Skip to content
Snippets Groups Projects
S

saltmaster

Star 1
Project ID: 17204327
Select Git revision
  • master default protected
  • 3007.0.2
  • 3007.0.1
  • 3007.0
  • 3006.6
  • 3005.1
  • 3006.0
  • 3006.1
  • 3006.2
  • 3000.4
  • 3000.5
  • 3000.6
  • 3001.2
  • 3001.3
  • 3001.4
  • 3002.1
  • 3002.2
  • 3002.5
  • 3002.6
  • 3003
  • 3003.1
21 results
  • Clone with SSH
  • Clone with HTTPS
    • Alex Thomae's avatar
    Merge branch 'switch-docker.io-ecr.aws' into 'master'
    Alex Thomae authored 
    Switch from docker.io to ecr.aws

See merge request !24
    7b3f3747
    History
    Alex Thomae's avatar 7b3f3747
    History
    Name Last commit Last update
    gen-scripts
    .gitlab-ci.yml
    CODE_OF_CONDUCT.md
    CONTRIBUTING.md
    Dockerfile
    LICENSE
    README.md
    entrypoint.sh
    renovate.json
    requirements.txt
    saltinit.py
    ssh-config
    README.md

    saltmaster

    Pipeline Status Docker Image Size (latest) Gitlab Project

    This image started as an extenstion of the (now archived) project /saltstack/open/saltdocker.

    Added / Upgraded

    • Built-in support for gitfs using GitPython
    • Build-in support for gpg
    • Always installs the latest pypi salt version currently available

    Usage

    • Use as you normally would saltstack/salt:latest
    • Mount your SSH private key under /etc/salt/sshkeys/saltmaster
    • Mount your GPG homedir under /etc/salt/gpgkeys

    Note: If you don't supply the SSH private key or the GPG homedir, they will be automatically generated

    Optionally create the keys manually

    SSH Keys:

    docker volume create sshkeys
docker run --rm --volume sshkeys:/etc/salt/sshkeys registry.gitlab.com/ix.ai/saltmaster gen-ssh.sh

    GPG Keyring:

    docker volume create gpgkeys
docker run --rm --volume gpgkeys:/etc/salt/gpgkeys registry.gitlab.com/ix.ai/saltmaster gen-gpg.sh

    Start it up

    docker run --rm \
           --volume sshkeys:/etc/salt/sshkeys \
           --volume gpgkeys:/etc/salt/gpgkeys \
           --volume cache:/var/cache/salt \
           --volume pki:/etc/salt/pki \
           -p 4505:4505 \
           -p 4506:4506 \
           registry.gitlab.com/ix.ai/saltmaster:latest

    Environment Variables

    Inherited from the original project, the Salt image uses several environment variables which are easy to miss. While none of the variables are required, they may significantly aid you in using the image.

    SALT_MASTER_CONFIG

    A JSON object. This variable is dumped to /etc/salt/master.d/master.conf and can be used to provide extra config for the salt master.

    SALT_API_CONFIG

    A JSON object. This variable is dumped to /etc/salt/master.d/api.conf, and defaults to the following.

    rest_cherrypy:
  port: 8000,
  ssl_crt: /etc/pki/tls/certs/localhost.crt
  ssl_key: /etc/pki/tls/certs/localhost.key
external_auth:
    sharedsecret:
        salt: ['.*', '@wheel', '@jobs', '@runner']
sharedsecret: $SALT_SHARED_SECRET

    SALT_SHARED_SECRET

    If this environment variable is set, it will set the sharedsecret variable for using the salt-api with the salt user.

    Version tags

    • registry.gitlab.com/ix.ai/saltmaster:dev-master is the latest build on the master branch
    • registry.gitlab.com/ix.ai/saltmaster:latest is the latest build on a git tag
    • all other tags follow the salt releases

    Warning: The build on the master branch always installs the latest pypi salt version at the time of the pipeline run!

    Multi-Arch Support

    Starting with 3005.1, multi-arch support was enabled for this image. This was disabled again in 3007.1 and currently only AMD64 is supported.

    Resources