19:39 noobiedubie joined #salt
19:40 noobiedubie hi all
19:42 noobiedubie trying to setup windows update management through salt specifically using the wua.installed state, is there a way install all updates period or in a category as the old win_wua module used to do or really anyway to build a up to date KB list to pass the the wua.installed state without listing out every KB?
19:42 thelocehiliosan joined #salt
19:59 sjorge joined #salt
20:15 gnord joined #salt
20:26 whytewolf lordcirth_work: I use https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.nodegroups.html as a way around the limitations of nodegroups. since i can just target on a pillar instead of having to worry about where it works and doesn't
20:27 lordcirth_work whytewolf, thanks
20:38 hemebond joined #salt
20:43 justanotheruser joined #salt
20:57 dobby1 joined #salt
21:05 aldevar left #salt
21:13 justanotheruser joined #salt
21:23 rollniak_ joined #salt
22:14 dobby1 joined #salt
22:42 averell joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary