actcur/salt
3
0
Fork 0
Code Issues 5 Pull requests Projects Releases Wiki Activity

created lxc, dl and rtorent states and servers, converted radarr, sonarr, jacket and rtorrent to lxc containers on dl

Browse source
This commit is contained in:
Beth Parker 2018-05-07 07:38:11 -05:00
parent 22d7228930
commit 3192a3f95a
44 changed files with 2524 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pillars/roles/aurpkgs/git.sls
View file

@ -1,4 +1,3 @@
aur: aur:
pkgs: pkgs:
glide-git: []
gogs: [] gogs: []

2
pillars/roles/aurpkgs/ombi.sls
View file

@ -1,3 +1,3 @@
aur: aur:
pkgs: pkgs:
ombi-beta: [] ombi: []

3
pillars/roles/aurpkgs/rtorrent.sls Normal file
View file

@ -0,0 +1,3 @@
aur:
pkgs:
rutorrent: []

1
pillars/roles/init.sls
View file

@ -10,3 +10,4 @@ include:
- roles.database - roles.database
- roles.services - roles.services
- roles.laradev - roles.laradev
- roles.lxc

3
pillars/roles/lxc/container_profiles.sls Normal file
View file

@ -0,0 +1,3 @@
lxc.container_profile:
base:
template: none

11
pillars/roles/lxc/dl.sls Normal file
View file

@ -0,0 +1,11 @@
lxc:
rtorrent:
bind_dirs:
- mnt/video
sonarr:
bind_dirs:
- mnt/video
radarr:
bind_dirs:
- mnt/video
jackett: []

13
pillars/roles/lxc/init.sls Normal file
View file

@ -0,0 +1,13 @@
{% set states = salt['cp.list_states'](saltenv) %}
include:
- roles.lxc.container_profiles
{%- if grains['roles'] is defined -%}
{%- if grains['roles'] is not none -%}
{%- for role in grains['roles'] %}
{%- if 'pillars.roles.lxc.'+role in states %}
- roles.lxc.{{ role }}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{%- endif -%}

0
pillars/roles/lxc/none.sls Normal file
View file

0
pillars/roles/mount/radarr.sls → pillars/roles/mount/dl.sls
View file

7
pillars/roles/mount/lxc.sls Normal file
View file

@ -0,0 +1,7 @@
mount:
sshfs:
/mnt/lxc_backups:
name: lxc_backups
host: host.actcur.com
directory: /mnt/butter/lxc_backups
user: mount

7
pillars/roles/mount/sonarr.sls
View file

@ -1,7 +0,0 @@
mount:
sshfs:
/mnt/video:
name: video
host: host.actcur.com
directory: /mnt/butter/video
user: mount

43
pillars/roles/nginx/dl.sls Normal file
View file

@ -0,0 +1,43 @@
nginx:
rtorrent:
auth: 2fa
https:
port: 5080
prot: http
radarr:
auth: 2fa
default: no
https:
port: 7878
prot: http
sonarr:
auth: 2fa
default: no
https:
port: 8989
prot: http
jackett:
auth: 2fa
default: no
https:
port: 9117
prot: http
portal:
Media:
rtorrent:
name: Torrents
summary: Rtorrent Torrent Server
public: false
radarr:
name: Movie Downloader
summary: Radarr Server
public: false
sonarr:
name: TV Show Downloader
summary: Sonarr Server
public: false
jackett:
name: Torrent Indexers
summary: Jackett Server
public: false

13
pillars/roles/nginx/jackett.sls
View file

@ -1,13 +0,0 @@
nginx:
jackett:
auth: 2fa
https:
port: 9117
prot: http
portal:
Media:
jackett:
name: Torrent Indexers
summary: Jackett Server
public: false

13
pillars/roles/nginx/radarr.sls
View file

@ -1,13 +0,0 @@
nginx:
radarr:
auth: 2fa
https:
port: 7878
prot: http
portal:
Media:
radarr:
name: Movie Downloader
summary: Radarr Server
public: false

13
pillars/roles/nginx/sonarr.sls
View file

@ -1,13 +0,0 @@
nginx:
sonarr:
auth: 2fa
https:
port: 8989
prot: http
portal:
Media:
sonarr:
name: TV Show Downloader
summary: Sonarr Server
public: false

1
pillars/servers/env/server/dl.sls vendored Normal file
View file

@ -0,0 +1 @@
env: prod

1
pillars/servers/env/server/rtorrent.sls vendored Normal file
View file

@ -0,0 +1 @@
env: prod

3
pillars/servers/maintainer/server/dl.sls Normal file
View file

@ -0,0 +1,3 @@
maintainer:
- masaufuku

3
pillars/servers/maintainer/server/rtorrent.sls Normal file
View file

@ -0,0 +1,3 @@
maintainer:
- masaufuku

9
pillars/servers/roles/server/dl.sls Normal file
View file

@ -0,0 +1,9 @@
grains:
roles:
- server
- ssh
- nrpe
- saltminion
- lxc
- dl
- nginx-proxy

3
pillars/servers/roles/server/jackett.sls
View file

@ -1,8 +1,7 @@
grains: grains:
roles: roles:
- server - server
- ssh
- nrpe - nrpe
- saltminion - saltminion
- nginx-proxy - lxc_container
- jackett - jackett

3
pillars/servers/roles/server/radarr.sls
View file

@ -1,8 +1,7 @@
grains: grains:
roles: roles:
- server - server
- ssh
- nrpe - nrpe
- saltminion - saltminion
- nginx-proxy - lxc_container
- radarr - radarr

7
pillars/servers/roles/server/rtorrent.sls Normal file
View file

@ -0,0 +1,7 @@
grains:
roles:
- server
- nrpe
- saltminion
- lxc_container
- rtorrent

3
pillars/servers/roles/server/sonarr.sls
View file

@ -1,9 +1,8 @@
grains: grains:
roles: roles:
- server - server
- ssh
- nrpe - nrpe
- saltminion - saltminion
- nginx-proxy - lxc_container
- sonarr - sonarr
- ytdownloader - ytdownloader

4
states/basepkgs/init.sls
View file

@ -36,7 +36,3 @@ basepkgs:
blarg: blarg:
pkg.installed pkg.installed
{% endif %} {% endif %}
sshd:
service.running:
- enable: True

8
states/roles/maintain/jackett/init.sls Normal file
View file

@ -0,0 +1,8 @@
#package is in aur repo
jackett:
pkg.installed
jackett_service:
service.running:
- name: jackett
- enable: true

18
states/roles/maintain/lxc/container.conf Normal file
View file

@ -0,0 +1,18 @@
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = x86_64
# Container specific configuration
lxc.rootfs.path = dir:/var/lib/lxc/{{container}}/rootfs
lxc.uts.name = {{container}}
# Network configuration
lxc.net.0.type = none
{%- for bind_dir in bind_dirs %}
lxc.mount.entry=/{{bind_dir}} {{bind_dir}} none bind 0 0
{%- endfor %}
{%- for overlay_dir in overlay_dirs %}
lxc.mount.entry=overlay {{overlay_dir}} overlay lowerdir=/{{overlay_dir}},upperdir=/var/lib/lxc/{{container}}/upperdirs/{{overlay_dir}},workdir=/var/lib/lxc/{{container}}/workdirs/{{overlay_dir}} 0 0
{%- endfor %}

135
states/roles/maintain/lxc/init.sls Normal file
View file

@ -0,0 +1,135 @@
lxc:
pkg.installed
lxc-create-symlink:
file.symlink:
- name: /lxc
- target: /var/lib/lxc
{%- if pillar['lxc'] is defined -%}
{%- for container in pillar['lxc'] %}
{{container}}-create:
lxc.present:
- name: {{container}}
- profile: base
{% set bind_dirs = ['tmp'] %}
{%- set overlay_dirs = ['etc','opt','srv','usr','var','root'] -%}
{%- set hidden_files = ['etc/salt/minion_id','etc/salt/grains','etc/fstab'] -%}
{%- set hidden_dirs = ['etc/systemd/system/multi-user.target.wants','etc/salt/pki','etc/nginx/certs','etc/nginx/conf.d'] -%}
{%- set base_dirs = ['boot','dev','etc','home','mnt','opt','proc','run','srv','sys','tmp','usr','var'] -%}
{%- set symlinks = {'bin':'usr/bin','lib':'usr/lib','lib64':'usr/lib','sbin':'usr/bin'} -%}
{%- if pillar['lxc'][container]['bind_dirs'] is defined -%}
{% for bind_dir in pillar['lxc'][container]['bind_dirs'] if bind_dir not in bind_dirs %}
{% do bind_dirs.append(bind_dir) %}
{% endfor %}
{%- endif -%}
{%- if pillar['lxc'][container]['overlay_dirs'] is defined -%}
{% for overlay_dir in pillar['lxc'][container]['overlay_dirs'] if overlay_dir not in overlay_dirs %}
{% do overlay_dirs.append(overlay_dir) %}
{% endfor -%}
{%- endif -%}
{%- if pillar['lxc'][container]['hidden_files'] is defined -%}
{% for hidden_file in pillar['lxc'][container]['hidden_files'] if hidden_file not in hidden_files %}
{% do hidden_files.append(hidden_file) %}
{% endfor -%}
{%- endif -%}
{%- if pillar['lxc'][container]['hidden_dirs'] is defined -%}
{% for hidden_dir in pillar['lxc'][container]['hidden_dirs'] if hidden_dir not in hidden_dirs %}
{% do hidden_dirs.append(hidden_dir) %}
{% endfor -%}
{%- endif -%}
{%- if pillar['lxc'][container]['symlinks'] is defined -%}
{% do symlinks.update(pillar['lxc'][container]['symlinks']) %}
{%- endif %}
{{container}}-config:
file.managed:
- name: /var/lib/lxc/{{container}}/config
- source: salt://roles/maintain/lxc/container.conf
- template: jinja
- context:
container: {{container}}
bind_dirs: {{bind_dirs}}
overlay_dirs: {{overlay_dirs}}
{{container}}-create-rootfs:
file.directory:
- name: /var/lib/lxc/{{container}}/rootfs/
{{container}}-create-upperdirs:
file.directory:
- name: /var/lib/lxc/{{container}}/upperdirs/
{{container}}-create-workdirs:
file.directory:
- name: /var/lib/lxc/{{container}}/workdirs/
{%- for overlay_dir in overlay_dirs %}
{{container}}-create-upperdir-{{overlay_dir}}:
file.directory:
- name: /var/lib/lxc/{{container}}/upperdirs/{{overlay_dir}}
{{container}}-create-workdir-{{overlay_dir}}:
file.directory:
- name: /var/lib/lxc/{{container}}/workdirs/{{overlay_dir}}
{{container}}-create-rootfs-{{overlay_dir}}:
file.directory:
- name: /var/lib/lxc/{{container}}/rootfs/{{overlay_dir}}
{%- endfor %}
{%- for bind_dir in bind_dirs %}
{{container}}-create-rootfs-{{bind_dir}}:
file.directory:
- name: /var/lib/lxc/{{container}}/rootfs/{{bind_dir}}
- makedirs: true
{%- endfor %}
{%- for base_dir in base_dirs %}
{{container}}-create-{{base_dir}}:
file.directory:
- name: /var/lib/lxc/{{container}}/rootfs/{{base_dir}}
{%- endfor %}
{%- for symlink in symlinks %}
{{container}}-create-{{symlink}}:
file.symlink:
- name: /var/lib/lxc/{{container}}/rootfs/{{symlink}}
- target: {{symlinks[symlink]}}
{%- endfor %}
{%- for hidden_file in hidden_files %}
{%- set directory = hidden_file | regex_search('.*\/') -%}
{%- if pillar['lxc'][container]['hidden_dirs'] is defined -%}
{{container}}-mkdir-for-{{hidden_file}}:
file.directory:
- name: /var/lib/lxc/{{container}}/upperdirs/{{directory}}
- makedirs: true
{% endif %}
{{container}}-whiteout-{{hidden_file}}:
file.mknod:
- name: /var/lib/lxc/{{container}}/upperdirs/{{hidden_file}}
- ntype: c
- major: 0
- minor: 0
- user: root
- group: root
- mode: 400
- onlyif: 'test ! -e /var/lib/lxc/{{container}}/upperdirs/{{hidden_file}}'
{%- endfor %}
{%- for hidden_dir in hidden_dirs %}
{{container}}-create-{{hidden_dir}}:
file.directory:
- name: /var/lib/lxc/{{container}}/upperdirs/{{hidden_dir}}
- makedirs: true
{{container}}-hide-{{hidden_dir}}:
cmd.run:
- name: 'setfattr -n trusted.overlay.opaque -v y "/var/lib/lxc/{{container}}/upperdirs/{{hidden_dir}}"'
{%- endfor %}
{{container}}-running:
service.running:
- name: lxc@{{container}}.service
- enable: true
{%- endfor %}
{%- endif %}

5
states/roles/maintain/nginx-proxy/default.conf Normal file
View file

@ -0,0 +1,5 @@
server {
listen 80 default_server;
server_name _;
rewrite ^ https://$host$request_uri? permanent;
}

8
states/roles/maintain/nginx-proxy/init.sls
View file

@ -86,4 +86,12 @@ nginx:
- dir_mode: 755 - dir_mode: 755
- file_mode: 400 - file_mode: 400
- clean: true - clean: true
{%- else %}
/etc/nginx/conf.d/default.conf:
file.managed:
- mkdirs: true
- source: salt://roles/maintain/nginx-proxy/default.conf
- user: root
- group: root
- mode: 644
{%- endif -%} {%- endif -%}

6
states/roles/maintain/nginx-proxy/local.conf
View file

@ -71,10 +71,4 @@ server {
error_log /var/log/nginx/{{server}}_error.log; error_log /var/log/nginx/{{server}}_error.log;
access_log /var/log/nginx/{{server}}_access.log; access_log /var/log/nginx/{{server}}_access.log;
} }
{% elif default == "yes" %}
server {
listen 80 default_server;
server_name _;
rewrite ^ https://$host$request_uri? permanent;
}
{%- endif -%} {%- endif -%}

77
states/roles/maintain/rtorrent/init.sls Normal file
View file

@ -0,0 +1,77 @@
rtorrent:
pkg.installed
rutorrent:
pkg.installed
rtorrent_nginx:
pkg.installed:
- name: nginx
service.running:
- name: nginx
- enable: true
- watch:
- file: /etc/nginx/nginx.conf
rtorrent-screen:
pkg.installed:
- name: screen
plugin-pkgs:
pkg.installed:
- pkgs:
- ffmpeg
- mediainfo
- unrar
- unzip
rtorrent-php:
pkg.installed:
- name: php
rtorrent-php-fpm:
pkg.installed:
- name: php-fpm
service.running:
- name: php-fpm
- enable: true
- watch:
- file: /etc/php/php.ini
/etc/nginx/nginx.conf:
file.managed:
- source: salt://roles/maintain/rtorrent/nginx.conf
- user: root
- group: root
- mode: 644
/etc/php/php.ini:
file.managed:
- source: salt://roles/maintain/rtorrent/php.ini
- user: root
- group: root
- mode: 644
/etc/webapps/rutorrent/conf/config.php:
file.managed:
- source: salt://roles/maintain/rtorrent/rutorrent.conf
- user: root
- group: root
- mode: 644
/root/.rtorrent.rc:
file.managed:
- source: salt://roles/maintain/rtorrent/rtorrent.rc
- user: root
- group: root
- mode: 644
- mkdirs: true
/etc/systemd/system/rtorrent.service:
file.managed:
- source: salt://roles/maintain/rtorrent/rtorrent.service
- user: root
- group: root
- mode: 644
- mkdirs: true
rtorrent_service:
service.running:
- name: rtorrent
- enable: true
- watch:
- file: /root/.rtorrent.rc

31
states/roles/maintain/rtorrent/nginx.conf Normal file
View file

@ -0,0 +1,31 @@
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 5080;
server_name localhost;
root /usr/share/webapps/rutorrent;
location / {
index index.html index.htm;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location /RPC2 {
include scgi_params;
scgi_pass localhost:5000;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
}

1930
states/roles/maintain/rtorrent/php.ini Normal file
View file

File diff suppressed because it is too large Load diff

81
states/roles/maintain/rtorrent/rtorrent.rc Normal file
View file

@ -0,0 +1,81 @@
# Maximum and minimum number of peers to connect to per torrent.
min_peers = 40
max_peers = 100
# Same as above but for seeding completed torrents (-1 = same as downloading)
min_peers_seed = 25
max_peers_seed = 60
# Maximum number of simultaneous uploads per torrent.
max_uploads = 30
# Global upload and download rate in KiB. "0" for unlimited.
#download_rate = 0
#upload_rate = 0
# Default directory to save the downloaded torrents.
directory = /mnt/video/rtorrent/downloads
# Default session directory. Make sure you don't run multiple instance
# of rtorrent using the same session directory. Perhaps using a
# relative path?
session = /mnt/video/rtorrent/.session
# Watch a directory for new torrents, and stop those that have been
# deleted.
schedule = watch_directory,5,5,load_start=/home/downloads/~watch/*.torrent
# Close torrents when diskspace is low.
schedule = low_diskspace,5,60,close_low_diskspace=10240M
# The ip address reported to the tracker.
#ip = 127.0.0.1
#ip = rakshasa.no
# The ip address the listening socket and outgoing connections is
# bound to.
#bind = 127.0.0.1
#bind = rakshasa.no
# Port range to use for listening.
port_range = 55950-56000
# Start opening ports at a random position within the port range.
port_random = yes
# Check hash for finished torrents. Might be usefull until the bug is
# fixed that causes lack of diskspace not to be properly reported.
check_hash = yes
# Set whether the client should try to connect to UDP trackers.
use_udp_trackers = yes
# Alternative calls to bind and ip that should handle dynamic ip's.
#schedule = ip_tick,0,1800,ip=rakshasa
#schedule = bind_tick,0,1800,bind=rakshasa
# Encryption options, set to none (default) or any combination of the following:
# allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext
#
# The example value allows incoming encrypted connections, starts unencrypted
# outgoing connections but retries with encryption if they fail, preferring
# plaintext to RC4 encryption after the encrypted handshake
#
encryption = allow_incoming,enable_retry,prefer_plaintext
# Enable DHT support for trackerless torrents or when all trackers are down.
# May be set to "disable" (completely disable DHT), "off" (do not start DHT),
# "auto" (start and stop DHT as needed), or "on" (start DHT immediately).
# The default is "off". For DHT to work, a session directory must be defined.
#
dht = on
# UDP port to use for DHT.
#
# dht_port = 6881
# Enable peer exchange (for torrents not marked private)
#
peer_exchange = yes
scgi_port = 127.0.0.1:5000

14
states/roles/maintain/rtorrent/rtorrent.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=rTorrent
After=network.target
[Service]
User=root
Type=forking
KillMode=none
ExecStart=/usr/bin/screen -d -m -fa -S rtorrent /usr/bin/rtorrent
ExecStop=/usr/bin/killall -w -s 2 /usr/bin/rtorrent
WorkingDirectory=%h
[Install]
WantedBy=default.target

64
states/roles/maintain/rtorrent/rutorrent.conf Normal file
View file

@ -0,0 +1,64 @@
<?php
// configuration parameters
// for snoopy client
@define('HTTP_USER_AGENT', 'Mozilla/5.0 (Windows NT 6.0; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0', true);
@define('HTTP_TIME_OUT', 30, true); // in seconds
@define('HTTP_USE_GZIP', true, true);
$httpIP = null; // IP string. Or null for any.
@define('RPC_TIME_OUT', 5, true); // in seconds
@define('LOG_RPC_CALLS', false, true);
@define('LOG_RPC_FAULTS', true, true);
// for php
@define('PHP_USE_GZIP', false, true);
@define('PHP_GZIP_LEVEL', 2, true);
$schedule_rand = 10; // rand for schedulers start, +0..X seconds
$do_diagnostic = true;
$log_file = '/tmp/errors.log'; // path to log file (comment or leave blank to disable logging)
$saveUploadedTorrents = true; // Save uploaded torrents to profile/torrents directory or not
$overwriteUploadedTorrents = false; // Overwrite existing uploaded torrents in profile/torrents directory or make unique name
$topDirectory = '/'; // Upper available directory. Absolute path with trail slash.
$forbidUserSettings = false;
$scgi_port = 5000;
$scgi_host = "127.0.0.1";
// For web->rtorrent link through unix domain socket
// (scgi_local in rtorrent conf file), change variables
// above to something like this:
//
// $scgi_port = 0;
// $scgi_host = "unix:///tmp/rpc.socket";
$XMLRPCMountPoint = "/RPC2"; // DO NOT DELETE THIS LINE!!! DO NOT COMMENT THIS LINE!!!
$pathToExternals = array(
"php" => '', // Something like /usr/bin/php. If empty, will be found in PATH.
"curl" => '/bin/curl', // Something like /usr/bin/curl. If empty, will be found in PATH.
"gzip" => '', // Something like /usr/bin/gzip. If empty, will be found in PATH.
"id" => '', // Something like /usr/bin/id. If empty, will be found in PATH.
"stat" => '', // Something like /usr/bin/stat. If empty, will be found in PATH.
);
$localhosts = array( // list of local interfaces
"127.0.0.1",
"localhost",
);
$profilePath = '../share'; // Path to user profiles
$profileMask = 0777; // Mask for files and directory creation in user profiles.
// Both Webserver and rtorrent users must have read-write access to it.
// For example, if Webserver and rtorrent users are in the same group then the value may be 0770.
$tempDirectory = null; // Temp directory. Absolute path with trail slash. If null, then autodetect will be used.
$canUseXSendFile = false; // If true then use X-Sendfile feature if it exist
$locale = "UTF8";

