Salt Stack SCCM

Salt Stack

install

salt master

installed on linux vm inside proxmox

sudo chown -R youruser:youruser /srv/salt

check master
systemctl status salt-master

salt minions

connect a windows minion with the name surface3
sudo salt-key -L
sudo salt-key -a surface3

sudo salt '*' test.ping
sudo salt surface3 grains.items
sudo salt surface3 pkg.list_pkgs
install salt minion on ubuntu regmonitor
sudo apt-get install salt-minion
sudo systemctl enable salt-minion
sudo systemctl start salt-minion
sudo nano /etc/salt/minion.d/master.conf
(add a line: "master: regsaltmaster.regserver")

connect is identical to windows minions

use salt

  • files are in /srv/salt

install on synology

(not used anymore, possible) * use container manager

other samples

sudo salt 'surface3' state.apply clients.swupdate
srv/salt/clients/swupdate.sls, update windows software
{% if grains['os_family'] == 'Windows' %}

bootstrap_chocolatey:
  chocolatey.bootstrapped

upgrade_keepass:
  chocolatey.upgraded:
    - name: keepass

upgrade_veracrpyt:
  chocolatey.upgraded:
    - name: veracrypt

upgrade_winscp:
  chocolatey.upgraded:
    - name: winscp

upgrade_7zip:
  chocolatey.upgraded:
    - name: 7zip


{% else %}
not_applicable:
  test.show_notification:
    - text: "chocolatey upgrades is for Windows systems only."
{% endif %}
sudo salt 'surface3' state.apply clients.winupdate
srv/salt/clients/winupdate.sls, install windows updates
install_windows_updates:
  module.run:
    - name: win_wua.install
    - categories:
      - SecurityUpdates
      - CriticalUpdates
      - UpdateRollups
    - reboot: False