maybe chmod 0644 'logrotate.d/icinga2'
maybe chmod 0644 'logrotate.d/postgresql-common'
maybe chmod 0644 'logrotate.d/rsyslog'
+maybe chmod 0755 'logrotate.d/salt'
maybe chmod 0644 'logrotate.d/salt-common'
+maybe chmod 0644 'logrotate.d/salt/salt-common.logrotate'
maybe chmod 0644 'logrotate.d/ulogd2'
maybe chmod 0644 'logrotate.d/wtmp'
maybe chmod 0755 'logwatch'
maybe chmod 0755 'runit/runsvdir'
maybe chmod 0755 'runit/runsvdir/default'
maybe chmod 0755 'salt'
+maybe chmod 0644 'salt/cloud'
maybe chmod 0644 'salt/minion'
maybe chmod 0755 'salt/minion.d'
maybe chmod 0644 'salt/minion.d/_schedule.conf'
maybe chmod 0644 'salt/pki/minion/minion_master.pub'
maybe chmod 0644 'salt/proxy'
maybe chmod 0755 'salt/proxy.d'
+maybe chmod 0644 'salt/roster'
maybe chmod 0644 'screenrc'
maybe chmod 0755 'security'
maybe chmod 0644 'security/access.conf'
sgx:x:124:
plocate:x:125:
_ssh:x:109:
+salt:x:126:
systemd-resolve:x:105:
crontab:x:107:
netdev:x:108:
-ssh:x:109:
Debian-exim:x:110:
mlocate:x:111:repo
ssl-cert:x:112:postgres
repo:x:1111:repo,repo.in
sgx:x:124:
plocate:x:125:
+_ssh:x:109:
sgx:!::
plocate:!::
_ssh:!::
+salt:!::
systemd-resolve:!::
crontab:!::
netdev:!::
-ssh:!::
Debian-exim:!::
mlocate:!::repo
ssl-cert:!::postgres
repo:!::repo,repo.in
sgx:!::
plocate:!::
+_ssh:!::
--- /dev/null
+/var/log/salt/master {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+ create 0640 salt salt
+}
+
+/var/log/salt/minion {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+}
+
+/var/log/salt/key {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+ create 0640 salt salt
+}
+
+/var/log/salt/api {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+ create 0640 salt salt
+}
+
+/var/log/salt/syndic {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+}
+
+/var/log/salt/proxy {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+}
systemd-coredump:x:998:998:systemd Core Dumper:/:/sbin/nologin
repo.in:x:1112:100:Repo upload user:/home/repo.in:/bin/bash
tcpdump:x:103:123::/nonexistent:/usr/sbin/nologin
+salt:x:997:126:Salt:/opt/saltstack/salt:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
-www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
+www-data:x:33:33:www-data:/var/www:/bin/bash
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
systemd-coredump:x:998:998:systemd Core Dumper:/:/sbin/nologin
repo.in:x:1112:100:Repo upload user:/home/repo.in:/bin/bash
tcpdump:x:103:123::/nonexistent:/usr/sbin/nologin
+salt:x:997:126::/home/salt:/usr/sbin/nologin
--- /dev/null
+# This file should normally be installed at: /etc/salt/cloud
+
+
+##########################################
+##### VM Defaults #####
+##########################################
+
+# Set the size of minion keys to generate, defaults to 2048
+#
+#keysize: 2048
+
+
+# Set the default os being deployed. This sets which deployment script to
+# apply. This argument is optional.
+#
+#script: bootstrap-salt
+
+
+##########################################
+##### Logging Settings #####
+##########################################
+
+# The location of the master log file
+#
+#log_file: /var/log/salt/cloud
+
+
+# The level of messages to send to the console.
+# One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
+# Default: 'info'
+#
+#log_level: info
+
+
+# The level of messages to send to the log file.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# Default: 'info'
+#
+#log_level_logfile: info
+
+
+# The date and time format used in log messages. Allowed date/time formatting
+# can be seen here:
+#
+# http://docs.python.org/library/time.html#time.strftime
+#
+#log_datefmt: '%Y-%m-%d %H:%M:%S'
+
+
+# The format of the console logging messages. Allowed formatting options can
+# be seen here:
+#
+# http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
+#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
+#log_fmt_logfile: '%(asctime)s,%(msecs)03d [%(name)-17s][%(levelname)-8s] %(message)s'
+
+
+# Logger levels can be used to tweak specific loggers logging levels.
+# For example, if you want to have the salt library at the 'warning' level,
+# but you still wish to have 'salt.modules' at the 'debug' level:
+#
+# log_granular_levels:
+# 'salt': 'warning',
+# 'salt.modules': 'debug'
+# 'saltcloud': 'info'
+#
+#log_granular_levels: {}
+
+
+##########################################
+##### Misc Defaults #####
+##########################################
+
+# Whether or not to remove the accompanying SSH key from the known_hosts file
+# when an instance is destroyed.
+#
+# Default: 'False'
+#
+#delete_sshkeys: False
+
+# Whether or not to include grains information in the /etc/salt/minion file
+# which is generated when the minion is provisioned. For example...
+# grains:
+# salt-cloud:
+# driver: ec2
+# provider: my_ec2:ec2
+# profile: micro_ec2
+#
+# Default: 'True'
+#
+#enable_cloud_grains: 'True'
# asynchronously, however, it still adds 5 seconds every time grains are
# generated if an IP does not resolve. In Windows grains are regenerated each
# time a new process is spawned. Therefore, the default for Windows is `False`.
-# All other OSes default to `True`
+# On macOS, FQDN resolution can be very slow, therefore the default for macOS is
+# `False` as well. All other OSes default to `True`
# enable_fqdns_grains: True
# The minion can take a while to start up when lspci and/or dmidecode is used
#
#state_aggregate: False
+# Instead of failing immediately when another state run is in progress, a value
+# of True will queue the new state run to begin running once the other has
+# finished. This option starts a new thread for each queued state run, so use
+# this option sparingly. Additionally, it can be set to an integer representing
+# the maximum queue size which can be attained before the state runs will fail
+# to be queued. This can prevent runaway conditions where new threads are
+# started until system performance is hampered.
+#
+#state_queue: False
+
# Disable requisites during state runs by specifying a single requisite
# or a list of requisites to disable.
#
# - require
# - require_in
+# If set, this parameter expects a dictionary of state module names as keys
+# and list of conditions which must be satisfied in order to run any functions
+# in that state module.
+#
+#global_state_conditions:
+# "*": ["G@global_noop:false"]
+# service: ["not G@virtual_subtype:chroot"]
+
##### File Directory Settings #####
##########################################
# The Salt Minion can redirect all file server operations to a local directory,
--- /dev/null
+# Sample salt-ssh config file
+#web1:
+# host: 192.168.42.1 # The IP addr or DNS hostname
+# user: fred # Remote executions will be executed as user fred
+# passwd: foobarbaz # The password to use for login, if omitted, keys are used
+# sudo: True # Whether to sudo to root, not enabled by default
+#web2:
+# host: 192.168.42.2
systemd-coredump:!!:18129::::::
repo.in:!:18478:0:99999:7:::
tcpdump:*:18884:0:99999:7:::
+salt:!:19619::::::
projects / config / ns1 / etc.git / commitdiff