From 1192dbd5305c190460effdc28ccbd85d79427cf7 Mon Sep 17 00:00:00 2001 From: Pete Date: Wed, 31 Jan 2024 09:01:56 -0500 Subject: [PATCH 1/2] also remove intca symlink The symlink is created in init.sls; it should be removed here. --- salt/ssl/remove.sls | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/salt/ssl/remove.sls b/salt/ssl/remove.sls index 43a245288..7738490e5 100644 --- a/salt/ssl/remove.sls +++ b/salt/ssl/remove.sls @@ -2,6 +2,10 @@ trusttheca: file.absent: - name: /etc/pki/tls/certs/intca.crt +symlinkca: + file.absent: + - name: /etc/ssl/certs/intca.crt + influxdb_key: file.absent: - name: /etc/pki/influxdb.key From 7a29b3a529cd3ddb60e2b2a144d6b8861cac524e Mon Sep 17 00:00:00 2001 From: Pete Date: Fri, 2 Feb 2024 08:45:01 -0500 Subject: [PATCH 2/2] call salt before stopping salt services salt-call does not work when the salt-master is not running. If these calls are to succeed, they should occur before the salt services are stopped. --- setup/so-functions | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index d19f27620..717ec0ce4 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1600,6 +1600,9 @@ reinstall_init() { salt-call -l info saltutil.kill_all_jobs --local fi + logCmd "salt-call state.apply ca.remove -linfo --local --file-root=../salt" + logCmd "salt-call state.apply ssl.remove -linfo --local --file-root=../salt" + # Kill any salt processes (safely) for service in "${salt_services[@]}"; do # Stop the service in the background so we can exit after a certain amount of time @@ -1621,9 +1624,6 @@ reinstall_init() { done done - logCmd "salt-call state.apply ca.remove -linfo --local --file-root=../salt" - logCmd "salt-call state.apply ssl.remove -linfo --local --file-root=../salt" - # Remove all salt configs rm -rf /etc/salt/engines/* /etc/salt/grains /etc/salt/master /etc/salt/master.d/* /etc/salt/minion /etc/salt/minion.d/* /etc/salt/pki/* /etc/salt/proxy /etc/salt/proxy.d/* /var/cache/salt/