From 62daaa362a95d2b43a83385d81a33cc3c8f8189b Mon Sep 17 00:00:00 2001
From: skorpy <magnus@skorpy.space>
Date: Sun, 2 Feb 2020 20:41:32 +0100
Subject: [PATCH] Use salt['pillar.get'] accessor instead of pillar.get
Fixes salt-lint error 211
---
bird/exporter.sls | 4 ++--
bird/files/kernel.conf.j2 | 6 +++---
bird/files/ospf.conf.j2 | 2 +-
bird/init.sls | 6 +++---
bird/radv.sls | 2 +-
cadvisor/init.sls | 4 ++--
cpthook-gitlab/init.sls | 2 +-
dnsresolver/kresd/files/kresd.conf.j2 | 2 +-
dnsresolver/unbound/exporter.sls | 4 ++--
dnsresolver/unbound/files/unbound.conf.j2 | 6 +++---
docker/container.sls | 2 +-
docker/images.sls | 2 +-
dovecot/init.sls | 2 +-
fastd/exporter.sls | 4 ++--
fastd/instances.sls | 2 +-
golang/init.sls | 2 +-
grafana/init.sls | 2 +-
graphite/init.sls | 4 ++--
haproxy/init.sls | 2 +-
kea-dhcp/files/kea-dhcp4.conf.j2 | 4 ++--
kea-dhcp/files/kea-dhcp6.conf.j2 | 2 +-
mesh-announce/init.sls | 2 +-
mmfd/files/mmfd-network | 2 +-
netbox/init.sls | 4 ++--
network/domains-babel.sls | 4 ++--
network/domains-batman-systemd.sls | 4 ++--
network/domains-batman.sls | 4 ++--
network/files/ferm-domain-batman.conf.j2 | 2 +-
network/files/ifdown-domain-batman.sh.j2 | 2 +-
network/files/ifup-domain-batman.sh.j2 | 2 +-
network/files/interfaces-domain.j2 | 2 +-
nginx/files/conf.d/log.conf.j2 | 2 +-
nginx/files/sites/default-http.conf.j2 | 2 +-
nginx/init.sls | 2 +-
nginx/vhosts.sls | 2 +-
ntp/init.sls | 2 +-
pretix/files/pretix.cfg.j2 | 2 +-
pretix/init.sls | 4 ++--
prometheus/files/prometheus/prometheus.yml.j2 | 4 ++--
prometheus/init.sls | 2 +-
prometheus/irc.sls | 2 +-
ssh/files/sshd_config | 4 ++--
ssh/init.sls | 2 +-
traefik/files/traefik.toml.j2 | 4 ++--
traefik/init.sls | 4 ++--
yanic/files/ferm.conf.j2 | 2 +-
46 files changed, 67 insertions(+), 67 deletions(-)
diff --git a/bird/exporter.sls b/bird/exporter.sls
index 7e1de8b3..5207071e 100644
--- a/bird/exporter.sls
+++ b/bird/exporter.sls
@@ -1,4 +1,4 @@
-{%- set gopath = pillar.get('golang:gopath', '/usr/local/go') %}
+{%- set gopath = salt['pillar.get']('golang:gopath', '/usr/local/go') %}
include:
- golang
@@ -14,7 +14,7 @@ bird-exporter:
- cwd: {{ gopath }}/src/github.com/czerwonk/bird_exporter
- name: go get -v -u github.com/czerwonk/bird_exporter
- env:
- GOPATH: {{ pillar.get('golang:gopath', '/usr/local/go') }}
+ GOPATH: {{ salt['pillar.get']('golang:gopath', '/usr/local/go') }}
- require:
- pkg: golang
- pkg: git
diff --git a/bird/files/kernel.conf.j2 b/bird/files/kernel.conf.j2
index f31b4bed..6a75c2b1 100644
--- a/bird/files/kernel.conf.j2
+++ b/bird/files/kernel.conf.j2
@@ -7,12 +7,12 @@ table kernel_T_{{ kernel_table }};
protocol kernel kernel_{{ kernel_table }} {
export filter {
{% if ip_version == 4 %}
-{%- if (pillar.get('source_ip_4', [])) in grains['ip_interfaces']['lo'] %}
+{%- if (salt['pillar.get']('source_ip_4', [])) in grains['ip_interfaces']['lo'] %}
krt_prefsrc = {{ pillar['source_ip_4'] }};
{%- endif %}
accept;
{% elif ip_version == 6 %}
-{%- if (pillar.get('source_ip_6', [])) in grains['ip_interfaces']['lo'] %}
+{%- if (salt['pillar.get']('source_ip_6', [])) in grains['ip_interfaces']['lo'] %}
krt_prefsrc = {{ pillar['source_ip_6'] }};
{%- endif %}
accept;
@@ -31,7 +31,7 @@ protocol kernel kernel_{{ kernel_table }} {
import none;
{%- endif %}
device routes on;
-{%- if 'vmhost' in pillar.get('roles', []) %}
+{%- if 'vmhost' in salt['pillar.get']('roles', []) %}
