summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--data/templates/salt-minion/minion.j211
-rw-r--r--interface-definitions/salt-minion.xml.in10
-rwxr-xr-xsmoketest/scripts/cli/test_service_salt.py2
-rwxr-xr-xsrc/conf_mode/salt-minion.py63
4 files changed, 37 insertions, 49 deletions
diff --git a/data/templates/salt-minion/minion.j2 b/data/templates/salt-minion/minion.j2
index cc1a63a6e..7e7ac5885 100644
--- a/data/templates/salt-minion/minion.j2
+++ b/data/templates/salt-minion/minion.j2
@@ -32,17 +32,17 @@ log_file: /var/log/salt/minion
# ['garbage', 'trace', 'debug']
#
# Default: 'warning'
-log_level: {{ log_level }}
+log_level: warning
# Set the location of the salt master server, if the master server cannot be
# resolved, then the minion will fail to start.
master:
{% for host in master %}
-- {{ host }}
+ - {{ host }}
{% endfor %}
# The user to run salt
-user: {{ user }}
+user: minion
# The directory to store the pki information in
pki_dir: /config/salt/pki/minion
@@ -52,9 +52,10 @@ pki_dir: /config/salt/pki/minion
# Since salt uses detached ids it is possible to run multiple minions on the
# same machine but with different ids, this can be useful for salt compute
# clusters.
-id: {{ salt_id }}
+id: {{ id }}
# The number of minutes between mine updates.
mine_interval: {{ interval }}
-verify_master_pubkey_sign: {{ verify_master_pubkey_sign }}
+verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }}
+
diff --git a/interface-definitions/salt-minion.xml.in b/interface-definitions/salt-minion.xml.in
index d3b022d12..9425d2b7f 100644
--- a/interface-definitions/salt-minion.xml.in
+++ b/interface-definitions/salt-minion.xml.in
@@ -15,20 +15,21 @@
<list>md5 sha1 sha224 sha256 sha384 sha512</list>
</completionHelp>
<constraint>
- <regex>^(md5|sha1|sha224|sha256|sha384|sha512)$</regex>
+ <regex>(md5|sha1|sha224|sha256|sha384|sha512)</regex>
</constraint>
</properties>
+ <defaultValue>sha256</defaultValue>
</leafNode>
<leafNode name="master">
<properties>
- <help>The hostname or IP address of the master.</help>
+ <help>Hostname or IP address of the Salt master server</help>
<valueHelp>
<format>ipv4</format>
- <description>Remote syslog server IPv4 address</description>
+ <description>Salt server IPv4 address</description>
</valueHelp>
<valueHelp>
<format>hostname</format>
- <description>Remote syslog server FQDN</description>
+ <description>Salt server FQDN address</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
@@ -54,6 +55,7 @@
<validator name="numeric" argument="--range 1-1440"/>
</constraint>
</properties>
+ <defaultValue>60</defaultValue>
</leafNode>
<leafNode name="master-key">
<properties>
diff --git a/smoketest/scripts/cli/test_service_salt.py b/smoketest/scripts/cli/test_service_salt.py
index ebed04e53..bbeec7f7b 100755
--- a/smoketest/scripts/cli/test_service_salt.py
+++ b/smoketest/scripts/cli/test_service_salt.py
@@ -55,7 +55,7 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase):
# commiconf = read_file() Check configured port
conf = read_file(SALT_CONF)
- self.assertIn(f'- {server}', conf)
+ self.assertIn(f' - {server}', conf)
# defaults
hostname = gethostname()
diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py
index d939db9a2..89df3b48a 100755
--- a/src/conf_mode/salt-minion.py
+++ b/src/conf_mode/salt-minion.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2018-2020 VyOS maintainers and contributors
+# Copyright (C) 2018-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -16,14 +16,16 @@
import os
-from copy import deepcopy
from socket import gethostname
from sys import exit
from urllib3 import PoolManager
from vyos.config import Config
+from vyos.configdict import dict_merge
from vyos.template import render
-from vyos.util import call, chown
+from vyos.util import call
+from vyos.util import chown
+from vyos.xml import defaults
from vyos import ConfigError
from vyos import airbag
@@ -32,20 +34,10 @@ airbag.enable()
config_file = r'/etc/salt/minion'
master_keyfile = r'/opt/vyatta/etc/config/salt/pki/minion/master_sign.pub'
-default_config_data = {
- 'hash': 'sha256',
- 'log_level': 'warning',
- 'master' : 'salt',
- 'user': 'minion',
- 'group': 'vyattacfg',
- 'salt_id': gethostname(),
- 'interval': '60',
- 'verify_master_pubkey_sign': 'false',
- 'master_key': ''
-}
+user='minion'
+group='vyattacfg'
def get_config(config=None):
- salt = deepcopy(default_config_data)
if config:
conf = config
else:
@@ -54,28 +46,23 @@ def get_config(config=None):
if not conf.exists(base):
return None
- else:
- conf.set_level(base)
-
- if conf.exists(['hash']):
- salt['hash'] = conf.return_value(['hash'])
-
- if conf.exists(['master']):
- salt['master'] = conf.return_values(['master'])
-
- if conf.exists(['id']):
- salt['salt_id'] = conf.return_value(['id'])
-
- if conf.exists(['user']):
- salt['user'] = conf.return_value(['user'])
- if conf.exists(['interval']):
- salt['interval'] = conf.return_value(['interval'])
+ salt = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
+ # ID default is dynamic thus we can not use defaults()
+ if 'id' not in salt:
+ salt['id'] = gethostname()
+ # We have gathered the dict representation of the CLI, but there are default
+ # options which we need to update into the dictionary retrived.
+ default_values = defaults(base)
+ salt = dict_merge(default_values, salt)
- if conf.exists(['master-key']):
- salt['master_key'] = conf.return_value(['master-key'])
- salt['verify_master_pubkey_sign'] = 'true'
+ if not conf.exists(base):
+ return None
+ else:
+ conf.set_level(base)
+ import pprint
+ pprint.pprint(salt)
return salt
def verify(salt):
@@ -85,13 +72,11 @@ def generate(salt):
if not salt:
return None
- render(config_file, 'salt-minion/minion.j2', salt,
- user=salt['user'], group=salt['group'])
+ render(config_file, 'salt-minion/minion.j2', salt, user=user, group=group)
if not os.path.exists(master_keyfile):
- if salt['master_key']:
+ if 'master_key' in salt:
req = PoolManager().request('GET', salt['master_key'], preload_content=False)
-
with open(master_keyfile, 'wb') as f:
while True:
data = req.read(1024)
@@ -100,7 +85,7 @@ def generate(salt):
f.write(data)
req.release_conn()
- chown(master_keyfile, salt['user'], salt['group'])
+ chown(master_keyfile, user, group)
return None