top.sls 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
  1. base:
  2. # Base config for all minions
  3. '*':
  4. - ffinfo
  5. - apt
  6. - bash
  7. - certs
  8. - icinga2
  9. - kernel
  10. - locales
  11. - mosh
  12. - motd
  13. - needrestart
  14. - nftables
  15. - network
  16. - ntp
  17. - postfix
  18. - prometheus-exporters
  19. - rsyslog
  20. - salt-minion
  21. - screen
  22. - snmpd
  23. - ssh
  24. - sysctl
  25. - systemd
  26. - timezone
  27. - users
  28. - vim
  29. - unattended-upgrades
  30. - utils
  31. #
  32. # Roles
  33. #
  34. # Router
  35. nodes:{{ grains['id'] }}:roles:router:
  36. - match: pillar
  37. - bird
  38. # acme
  39. nodes:{{ grains['id'] }}:roles:acme:
  40. - match: pillar
  41. - acme
  42. # Batman node
  43. nodes:{{ grains['id'] }}:roles:batman:
  44. - match: pillar
  45. - batman
  46. - respondd
  47. # # Batman gateway
  48. # nodes:{{ grains['id'] }}:roles:batman_gw:
  49. # - match: pillar
  50. # - dhcp-server
  51. # Build-Server
  52. nodes:{{ grains['id'] }}:roles:build:
  53. - match: pillar
  54. - build
  55. # burp client/server
  56. nodes:{{ grains['id'] }}:tags:backup:
  57. - match: pillar
  58. - burp.client
  59. nodes:{{ grains['id'] }}:roles:burp.server:
  60. - match: pillar
  61. - burp.server
  62. # Fastd
  63. nodes:{{ grains['id'] }}:roles:fastd:
  64. - match: pillar
  65. - fastd
  66. # Grafana
  67. nodes:{{ grains['id'] }}:roles:grafana:
  68. - match: pillar
  69. - grafana
  70. # gogs
  71. nodes:{{ grains['id'] }}:roles:gogs:
  72. - match: pillar
  73. - gogs
  74. # graylog
  75. nodes:{{ grains['id'] }}:roles:graylog:
  76. - match: pillar
  77. - graylog
  78. # icingaweb2
  79. nodes:{{ grains['id'] }}:roles:icinga2server:
  80. - match: pillar
  81. - icingaweb2
  82. # KVM hosts
  83. nodes:{{ grains['id'] }}:roles:kvm:
  84. - match: pillar
  85. - kvm
  86. # (Authoritive?) DNS server
  87. nodes:{{ grains['id'] }}:roles:dns-server:
  88. - match: pillar
  89. - dns-server
  90. # Webfrontend
  91. nodes:{{ grains['id'] }}:roles:frontend:
  92. - match: pillar
  93. - nginx
  94. # DSL / PPPoE
  95. nodes:{{ grains['id'] }}:roles:pppoe:
  96. - match: pillar
  97. - pppoe
  98. # InfluxDB
  99. nodes:{{ grains['id'] }}:roles:influxdb:
  100. - match: pillar
  101. - influxdb
  102. # webserver
  103. nodes:{{ grains['id'] }}:roles:webserver:
  104. - match: pillar
  105. - nginx
  106. # yanic
  107. nodes:{{ grains['id'] }}:roles:yanic:
  108. - match: pillar
  109. - yanic
  110. # Docker
  111. nodes:{{ grains['id'] }}:roles:docker:
  112. - match: pillar
  113. - docker
  114. # LibreNMS
  115. nodes:{{ grains['id'] }}:roles:librenms:
  116. - match: pillar
  117. - librenms
  118. # Promtheus
  119. nodes:{{ grains['id'] }}:role:prometheus-server:
  120. - match: pillar
  121. - grafana
  122. - prometheus-server
  123. - nginx
  124. # Anycasted infrastructure services
  125. nodes:{{ grains['id'] }}:role:infra-services:
  126. - match: pillar
  127. - anycast-healthchecker
  128. - dns-server
  129. - slapd
  130. - nginx
  131. - install-server