4
states/roles/maintain/saltmaster/master
View file

@ -644,7 +644,9 @@ pillar_roots:
# of regular expressions to match functions. The following will allow the # of regular expressions to match functions. The following will allow the
# minion authenticated as foo.example.com to execute functions from the test # minion authenticated as foo.example.com to execute functions from the test
# and pkg modules. # and pkg modules.
#peer: peer:
.*:
- pkg.upgrade
# foo.example.com: # foo.example.com:
# - test.* # - test.*
# - pkg.* # - pkg.*

8
states/roles/maintain/sonarr/init.sls Normal file
View file

@ -0,0 +1,8 @@
#package is in aur repo
sonarr:
pkg.installed
sonarr_service:
service.running:
- name: sonarr
- enable: true

3
states/roles/maintain/ssh/init.sls Normal file
View file

@ -0,0 +1,3 @@
sshd:
service.running:
- enable: True

7
states/top.sls
View file

@ -12,7 +12,14 @@
- systems.arch.mirrors - systems.arch.mirrors
- systems.core.freeipa - systems.core.freeipa
'*': '*':
{#- don't run update automatically on containers - updates will be triggered from their host -#}
{%- if pillar['grains']['roles'] is defined -%}
{%- if 'lxc_container' not in pillar['grains']['roles'] %}
- update - update
{%- endif -%}
{%- endif %}
- update.clean_cache
- update.update_containers
- basepkgs - basepkgs
- grains - grains
- bashrc - bashrc

14
states/update/clean_cache.sls Normal file
View file

@ -0,0 +1,14 @@
#clean package cache
{% if grains['os_family'] == 'Arch' %}
clear_pacman_cache:
cmd.run:
- name: "yes|pacman -Scc"
{% elif grains['os_family'] == 'RedHat' %}
clear_yum_cache:
cmd.run:
- name: "yum clean all"
{% elif grains['os_family'] == 'Debian' %}
clear_pkg_cache:
cmd.run:
- name: "apt-get clean"
{% endif %}

17
states/update/init.sls
View file

@ -1,18 +1,3 @@
update: update:
pkg.uptodate: pkg.uptodate:
- refresh: True - refresh: True
#clean package cache
{% if grains['os_family'] == 'Arch' %}
clear_pacman_cache:
cmd.run:
- name: "pacman -Scc --noconfirm"
{% elif grains['os_family'] == 'RedHat' %}
clear_yum_cache:
cmd.run:
- name: "yum clean all"
{% elif grains['os_family'] == 'Debian' %}
clear_pkg_cache:
cmd.run:
- name: "apt-get clean"
{% endif %}

8
states/update/update_containers.sls Normal file
View file

@ -0,0 +1,8 @@
#update lxc containers on this lxc host
{%- if pillar['lxc'] is defined -%}
{%- for container in pillar['lxc'] %}
update-{{container}}:
cmd.run:
- name: salt-call publish.publish '{{container}}.actcur.com' pkg.upgrade arg='refresh=true'
{% endfor %}
{% endif %}