Skip to content

Instantly share code, notes, and snippets.

@UtahCampusD

UtahCampusD/pillar.items

Created December 8, 2016 17:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save UtahCampusD/580b8bb612ba7e791b476373535bef45 to your computer and use it in GitHub Desktop.
Save UtahCampusD/580b8bb612ba7e791b476373535bef45 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
pillar.items
[atiliomedina as root@hllibisphtrac:~ ]$ salt-call pillar.items
local:
----------
_errors:
- Rendering Primary Top file failed, render error:
Jinja error: campusd.sls
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/salt/utils/templates.py", line 368, in render_jinja_tmpl
output = template.render(**decoded_context)
File "/usr/lib/python2.7/site-packages/jinja2/environment.py", line 969, in render
return self.environment.handle_exception(exc_info, True)
File "/usr/lib/python2.7/site-packages/jinja2/environment.py", line 742, in handle_exception
reraise(exc_type, exc_value, tb)
File "<template>", line 2, in top-level template code
File "/usr/lib/python2.7/site-packages/salt/utils/jinja.py", line 135, in get_source
raise TemplateNotFound(template)
TemplateNotFound: campusd.sls
; line 2
---
{% if 'campus' in grains %}
{% import_yaml grains['campus']|lower+'.sls' as topfile %} <======================
test:
{%- for target in topfile.test %}
'{{ target }}':
{%- for rule in topfile.test[target] %}
{% if rule is mapping %}
[...]
---
absent-standard-users:
----------
jlingo:
----------
fullname:
Johnny Lingo
gid:
555
groups:
- users
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx
uid:
555
absent-sysadmin-users:
----------
jryan:
----------
fullname:
Jack Ryan
gid:
1002
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uid:
1002
append-chains-defaults-iptables:
----------
DTSACCEPT_INPUT-LOG:
----------
chain:
DTSACCEPT_INPUT
jump:
LOG
log-level:
5
log-prefix:
IPv4_INPUT
table:
filter
DTSACCEPT_INPUT-POLICY:
----------
chain:
DTSACCEPT_INPUT
jump:
ACCEPT
table:
filter
DTSDROP_INPUT-LOG:
----------
chain:
DTSDROP_INPUT
jump:
LOG
log-level:
4
log-prefix:
DTSDROP
table:
filter
DTSDROP_INPUT-POLICY:
----------
chain:
DTSDROP_INPUT
jump:
DROP
table:
filter
ESTABLISHED-RELATED:
----------
chain:
INPUT
comment:
Accept established connections.
connstate:
ESTABLISHED,RELATED
jump:
ACCEPT
match:
state
table:
filter
LO-INT:
----------
chain:
INPUT
comment:
Accept local loopback.
in-interface:
lo
jump:
ACCEPT
table:
filter
deny-defaults-iptables:
----------
default-deny:
----------
chain:
INPUT
comment:
Default deny.
jump:
DTSDROP_INPUT
table:
filter
policy-chains-defaults-iptables:
----------
FORWARD-POLICY:
----------
chain:
FORWARD
policy:
DROP
INPUT-POLICY:
----------
chain:
INPUT
policy:
ACCEPT
OUPUT-POLICY:
----------
chain:
OUTPUT
policy:
ACCEPT
present-chains-defaults-iptables:
----------
DTSACCEPT_INPUT:
----------
name:
DTSACCEPT_INPUT
table:
filter
DTSDROP_INPUT:
----------
name:
DTSDROP_INPUT
table:
filter
FORWARD:
----------
name:
FORWARD
table:
filter
INPUT:
----------
name:
INPUT
table:
filter
OUTPUT:
----------
name:
OUPUT
table:
filter
present-shared-groups:
----------
dadmins:
----------
gid:
777
name:
dadmins
sysadmins:
----------
gid:
1337
name:
sysadmins
present-sysadmin-users:
----------
atiliomedina:
----------
fullname:
Atilio Medina
gid:
506
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uid:
506
davidwright:
----------
fullname:
David Wright
gid:
505
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXxxx
uid:
505
dford:
----------
fullname:
Donny Ford
gid:
500
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXxx
uid:
500
dhert:
----------
fullname:
David Hert
gid:
501
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uid:
501
koungheng:
----------
fullname:
Koung Heng
gid:
502
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.
uid:
502
mluce:
----------
fullname:
Matt Luce
gid:
503
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx
uid:
503
root:
----------
enforce_password:
True
fullname:
Root
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
trnielson:
----------
fullname:
Thomas Nielson
gid:
504
groups:
- wheel
- sshd
- dadmins
password:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx
uid:
504
present-system-groups:
----------
wheel:
----------
gid:
10
name:
wheel
rate-icmp-defaults-iptables:
----------
icmp-rate:
----------
chain:
INPUT
comment:
Accept rate limited ICMP
icmp-type:
8
jump:
DTSACCEPT_INPUT
limit:
10/second
match-limit:
limit
match-proto:
icmp
proto:
icmp
table:
filter
security-engines-defaults-iptables:
----------
security-servers:
----------
hosts:
- 172.16.28.70/32
- 172.16.28.73/32
- 172.16.28.74/32
- 172.16.28.75/32
- 172.16.28.76/32
- 172.16.28.77/32
- 168.179.79.45/32
- 172.23.150.138/32
ssh-servers-custom-iptables:
----------
11-10-2016-SSH:
----------
hosts:
- 168.179.99.176/28
- 172.23.163.245/32
sysadmins-ssh-defaults-iptables:
----------
internal-network:
----------
chain:
INPUT
comment:
Allow sysadmins network ssh.
connstate:
NEW
dport:
22
jump:
DTSACCEPT_INPUT
match-connstate:
state
match-proto:
tcp
proto:
tcp
source:
172.23.150.128/27
table:
filter
vpn-network:
----------
chain:
INPUT
comment:
Allow sysadmin vpn ssh.
connstate:
NEW
dport:
22
jump:
DTSACCEPT_INPUT
match-connstate:
state
match-proto:
tcp
proto:
tcp
source:
165.239.162.48/28
table:
filter
timestamp-icmp-defaults-iptables:
----------
timestamp-reply:
----------
chain:
OUTPUT
comment:
Drop timestamp replies
icmp-type:
timestamp-reply
jump:
DROP
match:
icmp
proto:
icmp
table:
filter
timestamp-request:
----------
chain:
INPUT
comment:
Drop timestamp requests
icmp-type:
timestamp-request
jump:
DTSDROP_INPUT
match:
icmp
proto:
icmp
table:
filter
tsm-clients-defaults-iptables:
----------
hosts-and-ports:
----------
hosts:
- 172.23.150.128/27
- 165.239.162.48/28
ports:
- 1581
tsm-servers-defaults-iptables:
----------
hosts-and-ports:
----------
hosts:
- 168.177.7.20/32
- 168.177.7.21/32
- 168.177.7.22/32
- 168.177.7.23/32
- 168.177.7.24/32
- 168.177.7.25/32
- 168.177.7.26/32
- 168.177.7.27/32
- 168.177.7.28/32
- 168.177.7.29/32
- 168.178.227.228/32
ports:
- 1500
- 1501
- 1502
- 1503
- 2123
- 2124
uptime-servers-defaults-iptables:
----------
servers-and-ports:
----------
hosts:
- 168.177.4.128/26
ports:
- 9997
- 9998
web-admins-defaults-iptables:
----------
hosts-and-ports:
----------
hosts:
- 172.23.150.128/27
- 165.239.162.48/28
ports:
- 80
- 443
- 8080
- 8443
- 10000
web-servers-custom-iptables:
----------
11-10-2016-HTTP-HTTPS:
----------
destination:
0.0.0.0/0
hosts:
- 168.177.89.8/32
- 168.177.89.9/32
ports:
- 80
- 443
proto:
tcp
zabbix-servers-defaults-iptables:
----------
servers-and-ports:
----------
hosts:
- 168.177.4.150/32
- 168.177.4.137/32
ports:
- 10050
[atiliomedina as root@hllibisphtrac:~ ]$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment