From cea8a87706c1686a7c66a1b7517192293083a4e9 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 14 Mar 2019 10:07:50 +0100 Subject: [PATCH] committing changes in /etc after apt run Package changes: -icinga2 2.10.2-1.stretch amd64 -icinga2-bin 2.10.2-1.stretch amd64 -icinga2-common 2.10.2-1.stretch all -icinga2-ido-pgsql 2.10.2-1.stretch amd64 +icinga2 2.10.3-1.stretch amd64 +icinga2-bin 2.10.3-1.stretch amd64 +icinga2-common 2.10.3-1.stretch all +icinga2-ido-pgsql 2.10.3-1.stretch amd64 -libapache2-mod-php7.0 7.0.33-0+deb9u1 amd64 +libapache2-mod-php7.0 7.0.33-0+deb9u3 amd64 -libldb1 2:1.1.27-1+b1 amd64 +libldb1 2:1.1.27-1+deb9u1 amd64 -libopenjp2-7 2.1.2-1.1+deb9u2 amd64 +libopenjp2-7 2.1.2-1.1+deb9u3 amd64 -libssl1.0.2 1.0.2q-1~deb9u1 amd64 +libssl1.0.2 1.0.2r-1~deb9u1 amd64 -linux-image-4.9.0-8-amd64 4.9.144-3 amd64 +linux-image-4.9.0-8-amd64 4.9.144-3.1 amd64 -openssh-client 1:7.4p1-10+deb9u5 amd64 -openssh-server 1:7.4p1-10+deb9u5 amd64 -openssh-sftp-server 1:7.4p1-10+deb9u5 amd64 +openssh-client 1:7.4p1-10+deb9u6 amd64 +openssh-server 1:7.4p1-10+deb9u6 amd64 +openssh-sftp-server 1:7.4p1-10+deb9u6 amd64 -php7.0 7.0.33-0+deb9u1 all -php7.0-bz2 7.0.33-0+deb9u1 amd64 -php7.0-cli 7.0.33-0+deb9u1 amd64 -php7.0-common 7.0.33-0+deb9u1 amd64 -php7.0-curl 7.0.33-0+deb9u1 amd64 -php7.0-gd 7.0.33-0+deb9u1 amd64 -php7.0-gmp 7.0.33-0+deb9u1 amd64 -php7.0-imap 7.0.33-0+deb9u1 amd64 -php7.0-intl 7.0.33-0+deb9u1 amd64 -php7.0-json 7.0.33-0+deb9u1 amd64 -php7.0-ldap 7.0.33-0+deb9u1 amd64 -php7.0-mbstring 7.0.33-0+deb9u1 amd64 -php7.0-mcrypt 7.0.33-0+deb9u1 amd64 -php7.0-mysql 7.0.33-0+deb9u1 amd64 -php7.0-opcache 7.0.33-0+deb9u1 amd64 -php7.0-pgsql 7.0.33-0+deb9u1 amd64 -php7.0-readline 7.0.33-0+deb9u1 amd64 -php7.0-tidy 7.0.33-0+deb9u1 amd64 -php7.0-xml 7.0.33-0+deb9u1 amd64 -php7.0-zip 7.0.33-0+deb9u1 amd64 +php7.0 7.0.33-0+deb9u3 all +php7.0-bz2 7.0.33-0+deb9u3 amd64 +php7.0-cli 7.0.33-0+deb9u3 amd64 +php7.0-common 7.0.33-0+deb9u3 amd64 +php7.0-curl 7.0.33-0+deb9u3 amd64 +php7.0-gd 7.0.33-0+deb9u3 amd64 +php7.0-gmp 7.0.33-0+deb9u3 amd64 +php7.0-imap 7.0.33-0+deb9u3 amd64 +php7.0-intl 7.0.33-0+deb9u3 amd64 +php7.0-json 7.0.33-0+deb9u3 amd64 +php7.0-ldap 7.0.33-0+deb9u3 amd64 +php7.0-mbstring 7.0.33-0+deb9u3 amd64 +php7.0-mcrypt 7.0.33-0+deb9u3 amd64 +php7.0-mysql 7.0.33-0+deb9u3 amd64 +php7.0-opcache 7.0.33-0+deb9u3 amd64 +php7.0-pgsql 7.0.33-0+deb9u3 amd64 +php7.0-readline 7.0.33-0+deb9u3 amd64 +php7.0-tidy 7.0.33-0+deb9u3 amd64 +php7.0-xml 7.0.33-0+deb9u3 amd64 +php7.0-zip 7.0.33-0+deb9u3 amd64 -salt-common 2018.3.3+ds-2 all -salt-minion 2018.3.3+ds-2 all +salt-common 2019.2.0+ds-1 all +salt-minion 2019.2.0+ds-1 all -vim-icinga2 2.10.2-1.stretch all +vim-icinga2 2.10.3-1.stretch all --- apt/apt.conf.d/01autoremove-kernels | 14 +++---- salt/minion | 65 +++++++++++++++++++---------- salt/minion.d/_schedule.conf | 2 +- salt/proxy | 27 ++++++------ 4 files changed, 65 insertions(+), 43 deletions(-) diff --git a/apt/apt.conf.d/01autoremove-kernels b/apt/apt.conf.d/01autoremove-kernels index 6a45724..a54d436 100644 --- a/apt/apt.conf.d/01autoremove-kernels +++ b/apt/apt.conf.d/01autoremove-kernels @@ -27,20 +27,20 @@ APT::NeverAutoRemove /* Debug information: # dpkg list: ii linux-image-4.9.0-6-amd64 4.9.88-1+deb9u1 amd64 Linux 4.9 for 64-bit PCs -iF linux-image-4.9.0-8-amd64 4.9.144-3 amd64 Linux 4.9 for 64-bit PCs +iF linux-image-4.9.0-8-amd64 4.9.144-3.1 amd64 Linux 4.9 for 64-bit PCs ii linux-image-amd64 4.9+80+deb9u6 amd64 Linux for 64-bit PCs (meta-package) # list of installed kernel packages: 4.9.0-6-amd64 4.9.88-1+deb9u1 -4.9.0-8-amd64 4.9.144-3 +4.9.0-8-amd64 4.9.144-3.1 # list of different kernel versions: -4.9.144-3 +4.9.144-3.1 4.9.88-1+deb9u1 -# Installing kernel: 4.9.144-3 (4.9.0-8-amd64) -# Running