Browse Source

Salt: split Redis passwords server to own state

The monitoring server needs Redis, but not the separate server that's
used for the breached-passwords bloom filter in dev/prod. This splits
that server out to its own state, so that it doesn't need to be set up
on the monitoring server.
merge-requests/55/head
Deimos 6 years ago
parent
commit
04bb63811f
  1. 29
      salt/salt/redis/breached-passwords.sls
  2. 30
      salt/salt/redis/init.sls
  3. 1
      salt/salt/top.sls

29
salt/salt/redis/breached-passwords.sls

@ -0,0 +1,29 @@
/run/redis_breached_passwords:
file.directory:
- user: redis
- group: redis
- mode: 755
- require:
- user: redis-user
/etc/redis_breached_passwords.conf:
file.managed:
- source: salt://redis/redis_breached_passwords.conf
- user: redis
- group: redis
- mode: 600
/etc/systemd/system/redis_breached_passwords.service:
file.managed:
- source: salt://redis/redis_breached_passwords.service
- user: root
- group: root
- mode: 644
- require_in:
- service: redis_breached_passwords.service
redis_breached_passwords.service:
service.running:
- enable: True
- watch:
- file: /etc/redis_breached_passwords.conf

30
salt/salt/redis/init.sls

@ -112,33 +112,3 @@ redis.service:
- require: - require:
- user: redis-user - user: redis-user
- cmd: install-redis - cmd: install-redis
/run/redis_breached_passwords:
file.directory:
- user: redis
- group: redis
- mode: 755
- require:
- user: redis-user
/etc/redis_breached_passwords.conf:
file.managed:
- source: salt://redis/redis_breached_passwords.conf
- user: redis
- group: redis
- mode: 600
/etc/systemd/system/redis_breached_passwords.service:
file.managed:
- source: salt://redis/redis_breached_passwords.service
- user: root
- group: root
- mode: 644
- require_in:
- service: redis_breached_passwords.service
redis_breached_passwords.service:
service.running:
- enable: True
- watch:
- file: /etc/redis_breached_passwords.conf

1
salt/salt/top.sls

@ -8,6 +8,7 @@ base:
- postgresql.pgbouncer - postgresql.pgbouncer
- python - python
- redis - redis
- redis.breached-passwords
- redis.modules.rebloom - redis.modules.rebloom
- redis.modules.redis-cell - redis.modules.redis-cell
- rabbitmq - rabbitmq

Loading…
Cancel
Save