From 06a36e62ae783600a98115258ab4a3c6095888d1 Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Sun, 22 Jan 2023 15:33:30 +0100 Subject: salt.master: configure publisher_acl Signed-off-by: Georg Pfuetzenreuter --- salt/profile/salt/master.sls | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'salt') diff --git a/salt/profile/salt/master.sls b/salt/profile/salt/master.sls index a1ef840..ae2aee4 100644 --- a/salt/profile/salt/master.sls +++ b/salt/profile/salt/master.sls @@ -101,3 +101,15 @@ salt_redis_service_start: - pkg: redis - watch: - file: {{ redis_config }} + +{%- if pillar['secret_salt'] is defined %} +admin_salt_membership: + group.present: + - name: salt + - addusers: + {%- for user in master_pillar['publisher_acl'] %} + - {{ user }} + {%- endfor %} + - require: + - pkg: salt-master +{%- endif %} -- cgit v1.2.3