Automatic Salt slave

Goal

Writing a bash script that will setup a Saltmaster and slave and running highstate automatically.
I build last week a working salt command on my Github I will continue working with it.

Suprise Side Quest

I was getting tired of always running vagrant desroy then vagrant up then vagrant ssh.
So I wrote a bash script to do it for me you can get it here. You just put it in your vagrant folder where the Vagrantfile is and run it when ever you want to reset your vagrant setup.

#!/bin/bash
# this will destroy and put up vagrand again and ssh it straght back for fast salt testing.
# run this in your vagrant master in the same folder as Vagrantfile
echo "Vagrant destroy"
vagrant destroy 
echo "Vagrant up"
vagrant up 
echo "Vagrant ssh"
vagrant ssh 

Getting highstate automaticly with “sleep”

I had problems with running "sudo salt-keys -A" after the systemctl reset so fiddled around and added a 5 second sleep time on to my bash after "sudo systemctl restart salt-minion"and it worked!
Then I had the same problem running the "sudo salt '*' state.highstate" as it returned “no minions responded” so I added before that also 5 seconds so the minion had time to realize its no a slave.

After more testing the 5 seconds seems to work only sometimes. I added it to 10.

So here is my masterpiece
#!/bin/bash
#installs git and saltmaster&minion sets keyboard to fi

cd
echo "Updating packages..."
sudo apt-get update -qq >> /dev/null
echo "Installing git and salt..."
sudo apt-get install git salt-master salt-minion -y -qq >> /dev/null
echo "Cloning repository..."
cd /srv/
sudo git clone https://github.com/aksratamo/salt

echo "Writing salt settings to file and restarting salt-minion..."
sudo echo -e "master: localhost\nid: localminion" | sudo tee /etc/salt/minion
sudo systemctl restart salt-minion
echo "Adding minion to master"
sleep 5
sudo salt-key -A
sleep 10
echo "Running highstate"
sudo salt '*' state.highstate

Sources

School assignement H4: http://terokarvinen.com/2018/aikataulu-%E2%80%93-palvelinten-hallinta-ict4tn022-3004-ti-ja-3002-to-%E2%80%93-loppukevat-2018-5p#h4
Used as help: https://github.com/terokarvinen/sirotin
Used as help: https://github.com/jisosomppi/log-analysis/tree/master/salt
Copyright GPLv2 2018

Markdown & Git

Markdown

All my blogs have been done with pure markdown for a while already. Starting from my small study how its done with wordpress and elementor what you can read here.
And here in my Github

Git clone

Grab a link from for example github write git clone before it and you get the whole project localy on you desktop.

git clone  https://github.com/aksratamo/salt

git log, git diff, git blame

Git log shows you each commit comment, the creator of the commit, time and ID

Git diff Tells you what is different between versions that you made and the orginal. It can also be used to show differences between any versions

Git blame like the name tells you gives you a change to blame others for code changes in your collaboration. 😉
When you write git blame and a file it will show you who wrote each line and when. It can even tell you the git commit comment. So you know exactly who to blame.

This time everything wrong in the code is me.

Git reset –hard

This will restore your work to last saved session session in git. If you wrote something stupid and dont know how to fix it you can just write

git reset --hard

To go back but remember there is now this can not be undone.

New git module

Lets install keepassxc the new password manager and enable autotype.

keepassxc:
  pkg.installed

I failed to find settings how to enable autotype in CLI.
I tried and finding keepassxc settings other ways but no luck.

find /etc/ -printf  '%T+ %p\n'|sort

Sources:

Git blame: https://www.youtube.com/watch?v=nLWJV2SdXY4
My school assignement h3: http://terokarvinen.com/2018/aikataulu-%E2%80%93-palvelinten-hallinta-ict4tn022-3004-ti-ja-3002-to-%E2%80%93-loppukevat-2018-5p#h3
Copyright GPLv2 2018

Installing and configuring systemd with Salt

Setup

SaltMaster: DigitalOcean, 1gig, 1cpu, Ubuntu 18.04
SaltMinion: DigitalOcean, 1gig, 1cpu, Ubuntu 18.04

Pkg-File-Service

We are using Pkg-File-Service philosphy where you first install the package you need, test it. Then you move the preconfigured config file to your slave and test it and as last step you make sure the service will keep running.

pkg.installed

Fast recap from last weeks blog. For detailed explanation check here.

sudo apt update
sudo apt -y install salt-master
sudo apt -y install salt-minion
sudoedit /etc/salt/minion
sudo systemctl restart salt-minion.service
sudo salt-key -A

Lets first make the folder tree for our apache on our master

sudo mkdir -p /srv/salt/apache

sudoedit /srv/salt/apache/init.sls

Add this into init.sls

apache2:
  pkg.installed
sudo salt '*' state.highstate

Test it

file.managed

Add an index.html in your masters apache folder write inside “Hello world”

sudoedit /srv/salt/apache/index.html

Then add more text on init.sls

sudoedit /srv/salt/apache/init.sls

Add this under the apache2:…

/var/www/html/index.html:
  file.managed:
    - source: salt://apache/index.html

And test it. It should over write the default apache page

Allowing user to create websites

We need to activate the setting in apache that allows normal users to have folders in public web. It is done with

sudoedit /srv/salt/apache/init.sls

Adding this to the bottom of the file.

/etc/apache2/mods-enabled/userdir.conf:
 file.symlink:
   - target: ../mods-available/userdir.conf

/etc/apache2/mods-enabled/userdir.load:
 file.symlink:
   - target: ../mods-available/userdir.load

service.running

We need to make sure that Apache keeps running and restarts itself only when absolutely needed. Meaning when the user edits its website. This we can do with service.running and watch.

sudoedit /srv/salt/apache/init.sls

And adding this as the last thing to the file.

apache2service:
 service.running:
   - name: apache2
   - watch:
     - file: /etc/apache2/mods-enabled/userdir.conf
     - file: /etc/apache2/mods-enabled/userdir.load

The end result should look like this

Test it last time.

Sources:

https://tuomasolkinuora.wordpress.com/2018/10/09/configuration-management-systems-h1-and-h2/
Licence GPl v2 2018