small cleanup

2025-12-06 17:22:49 +01:00 · 2023-02-27 14:12:26 -05:00
parent 9967e91825
commit aa7b05d639
5 changed files with 1 additions and 126 deletions
--- a/salt/allowed_states.map.jinja
+++ b/salt/allowed_states.map.jinja
@@ -251,13 +251,6 @@
    {% do allowed_states.append('redis') %}
  {% endif %}
  {% if grains.os == 'Rocky' %}
    {% if not ISAIRGAP %}
      {% do allowed_states.append('yum') %}
    {% endif %}
    {% do allowed_states.append('yum.packages') %}
  {% endif %}
  {# all nodes on the right salt version can run the following states #}
  {% do allowed_states.append('common') %}
  {% do allowed_states.append('patch.os.schedule') %}
--- a/salt/manager/files/acng/acng.conf
+++ b/salt/manager/files/acng/acng.conf
@@ -1,96 +0,0 @@
 # This is a configuration file for apt-cacher-ng, a smart caching proxy for
 CacheDir: /var/cache/apt-cacher-ng
 LogDir: /var/log/apt-cacher-ng
 Port: 3142
 # BindAddress: localhost 192.168.7.254 publicNameOnMainInterface
 Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives
 Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu.us # Ubuntu Archives
 Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file or specify preferred mirrors here
 Remap-alxrep: file:archlx_mirrors /archlinux # ; file:backend_archlx # Arch Linux
 Remap-centosmirrorlist: mirrorlist.centos.org
 Remap-centos: file:centos_mirrors ; file:backends_centos.us # Fedora Linux
 Remap-fedora: file:fedora_mirrors ; file:backends_fedora.us # Fedora Linux
 Remap-epel:   file:epel_mirrors ; file:backends_epel.us # Fedora EPEL
 Remap-slrep:  file:sl_mirrors # Scientific Linux
 Remap-gentoo: file:gentoo_mirrors.gz /gentoo ; file:backends_gentoo # Gentoo Archives
 #Remap-alpine: file:alpine_mirrors /alpine #; dl-cdn.alpinelinux.org # Alpine Archives
 Remap-alpine: dl-cdn.alpinelinux.org
 Remap-yarn:   registry.yarnpkg.com
 Remap-npm:    registry.npmjs.org
 Remap-node:   nodejs.org
 Remap-apache: file:apache_mirrors ; file:backends_apache.us
 Remap-salt:   repo.saltstack.com; https://repo.saltstack.com
 Remap-securityonion: http://repocache.securityonion.net ; file:securityonion
 # Remap-secdeb: security.debian.org
 ReportPage: acng-report.html
 # SocketPath:/var/run/apt-cacher-ng/socket
 UnbufferLogs: 1
 VerboseLog: 1
 ForeGround: 1
 # PidFile: /var/run/apt-cacher-ng/pid
 # Offlinemode: 0
 # ForceManaged: 0
 ExTreshold: 8
 # ExAbortOnProblems: 1
 # ExSuppressAdminNotification: 1
 # StupidFs: 0
 # ForwardBtsSoap: 1
 # DnsCacheSeconds: 1800
 # MaxStandbyConThreads: 8
 MaxConThreads: 120
 #
 # - static data that doesn't change silently ont he server (PFilePattern)
 # - volatile data that can be changed like every hour (VFilePattern)
 # - special static data that shared some file names with volatile data,
 #   and in doubt should be identified as static (SPfilePattern)
 # - a "whitelist pattern" with hints for the regular expiration job telling
 #   to keep the files even if they are not referenced by others, like crypto
 #   signatures with which clients begin their downloads (WfilePattern)
 #
 VfilePatternEx: (metalink\?repo=[0-9a-zA-Z-]+&arch=[0-9a-zA-Z_-]+|/\?release=[0-9]+&arch=|repodata/.*\.(xml|sqlite)\.(gz|bz2)|APKINDEX.tar.gz|filelists\.xml\.gz|filelists\.sqlite\.bz2|repomd\.xml|packages\.[a-zA-Z][a-zA-Z]\.gz)
 PfilePatternEx: (/dists/.*/by-hash/.*|\.tgz|\.tar|\.xz|\.bz2|\.rpm|\.apk)$
 # WfilePatternEx:
 # SPfilePatternEx:
 Debug:1
 # ExposeOrigin: 0
 # LogSubmittedOrigin: 0
 # UserAgent: Yet Another HTTP Client/1.2.3p4
 # RecompBz2: 0
 # NetworkTimeout: 60
 # DontCacheRequested: linux-.*_10\...\.Custo._i386
 # DontCacheRequested: 192.168.0 ^10\..* 172.30
 # DontCacheResolved: ubuntumirror.local.net
 DontCache: mirrorlist.centos.org
 # DirPerms: 00755
 # FilePerms: 00664
 LocalDirs: acng-doc /usr/share/doc/apt-cacher-ng
 # PrecacheFor: debrep/dists/unstable/*/source/Sources* debrep/dists/unstable/*/binary-amd64/Packages*
 # RequestAppendix: X-Tracking-Choice: do-not-track\r\n
 # ConnectProto: v6 v4
 # KeepExtraVersions: 0
 # UseWrap: 0
 FreshIndexMaxAge: 300
 # AllowUserPorts: 80
 RedirMax: 6
 # VfileUseRangeOps is set for fedora volatile files on mirrors that dont to range
 VfileUseRangeOps: -1
 # PassThroughPattern: private-ppa\.launchpad\.net:443$
 # PassThroughPattern: .* # this would allow CONNECT to everything
 PassThroughPattern: (repo\.securityonion\.net:443|download\.docker\.com:443|mirrors\.fedoraproject\.org:443|packages\.wazuh\.com:443|repo\.saltstack\.com:443|repo\.saltproject\.io:443|yum\.dockerproject\.org:443|download\.docker\.com:443|registry\.npmjs\.org:443|registry\.yarnpkg\.com:443)$ # yarn/npm pkg, cant to http :/
 # ResponseFreezeDetectTime: 500
 # ReuseConnections: 1
 # PipelineDepth: 255
 # CApath: /etc/ssl/certs
 # CAfile:
 # OptProxyTimeout: -1
 # MaxDlSpeed: 500
 # MaxInresponsiveDlSize: 64000
 # BadRedirDetectMime: text/html
 {% set proxy = salt['pillar.get']('manager:proxy') -%}
 {% if proxy -%}
 Proxy: {{ proxy }}
 {% endif -%}
--- a/salt/mysql/init.sls
+++ b/salt/mysql/init.sls
@@ -106,20 +106,6 @@ so-mysql:
    - require:
      - file: mysqlcnf
      - file: mysqlpass
  cmd.run:
    - name: until nc -z {{ GLOBALS.manager }} 3306; do sleep 1; done
    - timeout: 600
    - onchanges:
      - docker_container: so-mysql
  module.run:
    - onchanges:
      - cmd: so-mysql
 append_so-mysql_so-status.conf:
  file.append:
    - name: /opt/so/conf/so-status/so-status.conf
    - text: so-mysql
 {% endif %}
 {% else %}
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -28,10 +28,6 @@ base:
    - salt.minion-state-apply-test
    - salt.minion
  'G@os:Rocky and G@saltversion:{{saltversion}}':
    - match: compound
    - yum.packages
  '* and G@saltversion:{{saltversion}}':
    - match: compound
    - salt.minion
--- a/salt/yum/packages.sls
+++ b/salt/yum/packages.sls
@@ -1,4 +0,0 @@
 install_yum_utils:
  pkg.installed:
    - name: yum-utils