learn;
{%- endif %}
diff --git a/bird/files/ospf.conf.j2 b/bird/files/ospf.conf.j2
index 770f1b83..42187c49 100644
--- a/bird/files/ospf.conf.j2
+++ b/bird/files/ospf.conf.j2
@@ -38,7 +38,7 @@ protocol ospf IGP {
};
{%- if type == 'ospf6' %}
-{%- if 'nat64' in pillar.get('roles', []) %}
+{%- if 'nat64' in salt['pillar.get']('roles', []) %}
stubnet 64:ff9b::/96;
{%- endif %}
{%- endif %}
diff --git a/bird/init.sls b/bird/init.sls
index f9084c81..b64e71af 100644
--- a/bird/init.sls
+++ b/bird/init.sls
@@ -1,7 +1,7 @@
include:
- ferm
- bird.exporter
-{%- if 'gateway' in pillar.get('roles', []) %}
+{%- if 'gateway' in salt['pillar.get']('roles', []) %}
- bird.radv
- bird.domains
{%- endif %}
@@ -155,7 +155,7 @@ bird6:
- pkg: bird
- file: /etc/bird/bird6.d
-{%- if 'babel' in pillar.get('roles', []) %}
+{%- if 'babel' in salt['pillar.get']('roles', []) %}
/etc/bird/bird6.d/910-kernel.conf:
file.managed:
- source: salt://bird/files/kernel.conf.j2
@@ -170,7 +170,7 @@ bird6:
- require:
- pkg: bird
- file: /etc/bird/bird6.d
-{%- if 'gateway' in pillar.get('roles', []) %}
+{%- if 'gateway' in salt['pillar.get']('roles', []) %}
/etc/bird/bird6.d/912-kernel.conf:
file.managed:
- source: salt://bird/files/kernel.conf.j2
diff --git a/bird/radv.sls b/bird/radv.sls
index bb986d1f..ee40a581 100644
--- a/bird/radv.sls
+++ b/bird/radv.sls
@@ -1,7 +1,7 @@
include:
- bird
-{% for domain_key, domain_val in pillar.get('domains', {}).items() %}
+{% for domain_key, domain_val in salt['pillar.get']('domains', {}).items() %}
/etc/bird/bird6.d/50-radv-dom{{ domain_val['domain_id'] }}.conf:
file.managed:
diff --git a/cadvisor/init.sls b/cadvisor/init.sls
index df8f2653..b49aab73 100644
--- a/cadvisor/init.sls
+++ b/cadvisor/init.sls
@@ -1,7 +1,7 @@
-{% set docker = pillar.get('docker', {}) %}
+{% set docker = salt['pillar.get']('docker', {}) %}
{% set volume = docker.volume_root | default('/srv/docker') ~ '/cadvisor' %}
{% set image = 'google/cadvisor:latest' %}
-{% set cadvisor = pillar.get('cadvisor', {}) %}
+{% set cadvisor = salt['pillar.get']('cadvisor', {}) %}
{% set metrics = cadvisor.get('metrics', {}) %}
{% set port = '9999' %}
diff --git a/cpthook-gitlab/init.sls b/cpthook-gitlab/init.sls
index 3875ea1e..b1b8af2a 100644
--- a/cpthook-gitlab/init.sls
+++ b/cpthook-gitlab/init.sls
@@ -1,4 +1,4 @@
-{%- set gopath = pillar.get('golang:gopath', '/usr/local/go') %}
+{%- set gopath = salt['pillar.get']('golang:gopath', '/usr/local/go') %}
{%- set project = 'cpthook' %}
{%- set uri = 'github.com/fleaz/CptHook' %}
diff --git a/dnsresolver/kresd/files/kresd.conf.j2 b/dnsresolver/kresd/files/kresd.conf.j2
index e6430153..60cd0275 100644
--- a/dnsresolver/kresd/files/kresd.conf.j2
+++ b/dnsresolver/kresd/files/kresd.conf.j2
@@ -21,7 +21,7 @@ user('knot-resolver','knot-resolver')
cache.size = 1*GB
-{%- if 'forwarder' in pillar.get('roles', []) %}
+{%- if 'forwarder' in salt['pillar.get']('roles', []) %}
{%- if salt['pillar.get']('dns:dns64', True) and salt['pillar.get']('dns:forwarder:dns64', True) and salt['pillar.get']('dns:kresd:dns64', True) %}
modules = { dns64 = '64:ff9b::' }
{%- endif %}
diff --git a/dnsresolver/unbound/exporter.sls b/dnsresolver/unbound/exporter.sls
index dcd43dbb..0e391c50 100644
--- a/dnsresolver/unbound/exporter.sls
+++ b/dnsresolver/unbound/exporter.sls
@@ -1,4 +1,4 @@
-{%- set gopath = pillar.get('golang:gopath', '/usr/local/go') %}
+{%- set gopath = salt['pillar.get']('golang:gopath', '/usr/local/go') %}
{%- set gopkg = 'github.com/kumina/unbound_exporter' %}
include:
@@ -12,7 +12,7 @@ unbound-exporter:
- cwd: {{ gopath }}/src/{{ gopkg }}
- name: go get -v -u {{ gopkg }}
- env:
- GOPATH: {{ pillar.get('golang:gopath', '/usr/local/go') }}
+ GOPATH: {{ salt['pillar.get']('golang:gopath', '/usr/local/go') }}
- require:
- pkg: golang
- git: unbound-exporter
diff --git a/dnsresolver/unbound/files/unbound.conf.j2 b/dnsresolver/unbound/files/unbound.conf.j2
index 95208bcd..e667c381 100644
--- a/dnsresolver/unbound/files/unbound.conf.j2
+++ b/dnsresolver/unbound/files/unbound.conf.j2
@@ -24,7 +24,7 @@ server:
harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: no
-{%- if 'resolver' in pillar.get('roles', []) %}
+{%- if 'resolver' in salt['pillar.get']('roles', []) %}
qname-minimisation: yes
{%- else %}
qname-minimisation: no
@@ -36,7 +36,7 @@ server:
rrset-roundrobin: yes
minimal-responses: no
-{%- if 'forwarder' in pillar.get('roles', []) and salt['pillar.get']('dns:dns64', True) and salt['pillar.get']('dns:forwarder:dns64', True) and salt['pillar.get']('dns:unbound:dns64', True) %}
+{%- if 'forwarder' in salt['pillar.get']('roles', []) and salt['pillar.get']('dns:dns64', True) and salt['pillar.get']('dns:forwarder:dns64', True) and salt['pillar.get']('dns:unbound:dns64', True) %}
# DNS64
module-config: "dns64 validator iterator"
dns64-prefix: 64:ff9b::/96
@@ -68,7 +68,7 @@ forward-zone:
forward-host: c.ns.ffffm.net
forward-host: d.ns.freifunk-frankfurt.de
-{%- if 'forwarder' in pillar.get('roles', []) %}
+{%- if 'forwarder' in salt['pillar.get']('roles', []) %}
forward-zone:
name: "."
#recursiveA.ns.as64475.net
diff --git a/docker/container.sls b/docker/container.sls
index 5b7fe088..2ec9f83a 100644
--- a/docker/container.sls
+++ b/docker/container.sls
@@ -1,4 +1,4 @@
-{% set docker = pillar.get('docker', {}) %}
+{% set docker = salt['pillar.get']('docker', {}) %}
{% set images = docker.get('images', {}) %}
{% set containers = docker.get('containers', []) %}
diff --git a/docker/images.sls b/docker/images.sls
index ba35e606..901da2d5 100644
--- a/docker/images.sls
+++ b/docker/images.sls
@@ -1,4 +1,4 @@
-{% set docker = pillar.get('docker', {}) %}
+{% set docker = salt['pillar.get']('docker', {}) %}
{% set images = docker.get('images', {}) %}
diff --git a/dovecot/init.sls b/dovecot/init.sls
index 79872941..23533b87 100644
--- a/dovecot/init.sls
+++ b/dovecot/init.sls
@@ -1,5 +1,5 @@
{% if grains['osfinger'] == "Debian-9" %}
-{%- if 'dovecot' in pillar.get('roles', []) %}
+{%- if 'dovecot' in salt['pillar.get']('roles', []) %}
include:
- .dovecot
{%- endif %}
diff --git a/fastd/exporter.sls b/fastd/exporter.sls
index c465ed8b..a97944c3 100644
--- a/fastd/exporter.sls
+++ b/fastd/exporter.sls
@@ -1,4 +1,4 @@
-{%- set gopath = pillar.get('golang:gopath', '/usr/local/go') %}
+{%- set gopath = salt['pillar.get']('golang:gopath', '/usr/local/go') %}
{%- set gopkg = 'git.darmstadt.ccc.de/ffda/fastd-exporter' %}
include:
@@ -12,7 +12,7 @@ fastd-exporter:
- cwd: {{ gopath }}/src/{{ gopkg }}
- name: go get -v -u {{ gopkg }}
- env:
- GOPATH: {{ pillar.get('golang:gopath', '/usr/local/go') }}
+ GOPATH: {{ salt['pillar.get']('golang:gopath', '/usr/local/go') }}
- require:
- pkg: golang
- git: fastd-exporter
diff --git a/fastd/instances.sls b/fastd/instances.sls
