diff --git a/pillar.example b/pillar.example index 5076166..e30b978 100644 --- a/pillar.example +++ b/pillar.example @@ -78,19 +78,16 @@ salt: # salt cloud config cloud: master: salt - folders: - - cloud.providers.d/key - - cloud.profiles.d - - cloud.maps.d # You can take profile and map templates from an alternate location - # if desired. - profiles_src: salt://templates/cloud.profiles.d - maps_src: salt://templates/cloud.maps.d + # if you want to write your own. + template_sources: + providers: salt://templates/cloud.providers.d + profiles: salt://templates/cloud.profiles.d + maps: salt://templates/cloud.maps.d - providers: - - ec2 - - gce + # These settings are used by the default provider templates and + # only need to be set for the ones you're using. aws_key: AWSKEYIJSHJAIJS6JSH aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95 gce_project: test diff --git a/salt/cloud.sls b/salt/cloud.sls index b95c103..6834f2d 100644 --- a/salt/cloud.sls +++ b/salt/cloud.sls @@ -32,47 +32,33 @@ salt-cloud: {% endif %} {% endif %} -{% for folder in salt_settings.cloud.folders %} -{{ folder }}: - file.directory: - - name: /etc/salt/{{ folder }} - - user: root - - group: root - - file_mode: 744 - - dir_mode: 755 - - makedirs: True -{% endfor %} - {% for cert in pillar.get('salt_cloud_certs', {}) %} {% for type in ['pem'] %} cloud-cert-{{ cert }}-pem: file.managed: - - name: /etc/salt/cloud.providers.d/key/{{ cert }}.pem + - name: /etc/salt/pki/cloud/{{ cert }}.pem - source: salt://salt/files/key - template: jinja - user: root - group: root - mode: 600 + - makedirs: True - defaults: key: {{ cert }} type: {{ type }} {% endfor %} {% endfor %} -{% for providers in salt_settings.cloud.providers %} -salt-cloud-providers-{{ providers }}: - file.managed: - - name: /etc/salt/cloud.providers.d/{{ providers }}.conf - - template: jinja - - source: salt://salt/files/cloud.providers.d/{{ providers }}.conf -{% endfor %} - -{%- for dir in ['profiles', 'maps'] %} -{%- set default_src = 'salt://salt/files/cloud.{}.d'.format(dir) %} -{%- set source = salt_settings.cloud.get(dir + "_src", default_src) %} +{%- for dir in ['providers', 'profiles', 'maps'] %} +{%- set source = salt_settings.cloud.template_sources.get(dir) %} salt-cloud-{{ dir }}: file.recurse: - name: /etc/salt/cloud.{{ dir }}.d - source: {{ source }} - template: jinja + - user: root + - group: root + - dir_mode: 755 + - file_mode: 644 + - makedirs: True {%- endfor %} diff --git a/salt/defaults.yaml b/salt/defaults.yaml index 3457a72..c42f5aa 100644 --- a/salt/defaults.yaml +++ b/salt/defaults.yaml @@ -23,3 +23,9 @@ salt: install_from_source: True gitpython: install_from_source: False + + cloud: + template_sources: + providers: salt://salt/files/cloud.providers.d + profiles: salt://salt/files/cloud.profiles.d + maps: salt://salt/files/cloud.maps.d diff --git a/salt/files/cloud.providers.d/ec2.conf b/salt/files/cloud.providers.d/ec2.conf index 9afbcf3..56dab21 100644 --- a/salt/files/cloud.providers.d/ec2.conf +++ b/salt/files/cloud.providers.d/ec2.conf @@ -8,7 +8,7 @@ ec2_ubuntu_public: ssh_interface: public_ips id: {{ cloud.get('aws_key', 'DEFAULT') }} key: '{{ cloud.get('aws_secret', 'DEFAULT') }}' - private_key: /etc/salt/cloud.providers.d/key/key.pem + private_key: /etc/salt/pki/cloud/ec2.pem keyname: keyname location: eu-west-1 availability_zone: eu-west-1a diff --git a/salt/files/cloud.providers.d/gce.conf b/salt/files/cloud.providers.d/gce.conf index 6b90bfb..def68f2 100644 --- a/salt/files/cloud.providers.d/gce.conf +++ b/salt/files/cloud.providers.d/gce.conf @@ -3,7 +3,7 @@ gce: project: "{{ cloud.get('gce_project', 'DEFAULT') }}" service_account_email_address: "{{ cloud.get('gce_service_account_email_address', 'DEFAULT') }}" - service_account_private_key: "/etc/salt/cloud.providers.d/key.pem" + service_account_private_key: "/etc/salt/pki/cloud/gce.pem" minion: master: {{ cloud.get('master', 'salt') }} grains: