summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xbin/nbroles_to_grains.sh2
-rw-r--r--pillar/id/themis_lysergic_dev.sls6
-rw-r--r--salt/common/suse.sls4
-rw-r--r--salt/profile/bookstack/init.sls6
4 files changed, 11 insertions, 7 deletions
diff --git a/bin/nbroles_to_grains.sh b/bin/nbroles_to_grains.sh
index ee4e726..85cb52c 100755
--- a/bin/nbroles_to_grains.sh
+++ b/bin/nbroles_to_grains.sh
@@ -1,4 +1,4 @@
#!/usr/bin/env sh
# This rewrites top-files to fetch roles from grains instead of our custom roles API. Useful for testing outside of the LibertaCasa infrastructure, but not recommended for production.
-sed -i "s/salt\['http.query'\].*/grains\['roles'\] -%}/" */top.sls
+sed -i "s/salt\['http.query'\].*/grains\['roles'\] -%}/" */top.sls salt/common/suse.sls
diff --git a/pillar/id/themis_lysergic_dev.sls b/pillar/id/themis_lysergic_dev.sls
index a620c9e..5c3df5e 100644
--- a/pillar/id/themis_lysergic_dev.sls
+++ b/pillar/id/themis_lysergic_dev.sls
@@ -88,9 +88,9 @@ profile:
saml2_email_attribute: email
saml2_external_id_attribute: uid
saml2_display_name_attributes: fullname
- saml2_idp_entityid: https://libsso.net/realms/libertacasa
- saml2_idp_sso: https://libsso.net/realms/libertacasa/protocol/saml
- saml2_idp_slo: https://libsso.net/realms/libertacasa/protocol/saml
+ saml2_idp_entityid: https://libsso.net/realms/LibertaCasa
+ saml2_idp_sso: https://libsso.net/realms/LibertaCasa/protocol/saml
+ saml2_idp_slo: https://libsso.net/realms/LibertaCasa/protocol/saml
saml2_idp_x509: ${'secret_bookstack:saml2_idp_x509'}
saml2_autoload_metadata: false
saml2_sp_x509: ${'secret_bookstack:saml2_sp_x509'}
diff --git a/salt/common/suse.sls b/salt/common/suse.sls
index 01c7333..da0a99e 100644
--- a/salt/common/suse.sls
+++ b/salt/common/suse.sls
@@ -1,3 +1,5 @@
+{%- set roles = salt['http.query']('http://machine-roles.lysergic.dev:4580/roles', decode=True, decode_type='json', params={"machine": id})['dict']['roles'] -%}
+
include:
{#- drop pillar check after all firewall configurations have been imported #}
{%- if salt['pillar.get']('manage_firewall'), False %}
@@ -65,7 +67,9 @@ common_packages_remove:
{#- we only use AutoYaST for the OS deployment #}
- autoyast2
- autoyast2-installation
+ {%- if not 'php-fpm' in roles %}
- libX11-data
+ {%- endif %}
- yast2-add-on
- yast2-services-manager
- yast2-slp
diff --git a/salt/profile/bookstack/init.sls b/salt/profile/bookstack/init.sls
index 3dc5a36..ea75ec4 100644
--- a/salt/profile/bookstack/init.sls
+++ b/salt/profile/bookstack/init.sls
@@ -10,7 +10,7 @@ bookstack_permissions:
file.managed:
- mode: '0640'
- user: root
- - group: wwwrun
+ - group: www
- names:
- {{ configfile }}
@@ -24,10 +24,10 @@ bookstack_permissions:
- key_values:
{%- macro condconf(option) %}
{%- if option in mypillar -%}
- {%- if mypillar[option] is string and mypillar[option].startswith('$') or mypillar[option] is number %}
+ {%- if ( mypillar[option] is string and mypillar[option].startswith('$') ) or mypillar[option] is number %}
{%- set value = mypillar[option] %}
{%- else %}
- {%- set value = mypillar[option] | quote %}
+ {%- set value = "\"'" ~ mypillar[option] ~ "'\"" %}
{%- endif %}
{{ option | upper }}: {{ value }}
{%- endif -%}