diff --git a/README.rst b/README.rst index cd9d5c22..55652532 100644 --- a/README.rst +++ b/README.rst @@ -70,6 +70,16 @@ Linux with system users, some with password set: full_name: 'With hased password' home: '/home/elizabeth' password: "$6$nUI7QEz3$dFYjzQqK5cJ6HQ38KqG4gTWA9eJu3aKx6TRVDFh6BVJxJgFWg2akfAA7f1fCxcSUeOJ2arCO6EEI6XXnHXxG10" + someserv: + name: 'someservice' + enabled: true + full_name: 'Some super service owner' + home: '/usr/lib/someservice' + home_dir_mode: 700 + system:true + unique: false + uid: 0 + gid: 0 Configure password expiration parameters ---------------------------------------- @@ -1468,6 +1478,18 @@ Open vSwitch Bridges: ovs_bridge: br-ens7 bridge: br-ens7 +Open vSwitch native bond: + +.. code-block:: yaml + + bond1: + enabled: true + type: ovs_bond + mode: balance-slb + bridge: br-ex + slaves: eno3 eno4 + + Debian manual proto interfaces When you are changing interface proto from static in up state diff --git a/linux/network/interface.sls b/linux/network/interface.sls index a39fc371..aa21757e 100644 --- a/linux/network/interface.sls +++ b/linux/network/interface.sls @@ -109,6 +109,12 @@ add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}: {%- endfor %} +{%- elif interface.type == 'ovs_bond' %} +ovs_bond_{{ interface_name }}: + cmd.run: + - name: ovs-vsctl add-bond {{ interface.bridge }} {{ interface_name }} {{ interface.slaves }} bond_mode={{ interface.mode }} + - unless: ovs-vsctl show | grep -A 2 'Port.*{{ interface_name }}.' + {%- elif interface.type == 'ovs_port' %} {%- if interface.get('port_type','internal') == 'patch' %} diff --git a/linux/system/repo.sls b/linux/system/repo.sls index dd41afe6..fa4c2800 100644 --- a/linux/system/repo.sls +++ b/linux/system/repo.sls @@ -113,7 +113,11 @@ linux_repo_{{ name }}_key: {%- if repo.get('enabled', True) %} linux_repo_{{ name }}: pkgrepo.managed: + {%- if salt['grains.get']('saltversion') < '2018.3' %} - refresh_db: False + {%- else %} + - refresh: False + {%- endif %} - require_in: - refresh_db {%- if repo.ppa is defined %} @@ -146,7 +150,11 @@ linux_repo_{{ name }}: {%- else %} linux_repo_{{ name }}: pkgrepo.absent: + {%- if salt['grains.get']('saltversion') < '2018.3' %} - refresh_db: False + {%- else %} + - refresh: False + {%- endif %} - require: - file: /etc/apt/apt.conf.d/99proxies-salt-{{ name }} - require_in: @@ -177,7 +185,11 @@ linux_repo_{{ name }}: {%- if not repo.get('default', False) %} linux_repo_{{ name }}: pkgrepo.managed: + {%- if salt['grains.get']('saltversion') < '2018.3' %} - refresh_db: False + {%- else %} + - refresh: False + {%- endif %} - require_in: - refresh_db - name: {{ name }} @@ -194,7 +206,11 @@ linux_repo_{{ name }}: {%- endif %} {%- else %} pkgrepo.absent: + {%- if salt['grains.get']('saltversion') < '2018.3' %} - refresh_db: False + {%- else %} + - refresh: False + {%- endif %} - require_in: - refresh_db - name: {{ repo.source }} diff --git a/linux/system/user.sls b/linux/system/user.sls index 42086d5a..7b9a02b1 100644 --- a/linux/system/user.sls +++ b/linux/system/user.sls @@ -16,16 +16,16 @@ include: {%- endfor %} {%- if user.gid is not defined %} -system_group_{{ name }}: +system_group_{{ user.name }}: group.present: - - name: {{ name }} + - name: {{ user.name }} - require_in: - - user: system_user_{{ name }} + - user: system_user_{{ user.name }} {%- endif %} -system_user_{{ name }}: +system_user_{{ user.name }}: user.present: - - name: {{ name }} + - name: {{ user.name }} - home: {{ user.home }} {% if user.get('password') == False %} - enforce_password: false @@ -51,7 +51,7 @@ system_user_{{ name }}: {%- else %} - shell: {{ user.get('shell', '/bin/bash') }} {%- endif %} - {%- if user.uid is defined and user.uid %} + {%- if user.uid is defined %} - uid: {{ user.uid }} {%- endif %} {%- if user.unique is defined %} @@ -74,15 +74,19 @@ system_user_{{ name }}: system_user_home_{{ user.home }}: file.directory: - name: {{ user.home }} - - user: {{ name }} + {%- if user.uid is defined and user.uid == 0 %} + - user: root + {%- else %} + - user: {{ user.name }} + {%- endif %} - mode: {{ user.get('home_dir_mode', 700) }} - makedirs: true - require: - - user: system_user_{{ name }} + - user: system_user_{{ user.name }} {%- if user.get('sudo', False) %} -/etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}: +/etc/sudoers.d/90-salt-user-{{ user.name|replace('.', '-') }}: file.managed: - source: salt://linux/files/sudoer - template: jinja @@ -90,29 +94,29 @@ system_user_home_{{ user.home }}: - group: root - mode: 440 - defaults: - user_name: {{ name }} + user_name: {{ user.name }} - require: - - user: system_user_{{ name }} + - user: system_user_{{ user.name }} - check_cmd: /usr/sbin/visudo -c -f {%- else %} -/etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}: +/etc/sudoers.d/90-salt-user-{{ user.name|replace('.', '-') }}: file.absent {%- endif %} {%- else %} -system_user_{{ name }}: +system_user_{{ user.name }}: user.absent: - - name: {{ name }} + - name: {{ user.name }} system_user_home_{{ user.home }}: file.absent: - name: {{ user.home }} -/etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}: +/etc/sudoers.d/90-salt-user-{{ user.name|replace('.', '-') }}: file.absent {%- endif %} diff --git a/tests/pillar/network_openvswitch.sls b/tests/pillar/network_openvswitch.sls index 80c482ac..e7b51f4c 100644 --- a/tests/pillar/network_openvswitch.sls +++ b/tests/pillar/network_openvswitch.sls @@ -48,3 +48,10 @@ linux: type: ovs_port ovs_bridge: br-ens0 bridge: br-ens0 + bond1: + enabled: true + type: ovs_bond + mode: balance-slb + bridge: br-ex + slaves: eno3 eno4 +