From 76d077962fc8cea07ed1c931d87edf8b4574c1d5 Mon Sep 17 00:00:00 2001
From: Mike Reeves <luke@geekempire.com>
Date: Thu, 31 May 2018 14:55:38 -0400
Subject: [PATCH] Master Module - acng allow ssl for docker and salt

---
 salt/master/files/acng/acng.conf | 90 ++++++++++++++++++++++++++++++++
 salt/master/init.sls             | 14 +++++
 2 files changed, 104 insertions(+)

diff --git a/salt/master/files/acng/acng.conf b/salt/master/files/acng/acng.conf
index e69de29bb..581beffd0 100644
--- a/salt/master/files/acng/acng.conf
+++ b/salt/master/files/acng/acng.conf
@@ -0,0 +1,90 @@
+# This is a configuration file for apt-cacher-ng, a smart caching proxy for
+CacheDir: /var/cache/apt-cacher-ng
+LogDir: /var/log/apt-cacher-ng
+Port: 3142
+# BindAddress: localhost 192.168.7.254 publicNameOnMainInterface
+Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives
+Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu.us # Ubuntu Archives
+Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file or specify preferred mirrors here
+Remap-alxrep: file:archlx_mirrors /archlinux # ; file:backend_archlx # Arch Linux
+Remap-centosmirrorlist: mirrorlist.centos.org
+Remap-centos: file:centos_mirrors ; file:backends_centos.us # Fedora Linux
+Remap-fedora: file:fedora_mirrors ; file:backends_fedora.us # Fedora Linux
+Remap-epel:   file:epel_mirrors ; file:backends_epel.us # Fedora EPEL
+Remap-slrep:  file:sl_mirrors # Scientific Linux
+Remap-gentoo: file:gentoo_mirrors.gz /gentoo ; file:backends_gentoo # Gentoo Archives
+#Remap-alpine: file:alpine_mirrors /alpine #; dl-cdn.alpinelinux.org # Alpine Archives
+Remap-alpine: dl-cdn.alpinelinux.org
+Remap-yarn:   registry.yarnpkg.com
+Remap-npm:    registry.npmjs.org
+Remap-node:   nodejs.org
+Remap-apache: file:apache_mirrors ; file:backends_apache.us
+# Remap-secdeb: security.debian.org
+ReportPage: acng-report.html
+# SocketPath:/var/run/apt-cacher-ng/socket
+UnbufferLogs: 1
+VerboseLog: 2
+ForeGround: 1
+# PidFile: /var/run/apt-cacher-ng/pid
+# Offlinemode: 0
+# ForceManaged: 0
+ExTreshold: 8
+# ExAbortOnProblems: 1
+# ExSuppressAdminNotification: 1
+# StupidFs: 0
+# ForwardBtsSoap: 1
+# DnsCacheSeconds: 1800
+# MaxStandbyConThreads: 8
+MaxConThreads: 120
+#
+# - static data that doesn't change silently ont he server (PFilePattern)
+# - volatile data that can be changed like every hour (VFilePattern)
+# - special static data that shared some file names with volatile data,
+#   and in doubt should be identified as static (SPfilePattern)
+# - a "whitelist pattern" with hints for the regular expiration job telling
+#   to keep the files even if they are not referenced by others, like crypto
+#   signatures with which clients begin their downloads (WfilePattern)
+#
+VfilePatternEx: (metalink\?repo=[0-9a-zA-Z-]+&arch=[0-9a-zA-Z_-]+|/\?release=[0-9]+&arch=|repodata/.*\.(xml|sqlite)\.(gz|bz2)|APKINDEX.tar.gz|filelists\.xml\.gz|filelists\.sqlite\.bz2|repomd\.xml|packages\.[a-zA-Z][a-zA-Z]\.gz)
+PfilePatternEx: (/dists/.*/by-hash/.*|\.tgz|\.tar|\.xz|\.bz2|\.rpm|\.apk)$
+# WfilePatternEx:
+# SPfilePatternEx:
+
+Debug:1
+# ExposeOrigin: 0
+# LogSubmittedOrigin: 0
+# UserAgent: Yet Another HTTP Client/1.2.3p4
+# RecompBz2: 0
+# NetworkTimeout: 60
+
+# DontCacheRequested: linux-.*_10\...\.Custo._i386
+# DontCacheRequested: 192.168.0 ^10\..* 172.30
+# DontCacheResolved: ubuntumirror.local.net
+DontCache: mirrorlist.centos.org
+
+# DirPerms: 00755
+# FilePerms: 00664
+
+LocalDirs: acng-doc /usr/share/doc/apt-cacher-ng
+# PrecacheFor: debrep/dists/unstable/*/source/Sources* debrep/dists/unstable/*/binary-amd64/Packages*
+# RequestAppendix: X-Tracking-Choice: do-not-track\r\n
+# ConnectProto: v6 v4
+# KeepExtraVersions: 0
+# UseWrap: 0
+FreshIndexMaxAge: 300
+# AllowUserPorts: 80
+RedirMax: 6
+# VfileUseRangeOps is set for fedora volatile files on mirrors that dont to range
+VfileUseRangeOps: 0
+# PassThroughPattern: private-ppa\.launchpad\.net:443$
+# PassThroughPattern: .* # this would allow CONNECT to everything
+PassThroughPattern: (download\.docker\.com:443|repo\.saltstack\.com:443|yum\.dockerproject\.org:443|download\.docker\.com:443|registry\.npmjs\.org:443|registry\.yarnpkg\.com:443)$ # yarn/npm pkg, cant to http :/
+# ResponseFreezeDetectTime: 500
+# ReuseConnections: 1
+# PipelineDepth: 255
+# CApath: /etc/ssl/certs
+# CAfile:
+# OptProxyTimeout: -1
+# MaxDlSpeed: 500
+# MaxInresponsiveDlSize: 64000
+# BadRedirDetectMime: text/html
\ No newline at end of file
diff --git a/salt/master/init.sls b/salt/master/init.sls
index 581e0ddce..14d1edc71 100644
--- a/salt/master/init.sls
+++ b/salt/master/init.sls
@@ -19,6 +19,13 @@
 
 # Create the directories for apt-cacher-ng
 aptcacherconfdir:
+  file.directory:
+    - name: /opt/so/conf/aptcacher-ng/etc
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+aptcachercachedir:
   file.directory:
     - name: /opt/so/conf/aptcacher-ng/cache
     - user: 939
@@ -33,6 +40,12 @@ aptcacherlogdir:
     - makedirs: true
 
 # Copy the config
+
+acngcopyconf:
+  file.managed:
+    - name: /opt/so/conf/aptcacher-ng/etc/acng.conf
+    - source: salt://master/files/acng/acng.conf
+
 # Install the apt-cacher-ng container - TODO Create a so-docker for it
 so-aptcacherng:
   docker_container.running:
@@ -42,6 +55,7 @@ so-aptcacherng:
       - 0.0.0.0:3142:3142
     - binds:
       - /opt/so/conf/aptcacher-ng/cache:/var/cache/apt-cacher-ng:rw
+      - /opt/so/conf/aptcacher-ng/etc/acng.conf:/etc/apr-cacher-ng/acng.conf:ro
 
 
 # Create the config directory for the docker registry