forked from dseira/rundeck-formula
-
Notifications
You must be signed in to change notification settings - Fork 7
/
pillar.example
147 lines (137 loc) · 4.83 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
rundeck:
# this file illustrates site-specific data
pkg:
use_upstream: war
version: '3.3.6-20201111'
profile:
# /etc/sysconfig/rundeckd (centos) or /etc/default/rundeckd (ubuntu); ftpstyle o
# ftp-style or template
# source_path: salt://rundeckd-profile-file
RDECK_JVM: '$RDECK_JVM -Drundeck.jetty.connector.forwarded=true'
RDECK_HTTPS_PORT: '443'
config:
# rundeck-config.properties; ftp-style or template
# source_path: salt://rundeck-config-file
server_url: http://localhost:4440
datasource:
dbcreate: 'update'
url: 'jdbc:mysql://1.1.1.1/rundeck?autoReconnect=true'
username: 'rundeckuser'
password: 'cPjyvcuWbb83r3yS'
drivercn: 'com.mysql.jdbc.Driver'
sync_ldap_user: True
# all other opts that aren't matched above can be inserted with the following option:
# extra_opts:
# option1: 'value1'
# option2: 'value2'
extra_opts:
rundeck.projectsStorageType: 'filesystem'
# OPTIONAL - framework.properties
# if set up, you must provide a server uuid, if not it will fails to avoid
# same uuid for different servers
framework:
# ftp-style or template
# source_path: salt://asdfasdfsdf
server_name: 'localhost'
server_hostname: 'localhost'
server_port: '4440'
server_url: 'http://localhost:4440'
rdeck_base: '/var/lib/rundeck'
projects_dir: '/var/rundeck/projects'
etc_dir: '/etc/rundeck '
var_dir: '/var/lib/rundeck/var'
tmp_dir: '/var/lib/rundeck/var/tmp'
logs_dir: '/var/lib/rundeck/logs'
libext_dir: '/var/lib/rundeck/libext'
ssh_keypath: '/var/lib/rundeck/.ssh/id_rsa'
ssh_user: 'rundeck'
ssh_timeout: '0'
server_uuid: 'a2b03d4e-72d9-4be8-b395-180768cb0dcf' # required
login:
# jaas-loginmodule.conf
# ftp-style or templated
# source_path: salt://path-to-jass-loginmodule.conf
file:
flag: required # OPTIONAL: Default: required
debug: False
use_first_pass: True
try_first_pass: True
store_pass: True
clear_pass: True
case_insensitive: True
refresh_interval: 10
file: '/etc/rundeck/realm.properties'
pam:
flag: requisite
debug: False
service: sshd
use_unix_groups: True
supplemental_roles: "readonly,testing"
ldap:
flag: sufficient
debug: True
context_factory: 'com.sun.jndi.ldap.LdapCtxFactory'
provider_url: 'ldap://server:389'
bind_dn: 'cn=Manager,dc=example,dc=com'
bind_password: 'secret'
authentication_method: 'simple'
force_binding_login: False
force_binding_login_use_root_context_for_roles: False
user_base_dn: 'ou=People,dc=test1,dc=example,dc=com'
user_rdn_attribute: 'uid'
user_id_attribute: 'uid'
user_password_attribute: 'userPassword'
user_object_class: 'account'
user_last_name_attribute: 'sn'
user_first_name_attribute: 'givenName'
user_email_attribute: 'mail'
role_base_dn: 'ou=Groups,dc=test1,dc=example,dc=com'
role_name_attribute: 'cn'
role_username_member_attribute: 'memberUid'
role_member_attribute: 'memberUid'
role_object_class: 'posixGroup'
role_prefix: 'rundeck_'
cache_duration_millis: '300000'
supplemental_roles: 'user'
report_statistics: True
timeout_read: '10000'
timeout_connect: '20000'
nested_groups: False
ignore_roles: True
store_pass: True
clear_pass: True
use_first_pass: True
try_first_pass: True
realm:
# realm.properties; ftp-style or templated
# Is optional because if the jaas-loginmodule is configured with
# refreshInterval it is not needed to restart the service.
# source_path: salt://users_file
users:
admin:
password: MD5:asdfasdflkajsdfñlasjdf
groups:
- admin
- user
user1:
password: MD5:asdfasdfasdfasdfasdfasdf
groups:
- user
sshkey:
# optional, upload keys to rundeck-server
/var/lib/rundeck/.ssh:
# id_rsa
private: |
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
# id_rsa.pub
public:
- ssh-rsa AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
plugins:
slack:
source: https://github.com/rundeck-plugins/slack-incoming-webhook-plugin/releases/download/v1.1/slack-incoming-webhook-plugin-1.1.jar
salt:
source: https://github.com/rundeck-plugins/salt-step/releases/download/0.3/rundeck-salt-plugin-0.3.jar