index d43e5b19..0a51ec75 100644
--- a/fastd/instances.sls
+++ b/fastd/instances.sls
@@ -1,5 +1,5 @@
# for each domain
-{%- for domain_key, domain_val in pillar.get('domains', {}).items() %}
+{%- for domain_key, domain_val in salt['pillar.get']('domains', {}).items() %}
{%- set domain_id = domain_val['domain_id'] %}
# assign fastd configuration
diff --git a/golang/init.sls b/golang/init.sls
index 568fe045..f6d6d9bb 100644
--- a/golang/init.sls
+++ b/golang/init.sls
@@ -21,5 +21,5 @@ golang-env:
file.managed:
- name: /etc/profile.d/go
- contents:
- export GOPATH={{ pillar.get('golang:gopath', '/usr/local/go') }}
+ export GOPATH={{ salt['pillar.get']('golang:gopath', '/usr/local/go') }}
export PATH=$PATH:$GOPATH/bin
diff --git a/grafana/init.sls b/grafana/init.sls
index dbeacff5..93d6947e 100644
--- a/grafana/init.sls
+++ b/grafana/init.sls
@@ -1,4 +1,4 @@
-{%- if 'grafana' in pillar.get('roles', []) %}
+{%- if 'grafana' in salt['pillar.get']('roles', []) %}
include:
- grafana.grafana
{%- endif %}
diff --git a/graphite/init.sls b/graphite/init.sls
index 50714048..570185c0 100644
--- a/graphite/init.sls
+++ b/graphite/init.sls
@@ -1,8 +1,8 @@
{%- set includes = [] %}
-{%- if 'go-carbon' in pillar.get('roles') %}
+{%- if 'go-carbon' in salt['pillar.get']('roles') %}
{%- do includes.append('.go-carbon') %}
{%- endif %}
-{%- if 'carbonapi' in pillar.get('roles') %}
+{%- if 'carbonapi' in salt['pillar.get']('roles') %}
{%- do includes.append('.carbonapi') %}
{%- endif %}
diff --git a/haproxy/init.sls b/haproxy/init.sls
index e3054e1c..c3c73d31 100644
--- a/haproxy/init.sls
+++ b/haproxy/init.sls
@@ -1,4 +1,4 @@
include:
-{%- if 'haproxy' in pillar.get('roles', []) %}
+{%- if 'haproxy' in salt['pillar.get']('roles', []) %}
- .install
{%- endif %}
diff --git a/kea-dhcp/files/kea-dhcp4.conf.j2 b/kea-dhcp/files/kea-dhcp4.conf.j2
index 16ed9867..ed375ca0 100644
--- a/kea-dhcp/files/kea-dhcp4.conf.j2
+++ b/kea-dhcp/files/kea-dhcp4.conf.j2
@@ -1,5 +1,5 @@
{%- set interfaces = salt['pillar.get']('kea-dhcp:v4:interfaces', []) -%}
-{%- for domain, domainData in pillar.get('domains', {}).items() -%}
+{%- for domain, domainData in salt['pillar.get']('domains', {}).items() -%}
{%- do interfaces.append(domain ~ '-br') -%}
{%- endfor -%}
{
@@ -39,7 +39,7 @@
}{% if not loop.last %},{% endif %}
{%- endfor %}
-{% for domain, domainData in pillar.get('domains', {}).items() if 'IPv4' in domainData %}
+{% for domain, domainData in salt['pillar.get']('domains', {}).items() if 'IPv4' in domainData %}
{%- set instance = domainData.IPv4 %}
{%- if salt['pillar.get']('kea-dhcp:v4:subnets', []) and instance.subnets %},{%- endif %}
diff --git a/kea-dhcp/files/kea-dhcp6.conf.j2 b/kea-dhcp/files/kea-dhcp6.conf.j2
index c24572bd..1c3707b3 100644
--- a/kea-dhcp/files/kea-dhcp6.conf.j2
+++ b/kea-dhcp/files/kea-dhcp6.conf.j2
@@ -57,7 +57,7 @@
}{%- if not loop.last %},{%- endif %}
{%- endfor %}
-{%- for domain, domainData in pillar.get('domains', {}).items() if 'IPv6' in domainData %}
+{%- for domain, domainData in salt['pillar.get']('domains', {}).items() if 'IPv6' in domainData %}
{%- set instance = domainData.IPv6 %}
{%- if salt['pillar.get']('kea-dhcp:v6:subnets', []) and instance.subnets %},{%- endif %}
diff --git a/mesh-announce/init.sls b/mesh-announce/init.sls
index a42dc745..e3a4d02e 100644
--- a/mesh-announce/init.sls
+++ b/mesh-announce/init.sls
@@ -24,7 +24,7 @@ mesh-announce_deps:
/etc/mesh-announce:
file.directory
-{% for domain_key, domain_val in pillar.get('domains', {}).items() %}
+{% for domain_key, domain_val in salt['pillar.get']('domains', {}).items() %}
{%- set domain_id = domain_val['domain_id'] %}
{%- set mesh_announce_enable = salt['pillar.get']('domains:%s:mesh_announce_enable'|format(domain_key), False) %}
diff --git a/mmfd/files/mmfd-network b/mmfd/files/mmfd-network
index 0d713c1b..138f4458 100644
--- a/mmfd/files/mmfd-network
+++ b/mmfd/files/mmfd-network
@@ -1,6 +1,6 @@
allow-hotplug mmfd0
auto mmfd0
iface mmfd0
-{%- for prefix in pillar.get('ifaces.mmfd0.prefixes', {}) %}
+{%- for prefix in salt['pillar.get']('ifaces.mmfd0.prefixes', {}) %}
address {{ prefix }}
{%- endfor %}
diff --git a/netbox/init.sls b/netbox/init.sls
index c65d74df..4cd68a65 100644
--- a/netbox/init.sls
+++ b/netbox/init.sls
@@ -1,5 +1,5 @@
-{% set docker = pillar.get('docker', {}) %}
-{% set netbox = pillar.get('netbox', {}) %}
+{% set docker = salt['pillar.get']('docker', {}) %}
+{% set netbox = salt['pillar.get']('netbox', {}) %}
{% set volume = docker.volume_root | default('/srv/docker') ~ '/netbox' %}
{% set database = netbox.get('database', {}) %}
{% set email = netbox.get('email', {}) %}
diff --git a/network/domains-babel.sls b/network/domains-babel.sls
index 48e8cd9f..482b8799 100644
--- a/network/domains-babel.sls
+++ b/network/domains-babel.sls
@@ -1,4 +1,4 @@
-{% for domain in pillar.get('domains', {}).keys() %}
+{% for domain in salt['pillar.get']('domains', {}).keys() %}
/etc/network/interfaces.d/domain-{{ domain }}:
file.managed:
@@ -10,7 +10,7 @@
- context:
domain: {{ domain }}
-{% if 'gateway' in pillar.get('roles', []) %}
+{% if 'gateway' in salt['pillar.get']('roles', []) %}
/etc/ferm/conf.d/20-domain-{{ domain }}.conf:
file.managed:
- source: salt://network/files/ferm-domain-babel.conf.j2
diff --git a/network/domains-batman-systemd.sls b/network/domains-batman-systemd.sls
index 6ccaaaed..b4acbeeb 100644
--- a/network/domains-batman-systemd.sls
+++ b/network/domains-batman-systemd.sls
@@ -40,7 +40,7 @@ include:
- mode: '0644'
- template: jinja
-{% for domain in pillar.get('domains', {}).keys() %}
+{% for domain in salt['pillar.get']('domains', {}).keys() %}
{% set domain_id = salt['pillar.get']('domains:%s:domain_id'|format(domain)) %}
/opt/multidomain/dom_{{ domain_id }}_up.sh:
file.managed:
@@ -70,7 +70,7 @@ include:
/etc/network/interfaces.d/dom{{ domain_id }}:
file.absent
-{% if 'gateway' in pillar.get('roles', []) %}
+{% if 'gateway' in salt['pillar.get']('roles', []) %}
/etc/ferm/conf.d/20-dom{{ domain_id }}.conf:
file.managed:
- source: salt://network/files/ferm-domain-batman.conf.j2
diff --git a/network/domains-batman.sls b/network/domains-batman.sls
index ec3af79e..8b86a365 100644
--- a/network/domains-batman.sls
+++ b/network/domains-batman.sls
@@ -19,7 +19,7 @@
- context:
name: {{ transport_interface }}
-{% for domain in pillar.get('domains', {}).keys() %}
+{% for domain in salt['pillar.get']('domains', {}).keys() %}
{% set domain_id = salt['pillar.get']('domains:%s:domain_id'|format(domain)) %}
/etc/network/interfaces.d/dom{{ domain_id }}:
file.managed:
@@ -32,7 +32,7 @@
domain: {{ domain }}
domain_id: {{ domain_id }}
-{% if 'gateway' in pillar.get('roles', []) %}
+{% if 'gateway' in salt['pillar.get']('roles', []) %}
