infrastruktur:salt:bootstrap

Run the following commands on a new host: 

apt update && apt -y install gnupg2
wget -O - "https://repo.saltproject.io/py3/debian/$(cat /etc/debian_version | sed 's/\..*//')/amd64/3004/SALTSTACK-GPG-KEY.pub" | apt-key add -
echo "deb https://repo.saltproject.io/py3/debian/$(cat /etc/debian_version | sed 's/\..*//')/amd64/3004 bullseye main" > /etc/apt/sources.list.d/saltstack.list
apt update
mkdir -p /etc/salt/minion.d/
echo 'ipv6: True' > /etc/salt/minion.d/ipv6.conf
echo 'master: salt.ffm.freifunk.net' > /etc/salt/minion.d/master.conf
apt install -y salt-minion
salt-call --local key.finger

Init the pillar config for the new host:

host/tld/domain/name/service/init.sls
roles:
  gateway
[...]

Potentially include service pillar like for example:

top.sls
base:
[...]
  'prometheus1.aixit.off.de.ffffm.net':
    - services.cadvisor
    - services.pretix

And now check the key on the Salt Master, add the new host and run state.apply for the first time: 

salt-key -F
salt-key -a '<hostname>'
salt '<hostname>' test.ping
salt '<hostname>' state.apply -l quiet --state-verbose=false saltenv=base
  • infrastruktur/salt/bootstrap.txt
  • Zuletzt geändert: 19.06.2023 22:55
  • von igor