saltstack

Prerequisites: Have a nginx reverse proxy (which is managed by salt) Have at least 2 websites / apps you want to reverse proxy serve Introduction Oke, this blogging is kinda cool. So here’s one more just before the weekend. In my personal evironment I have some VM’s, hypervisor, NAS en k8s deployments which i want to be reachable. I used to do this manually in apache with 301 redirects. But that was in an age when Ben Hur was still alive and kicking. [Read More]

Prerequisites: Have a nginx vm, container or pod / deployment Have at least 2 servers for backend purposes Introduction As I like to toy around with salt I decided to leave my nginx vm intact rather than migrate it to a k8s deployment. However when I added an extra node to my k3s cluster, it made me realize I should have som form of loadbalancing in the event that one of the nodes goes down. [Read More]

Prerequisites: Have a salt master and a salt minion configured Have data which you want gpg encrypted Introduction I presume that anyone reading this blog is aware that it is not done to paste plaintext passwords in code (commited to git) (albeit a prive repo or not). Therefore since the release of salt 2016.3.0 it is possible to encrypt sensitive data with gpg keys. Short introduction to gpg: Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. [Read More]

Prerequisites: Have a salt master and a salt minion configured Introduction Automated updates of your VM’s are a blessing. You can schedule them from your salt master from within the pillar data Create a schedule in pillar Create a dir and file mkdir /srv/pillar/schedule touch /srv/pillar/schedule/update.sls Place the following file in update.sls: schedule: update: maxrunning: 1 run_on_start: False function: state.apply args: - 'base.updates' when: - Wednesday 13:30 Add the following to your top. [Read More]