/etc/ferm/conf.d/20-dom{{ domain_id }}.conf:
file.managed:
- source: salt://network/files/ferm-domain-batman.conf.j2
diff --git a/network/files/ferm-domain-batman.conf.j2 b/network/files/ferm-domain-batman.conf.j2
index af6c6b84..4aad35b4 100644
--- a/network/files/ferm-domain-batman.conf.j2
+++ b/network/files/ferm-domain-batman.conf.j2
@@ -25,7 +25,7 @@ domain ip {
interface dom{{ domain_id }}-br outerface {{ salt['pillar.get']('ferm:public_interface', 'ens13') }} proto tcp tcp-flags (SYN RST) SYN TCPMSS set-mss {{ mtu - 32 - 20 - 20 }};
}
}
- {%- if 'gateway' in pillar.get('roles', []) %}
+ {%- if 'gateway' in salt['pillar.get']('roles', []) %}
table filter {
chain FORWARD {
mod state state (ESTABLISHED RELATED) ACCEPT;
diff --git a/network/files/ifdown-domain-batman.sh.j2 b/network/files/ifdown-domain-batman.sh.j2
index 9aad8727..70eb9218 100644
--- a/network/files/ifdown-domain-batman.sh.j2
+++ b/network/files/ifdown-domain-batman.sh.j2
@@ -4,7 +4,7 @@
#!/bin/bash
# kill everything
-{%- if 'gateway' in pillar.get('roles', []) and with_fastd %}
+{%- if 'gateway' in salt['pillar.get']('roles', []) and with_fastd %}
systemctl stop fastd@dom{{ domain_id }}_{{ salt['pillar.get']('domains:%s:mtu'|format(domain), 1312) }}
{%- endif %}
{%- if salt['pillar.get']('domains:%s:vxlan_vid'|format(domain), {}) %}
diff --git a/network/files/ifup-domain-batman.sh.j2 b/network/files/ifup-domain-batman.sh.j2
index d2a2a4f4..b4d581e9 100644
--- a/network/files/ifup-domain-batman.sh.j2
+++ b/network/files/ifup-domain-batman.sh.j2
@@ -86,7 +86,7 @@
{%- endfor %}
{% endif %}
-{%- if 'gateway' in pillar.get('roles', []) and with_fastd %}
+{%- if 'gateway' in salt['pillar.get']('roles', []) and with_fastd %}
{%- for instance in salt['pillar.get']('domains:%s:fastd:instances'|format(domain)) %}
# l2 tunnel (fastd)
diff --git a/network/files/interfaces-domain.j2 b/network/files/interfaces-domain.j2
index d2e3e61f..39b3320e 100644
--- a/network/files/interfaces-domain.j2
+++ b/network/files/interfaces-domain.j2
@@ -88,7 +88,7 @@ iface dom{{ domain_id }}-tp inet manual
{% endif %}
{% endif %}
-{%- if 'gateway' in pillar.get('roles', []) and with_fastd %}
+{%- if 'gateway' in salt['pillar.get']('roles', []) and with_fastd %}
{%- for instance in salt['pillar.get']('domains:%s:fastd:instances'|format(domain)) %}
# l2 tunnel (fastd)
diff --git a/nginx/files/conf.d/log.conf.j2 b/nginx/files/conf.d/log.conf.j2
index 8228d8eb..b1cafc14 100644
--- a/nginx/files/conf.d/log.conf.j2
+++ b/nginx/files/conf.d/log.conf.j2
@@ -1,5 +1,5 @@
map $remote_addr $remote_addr_anon {
-{% if pillar.get('nginx', {}).get('logs', {}).get('anonymize_ips', True) -%}
+{% if salt['pillar.get']('nginx', {}).get('logs', {}).get('anonymize_ips', True) -%}
~(?P<ip>\d+\.\d+\.\d+)\. $ip.0;
~(?P<ip>[^:]+:[^:]+:[^:]+): $ip::;
~(?P<ip>[^:]+:[^:]+): $ip::;
diff --git a/nginx/files/sites/default-http.conf.j2 b/nginx/files/sites/default-http.conf.j2
index 04ef164e..1b60e593 100644
--- a/nginx/files/sites/default-http.conf.j2
+++ b/nginx/files/sites/default-http.conf.j2
@@ -10,7 +10,7 @@ server {
root /srv/www/{{ hostname }}/htdocs;
index index.html index.htm;
-{%- if pillar.get('letsencrypt', False) %}
+{%- if salt['pillar.get']('letsencrypt', False) %}
include "snippets/acme-challenge.conf";
{%- endif %}
{%- if grains['fqdn'] in hostnames %}
diff --git a/nginx/init.sls b/nginx/init.sls
index 908406c3..acb96ab1 100644
--- a/nginx/init.sls
+++ b/nginx/init.sls
@@ -49,7 +49,7 @@ nginx:
- source:
{% if cert_exists %}
- salt://nginx/files/sites/{{ grains['fqdn'] }}.conf.j2
- {%- if 'kresd' in pillar.get('roles', []) %}
+ {%- if 'kresd' in salt['pillar.get']('roles', []) %}
- salt://nginx/files/sites/fqdn-kresd.conf.j2
{% endif %}
- salt://nginx/files/sites/default-https.conf.j2
diff --git a/nginx/vhosts.sls b/nginx/vhosts.sls
index 0c4ec51f..ab2bd30e 100644
--- a/nginx/vhosts.sls
+++ b/nginx/vhosts.sls
@@ -1,4 +1,4 @@
-{% for name, vhost in pillar.get('nginx', {}).get('vhosts', {}).items() %}
+{% for name, vhost in salt['pillar.get']('nginx', {}).get('vhosts', {}).items() %}
{% set cert_path = "/etc/letsencrypt/live/{cn}/fullchain.pem".format(cn=vhost.ssl.common_name) %}
{% set key_path = "/etc/letsencrypt/live/{cn}/privkey.pem".format(cn=vhost.ssl.common_name) %}
diff --git a/ntp/init.sls b/ntp/init.sls
index dcf0bea7..cb3f0b45 100644
--- a/ntp/init.sls
+++ b/ntp/init.sls
@@ -15,7 +15,7 @@ chrony:
- watch_in:
- service: chrony
-{%- if 'ntp' in pillar.get('roles', []) %}
+{%- if 'ntp' in salt['pillar.get']('roles', []) %}
/etc/ferm/conf.d/40-chrony.conf:
file.managed:
- source: salt://ntp/files/ferm.conf
diff --git a/pretix/files/pretix.cfg.j2 b/pretix/files/pretix.cfg.j2
index f66d16fd..db5ffb5f 100644
--- a/pretix/files/pretix.cfg.j2
+++ b/pretix/files/pretix.cfg.j2
@@ -1,4 +1,4 @@
-{% set pretix = pillar.get('pretix', {}) -%}
+{% set pretix = salt['pillar.get']('pretix', {}) -%}
{% set mail = pretix.get('mail', {}) -%}
{% set metrics = pretix.get('metrics', {}) -%}
diff --git a/pretix/init.sls b/pretix/init.sls
index f2b73307..38715be6 100644
--- a/pretix/init.sls
+++ b/pretix/init.sls
@@ -1,5 +1,5 @@
-{% set docker = pillar.get('docker', {}) %}
-{% set pretix = pillar.get('pretix', {}) %}
+{% set docker = salt['pillar.get']('docker', {}) %}
+{% set pretix = salt['pillar.get']('pretix', {}) %}
{% set volume = docker.volume_root ~ '/pretix' %}
{% set image = 'pretix/standalone:stable' %}
{% set postgres_image = 'postgres:10.6' %}
diff --git a/prometheus/files/prometheus/prometheus.yml.j2 b/prometheus/files/prometheus/prometheus.yml.j2
index 6b6b76ec..ab276e53 100644
--- a/prometheus/files/prometheus/prometheus.yml.j2
+++ b/prometheus/files/prometheus/prometheus.yml.j2
@@ -85,7 +85,7 @@ scrape_configs:
{% set pretix_targets = salt['prometheus.prometheus_targets_for_grain']('prometheus_pretix_export') %}
- job_name: pretix
scheme: https
- {% set pretix = pillar.get('pretix', {}) -%}
+ {% set pretix = salt['pillar.get']('pretix', {}) -%}
{% set pretix_metrics = pretix.get('metrics', {}) -%}
{% if pretix_metrics -%}
basic_auth:
@@ -110,7 +110,7 @@ scrape_configs:
{% set cadvisor_targets = salt['prometheus.prometheus_targets_for_grain']('prometheus_cadvisor_export') %}
- job_name: cadvisor
- {% set cadvisor_metrics = pillar.get('cadvisor:metrics', {}) -%}
+ {% set cadvisor_metrics = salt['pillar.get']('cadvisor:metrics', {}) -%}
{% if cadvisor_metrics -%}
basic_auth:
username: {{ cadvisor_metrics.get('user', 'monitoring') }}
diff --git a/prometheus/init.sls b/prometheus/init.sls
index 8274c5fe..b0b6751f 100644
--- a/prometheus/init.sls
+++ b/prometheus/init.sls
@@ -2,7 +2,7 @@ include:
# install node exporter first, it creates a prometheus user, so we don't have to
- prometheus.exporter
- prometheus.checkrestart