kernel: 4.9.144-3 (4.9.0-8-amd64) -# Last kernel: 4.9.144-3 +# Installing kernel: 4.9.144-3.1 (4.9.0-8-amd64) +# Running kernel: 4.9.144-3.1 (4.9.0-8-amd64) +# Last kernel: 4.9.144-3.1 # Previous kernel: 4.9.88-1+deb9u1 # Kernel versions list to keep: -4.9.144-3 +4.9.144-3.1 4.9.88-1+deb9u1 # Kernel packages (version part) to protect: 4\.9\.0-6-amd64 diff --git a/salt/minion b/salt/minion index 41b507b..f2b6655 100644 --- a/salt/minion +++ b/salt/minion @@ -21,15 +21,19 @@ #proxy_username: #proxy_password: +# List of hosts to bypass HTTP proxy. This key does nothing unless proxy_host etc is +# configured, it does not support any kind of wildcards. +#no_proxy: [] + # If multiple masters are specified in the 'master' setting, the default behavior -# is to always try to connect to them in the order they are listed. If random_master is -# set to True, the order will be randomized instead. This can be helpful in distributing -# the load of many minions executing salt-call requests, for example, from a cron job. -# If only one master is listed, this setting is ignored and a warning will be logged. -# NOTE: If master_type is set to failover, use master_shuffle instead. +# is to always try to connect to them in the order they are listed. If random_master +# is set to True, the order will be randomized upon Minion startup instead. This can +# be helpful in distributing the load of many minions executing salt-call requests, +# for example, from a cron job. If only one master is listed, this setting is ignored +# and a warning will be logged. #random_master: False -# Use if master_type is set to failover. +# NOTE: Deprecated in Salt 2019.2.0. Use 'random_master' instead. #master_shuffle: False # Minions can connect to multiple masters simultaneously (all masters @@ -66,6 +70,11 @@ # Set to zero if the minion should shutdown and not retry. # retry_dns: 30 +# Set the number of times to attempt to resolve +# the master hostname if name resolution fails. Defaults to None, +# which will attempt the resolution indefinitely. +# retry_dns_count: 3 + # Set the port used by the master reply and authentication server. #master_port: 4506 @@ -148,6 +157,11 @@ # Set the directory used to hold unix sockets. #sock_dir: /var/run/salt/minion +# The minion can take a while to start up when lspci and/or dmidecode is used +# to populate the grains for the minion. Set this to False if you do not need +# GPU hardware grains for your minion. +# enable_gpu_grains: True + # Set the default outputter used by the salt-call command. The default is # "nested". #output: nested @@ -380,7 +394,7 @@ # process communications. Set ipc_mode to 'tcp' on such systems #ipc_mode: ipc -# Overwrite the default tcp ports used by the minion when in tcp mode +# Overwrite the default tcp ports used by the minion when ipc_mode is set to 'tcp' #tcp_pub_port: 4510 #tcp_pull_port: 4511 @@ -389,6 +403,16 @@ # minion event bus. The value is expressed in bytes. #max_event_size: 1048576 +# When a minion starts up it sends a notification on the event bus with a tag +# that looks like this: `salt/minion//start`. For historical reasons +# the minion also sends a similar event with an event tag like this: +# `minion_start`. This duplication can cause a lot of clutter on the event bus +# when there are many minions. Set `enable_legacy_startup_events: False` in the +# minion config to ensure only the `salt/minion//start` events are +# sent. Beginning with the `Sodium` Salt release this option will default to +# `False` +#enable_legacy_startup_events: True + # To detect failed master(s) and fire events on connect/disconnect, set # master_alive_interval to the number of seconds to poll the masters for # connection events. @@ -463,19 +487,18 @@ ##### State Management Settings ##### ########################################### -# The state management system executes all of the state templates on the minion -# to enable more granular control of system state management. The type of -# template and serialization used for state management needs to be configured -# on the minion, the default renderer is yaml_jinja. This is a yaml file -# rendered from a jinja template, the available options are: -# yaml_jinja -# yaml_mako -# yaml_wempy -# json_jinja -# json_mako -# json_wempy -# -#renderer: yaml_jinja +# The default renderer to use in SLS files. This is configured as a +# pipe-delimited expression. For example, jinja|yaml will first run jinja +# templating on the SLS file, and then load the result as YAML. This syntax is +# documented in further depth at the following URL: +# +# https://docs.saltstack.com/en/latest/ref/renderers/#composing-renderers +# +# NOTE: The "shebang" prefix (e.g. "#!jinja|yaml") described in the +# documentation linked above is for use in an SLS file to override the default +# renderer, it should not be used when configuring the renderer here. +# +#renderer: jinja|yaml # # The failhard option tells the minions to stop immediately after the first # failure detected in the state execution. Defaults to False. @@ -720,7 +743,7 @@ #key_logfile: /var/log/salt/key # The level of messages to send to the console. -# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. +# One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'. # # The following log levels are considered INSECURE and may log sensitive data: # ['garbage', 'trace', 'debug'] diff --git a/salt/minion.d/_schedule.conf b/salt/minion.d/_schedule.conf index d134ea4..087241f 100644 --- a/salt/minion.d/_schedule.conf +++ b/salt/minion.d/_schedule.conf @@ -1,3 +1,3 @@ schedule: __mine_interval: {enabled: true, function: mine.update, jid_include: true, maxrunning: 2, - minutes: 60, return_job: false} + minutes: 60, return_job: false, run_on_start: true} diff --git a/salt/proxy b/salt/proxy index 908dd25..757941e 100644 --- a/salt/proxy +++ b/salt/proxy @@ -356,19 +356,18 @@ ##### State Management Settings ##### ########################################### -# The state management system executes all of the state templates on the minion -# to enable more granular control of system state management. The type of -# template and serialization used for state management needs to be configured -# on the minion, the default renderer is yaml_jinja. This is a yaml file -# rendered from a jinja template, the available options are: -# yaml_jinja -# yaml_mako -# yaml_wempy -# json_jinja -# json_mako -# json_wempy -# -#renderer: yaml_jinja +# The default renderer to use in SLS files. This is configured as a +# pipe-delimited expression. For example, jinja|yaml will first run jinja +# templating on the SLS file, and then load the result as YAML. This syntax is +# documented in further depth at the following URL: +# +# https://docs.saltstack.com/en/latest/ref/renderers/#composing-renderers +# +# NOTE: The "shebang" prefix (e.g. "#!jinja|yaml") described in the +# documentation linked above is for use in an SLS file to override the default +# renderer, it should not be used when configuring the renderer here. +# +#renderer: jinja|yaml # # The failhard option tells the minions to stop immediately after the first # failure detected in the state execution. Defaults to False. @@ -543,7 +542,7 @@ #key_logfile: /var/log/salt/key # The level of messages to send to the console. -# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. +# One of 'garbage', 'trace', 'debug', 'info', 'warning', 'error', 'critical'. # # The following log levels are considered INSECURE and may log sensitive data: # ['garbage', 'trace', 'debug'] -- 2.39.5