Salt States can aggressively manipulate files on a system. There are a number of ways in which files can be managed.
Regular files can be enforced with the managed function. This function downloads files from the salt master and places them on the target system. The downloaded files can be rendered as a jinja or mako template adding a dynamic component to file management. An example of file.managed which makes use of the jinja templating system would look like this:
/etc/http/conf/http.conf:
file.managed:
- source: salt://apache/http.conf
- user: root
- group: root
- mode: 644
- template: jinja
- context:
custom_var: "override"
- defaults:
custom_var: "default value"
other_var: 123
Directories can be managed via the directory function. This function can create and enforce the permissions on a directory. A directory statement will look like this:
/srv/stuff/substuf:
file.directory:
- user: fred
- group: users
- mode: 755
- makedirs: True
If you need to enforce user and/or group ownership recursively on the directory's contents, you can do so by adding a recurse directive:
/srv/stuff/substuf:
file.directory:
- user: fred
- group: users
- mode: 755
- makedirs: True
- recurse:
- user
- group
Symlinks can be easily created, the symlink function is very simple and only takes a few arguments:
/etc/grub.conf:
file.symlink:
- target: /boot/grub/grub.conf
Recursive directory management can also be set via the recurse function. Recursive directory management allows for a directory on the salt master to be recursively copied down to the minion. This is a great tool for deploying large code and configuration systems. A recuse state would look something like this:
/opt/code/flask:
file.recurse:
- source: salt://code/flask
Members
Verify that the named file or directory is absent, this will work to reverse any of the functions in the file state module.
Ensure that some text appears at the end of a file
The text will not be appended again if it already exists in the file. You may specify a single line of text or a list of lines to append.
Multi-line example:
/etc/motd:
file.append:
- text: |
Thou hadst better eat salt with the Philosophers of Greece,
than sugar with the Courtiers of Italy.
- Benjamin Franklin
Multiple lines of text:
/etc/motd:
file.append:
- text:
- Trust no one unless you have eaten much salt with him.
- Salt is born of the purest of parents: the sun and the sea.
New in version 0.9.5.
Usage:
/etc/fstab:
file.comment:
- regex: ^bind 127.0.0.1
New in version 0.9.5.
Ensure that a named directory is present and has the right perms
Manage a given file, this function allows for a file to be downloaded from the salt master and potentially run through a templating system.
The source file to download to the minion, this source file can be hosted on either the salt master server, or on an http or ftp server. For files hosted on the salt file server, if the file is located on the master in the directory named spam, and is called eggs, the source string is salt://spam/eggs. If source is left blank or None, the file will be created as an empty file and the content will not be managed
If the file is hosted on a http or ftp server then the source_hash argument is also required
Combine multiple context managers into a single nested context manager.
This function has been deprecated in favour of the multiple manager form of the with statement.
The one advantage of this function over the multiple manager form of the with statement is that argument unpacking allows it to be used with a variable number of context managers as follows:
- with nested(*managers):
- do_something()
Recurse through a subdirectory on the master and copy said subdirecory over to the specified path.
Maintain a simple edit to a file
The file will be searched for the before pattern before making the edit and then searched for the after pattern to verify the edit was successful using salt.modules.file.contains. In general the limit pattern should be as specific as possible and before and after should contain the minimal text to be changed.
Usage:
# Disable the epel repo by default
/etc/yum.repos.d/epel.repo:
file.sed:
- before: 1
- after: 0
- limit: ^enabled=
# Remove ldap from nsswitch
/etc/nsswitch.conf:
file.sed:
- before: 'ldap'
- after: ''
- limit: '^passwd:'
New in version 0.9.5.
Create a symlink
Replicate the 'nix "touch" command to create a new empty file or update the atime and mtime of an existing file.
Usage:
/var/log/httpd/logrotate.empty:
file.touch
New in version 0.9.5.
Usage:
/etc/adduser.conf:
file.uncomment:
- regex: EXTRA_GROUPS
New in version 0.9.5.
Parse a URL into 6 components: <scheme>://<netloc>/<path>;<params>?<query>#<fragment> Return a 6-tuple: (scheme, netloc, path, params, query, fragment). Note that we don't break the components up in smaller bits (e.g. netloc is a single string) and we don't expand % escapes.