-{%- if 'prometheus' in pillar.get('roles', []) %}
+{%- if 'prometheus' in salt['pillar.get']('roles', []) %}
- prometheus.prometheus
- prometheus.alertmanager
- prometheus.irc
diff --git a/prometheus/irc.sls b/prometheus/irc.sls
index f6186e73..193a0209 100644
--- a/prometheus/irc.sls
+++ b/prometheus/irc.sls
@@ -1,4 +1,4 @@
-{%- set gopath = pillar.get('golang:gopath', '/usr/local/go') %}
+{%- set gopath = salt['pillar.get']('golang:gopath', '/usr/local/go') %}
{%- set project = 'cpthook' %}
{%- set uri = 'github.com/fleaz/CptHook' %}
diff --git a/ssh/files/sshd_config b/ssh/files/sshd_config
index e307f5de..a08c060d 100644
--- a/ssh/files/sshd_config
+++ b/ssh/files/sshd_config
@@ -5,11 +5,11 @@
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_ed25519_key
-{%- if 'vmhost' in pillar.get('roles', []) %}
+{%- if 'vmhost' in salt['pillar.get']('roles', []) %}
HostKey /etc/ssh/ssh_host_rsa_key
{%- endif %}
-PermitRootLogin {% if 'vmhost' in pillar.get('roles', []) %}prohibit-password{% else %}no{% endif %}
+PermitRootLogin {% if 'vmhost' in salt['pillar.get']('roles', []) %}prohibit-password{% else %}no{% endif %}
PasswordAuthentication no
ChallengeResponseAuthentication no
PubkeyAuthentication yes
diff --git a/ssh/init.sls b/ssh/init.sls
index f15e54de..cf6d7f75 100644
--- a/ssh/init.sls
+++ b/ssh/init.sls
@@ -47,7 +47,7 @@ undesirable-hostkeys:
- /etc/ssh/ssh_host_dsa_key.pub
- /etc/ssh/ssh_host_ecdsa_key
- /etc/ssh/ssh_host_ecdsa_key.pub
-{%- if not 'vmhost' in pillar.get('roles', []) %}
+{%- if not 'vmhost' in salt['pillar.get']('roles', []) %}
- /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_rsa_key.pub
{%- endif %}
diff --git a/traefik/files/traefik.toml.j2 b/traefik/files/traefik.toml.j2
index 67bbd21b..dd815fd2 100644
--- a/traefik/files/traefik.toml.j2
+++ b/traefik/files/traefik.toml.j2
@@ -1,5 +1,5 @@
-{% set traefik = pillar.get('traefik', {}) -%}
-{% set letsencrypt = pillar.get('letsencrypt', {}) -%}
+{% set traefik = salt['pillar.get']('traefik', {}) -%}
+{% set letsencrypt = salt['pillar.get']('letsencrypt', {}) -%}
{% set letsencrypt_domains = traefik.get('letsencrypt', {}) -%}
{% set backend = traefik.get('backend', {}) -%}
{% set backend_auth = backend.get('auth', {}) -%}
diff --git a/traefik/init.sls b/traefik/init.sls
index 77fa3b78..71ee5fd5 100644
--- a/traefik/init.sls
+++ b/traefik/init.sls
@@ -1,5 +1,5 @@
-{% set docker = pillar.get('docker', {}) %}
-{% set traefik = pillar.get('traefik', {}) %}
+{% set docker = salt['pillar.get']('docker', {}) %}
+{% set traefik = salt['pillar.get']('traefik', {}) %}
{% set backend = traefik.get('backend', {}) %}
{% set volume = docker.volume_root | default('/srv/docker') ~ '/traefik' %}
{% set container = traefik.get('container', 'traefik') %}
diff --git a/yanic/files/ferm.conf.j2 b/yanic/files/ferm.conf.j2
index 4f1bffa8..7e55cc16 100644
--- a/yanic/files/ferm.conf.j2
+++ b/yanic/files/ferm.conf.j2
@@ -1,7 +1,7 @@
domain (ip6) {
table filter {
chain INPUT {
- interface ({%- for domain in pillar.get('domains', {}).values() %}dom{{ domain['domain_id'] }}-br{% if not loop.last %} {% endif %}{%- endfor %}) {
+ interface ({%- for domain in salt['pillar.get']('domains', {}).values() %}dom{{ domain['domain_id'] }}-br{% if not loop.last %} {% endif %}{%- endfor %}) {
saddr fe80::/64 proto udp dport 10001 ACCEPT;
}
{%- if salt['pillar.get']('yanic:listen') %}
--
GitLab