diff options
| author | Georg Pfuetzenreuter | 2023-01-20 02:00:16 +0100 |
|---|---|---|
| committer | Georg Pfuetzenreuter | 2023-01-20 02:03:43 +0100 |
| commit | 69aa808f3d09826491be843aee72c3c651987aa1 (patch) | |
| tree | 51739ea37597b123fcae9c962542f90d50645663 | |
| parent | fed1e35c883e9a50dd7ce32c5febddc8aa1d510f (diff) | |
| download | salt-69aa808f3d09826491be843aee72c3c651987aa1.tar.gz salt-69aa808f3d09826491be843aee72c3c651987aa1.tar.bz2 salt-69aa808f3d09826491be843aee72c3c651987aa1.zip | |
Add secret variables
Module should now replace ${...} variables during rendering. Pillar
references need to be quoted.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
| -rw-r--r-- | pillar/role/salt/master.sls | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/pillar/role/salt/master.sls b/pillar/role/salt/master.sls index e6da1af..9970543 100644 --- a/pillar/role/salt/master.sls +++ b/pillar/role/salt/master.sls @@ -1,4 +1,6 @@ salt: + gpg_keydir: ${'secret_salt:master:gpg_keydir'} + interface: ${'secret_salt:master:interface'} master_remove_config: True master: cache: redis @@ -17,8 +19,12 @@ salt: - https://git.com.de/LibertaCasa/salt.git: - root: salt - base: production + - user: ${'secret_salt:master:gitfs_remotes:LibertaCasa:user'} + - password: ${'secret_salt:master:gitfs_remotes:LibertaCasa:password'} ext_pillar: - netbox: + api_url: ${'secret_salt:master:ext_pillar:netbox:api_url'} + api_token: ${'secret_salt:master:ext_pillar:netbox:api_token'} virtual_machines: True interfaces: True interface_ips: True @@ -27,6 +33,12 @@ salt: - git: - production https://git.com.de/LibertaCasa/salt.git: - root: pillar + - user: ${'secret_salt:master:ext_pillar:git:LibertaCasa:user'} + - password: ${'secret_salt:master:ext_pillar:git:LibertaCasa:password'} + - production https://git.com.de/Lysergic/salt.git: + - root: ${'secret_salt:master:ext_pillar:git:Lysergic:root'} + - user: ${'secret_salt:master:ext_pillar:git:Lysergic:user'} + - password: ${'secret_salt:master:ext_pillar:git:Lysergic:password'} ext_pillar_first: True pillar_merge_lists: True log_level: info @@ -34,3 +46,7 @@ salt: timeout: 20 gather_job_timeout: 20 keep_jobs: 30 + user: ${'secret_salt:master:user'} + syndic_user: ${'secret_salt:master:syndic_user'} + cache.redis.unix_socket_path: ${'secret_salt:master:cache.redis.unix_socket_path'} + cache.redis.password: ${'secret_salt:master:cache.redis.password'} |