Get started#

Note

Only follow the Development Guides if you will be configuring or deploying servers. If you are simply using services, read the User Guides.

1. Install dependencies#

Follow the Salt install guide to install Salt on your platform.

Note

On at least macOS, you should stop the Salt minion service:

launchctl stop com.saltstack.salt.minion

and disable the Salt Stack, Inc. login item (System Settings… > General > Login Items).

Click must be available to Salt’s environment:

sudo salt-pip install click

2. Clone repositories#

You must first have access to three private repositories. Contact an owner of the open-contracting organization on GitHub for access. Then:

git clone git@github.com:open-contracting/deploy.git
git clone git@github.com:open-contracting/deploy-pillar-private.git deploy/pillar/private
git clone git@github.com:open-contracting/deploy-salt-private.git deploy/salt/private
git clone git@github.com:open-contracting/dogsbody-maintenance.git deploy/salt/maintenance

3. Add your public SSH key to remote servers#

Tip

To generate an SSH key pair (if they do not already exist):

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

This creates both public (~/.ssh/id_rsa.pub) and private (~/.ssh/id_rsa) keys.

Add your public SSH key to the ssh.root list in the target’s Pillar file, or to the ssh.admin list in the pillar/common.sls file if you require root access to all servers. For example:

vi pillar/common.sls
git commit pillar/common.sls -m "ssh: Add public key for Jane Doe"
git push origin main

Then, ask James or Yohanna to deploy your public SSH key to the relevant servers. For example:

./run.py '*' state.sls_id root_authorized_keys core.sshd

4. Configure Salt for non-root user#

Run:

./script/setup

This overwrites the files:

  • salt-config/master.d/localuser.conf

  • salt-config/master

  • salt-config/pki/ssh/salt-ssh.rsa.pub

  • salt-config/pki/ssh/salt-ssh.rsa

  • Saltfile

Note

On macOS, you might need to move Saltfile to ~/.salt/Saltfile.

This script assumes your SSH key pair is ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa.

You’re now ready to Deploy a service.