#cloud-config
preserve_hostname: false
hostname: ${hostname}
salt-master: ${salt_master}
fqdn: ${fqdn}

# Write files happens early
write_files:
- content: |
    proxy=http://${proxy}:80
  path: /etc/yum.conf
  append: true
- content: |
    proxy_host: ${proxy}
    proxy_port: 80
  path: /etc/salt/minion.d/proxy.conf
- content: |
    [global]
    proxy=${proxy}
  path: /etc/pip.conf
- content: |
    export HTTPS_PROXY=http://${proxy}:80
    export HTTP_PROXY=http://${proxy}:80
    export NO_PROXY=localhost,127.0.0.1,169.254.169.254,pvt.xdrtest.accenturefederalcyber.com,pvt.xdr.accenturefederalcyber.com,reposerver.msoc.defpoint.local,jenkins.msoc.defpoint.local,pod1search-splunk-sh.msoc.defpoint.local,s3.amazonaws.com,ssm.${ aws_region }.amazonaws.com,ec2messages.${ aws_region }.amazonaws.com,ec2.${ aws_region }.amazonaws.com,ssmmessages.${ aws_region }.amazonaws.com,iratemoses.mdr.defpoint.com,jira.mdr.defpoint.com,reposerver.pvt.xdr.accenturefederalcyber.com,jenkins.pvt.xdr.accenturefederalcyber.com,pod1search-splunk-sh.pvt.xdr.accenturefederalcyber.com,reposerver.pvt.xdrtest.accenturefederalcyber.com,jenkins.pvt.xdrtest.accenturefederalcyber.com,pod1search-splunk-sh.pvt.xdrtest.accenturefederalcyber.com,iratemoses.xdr.accenturefederalcyber.com,jira.xdr.accenturefederalcyber.com,iratemoses.xdrtest.accenturefederalcyber.com,jira.xdrtest.accenturefederalcyber.com
    export https_proxy=$HTTPS_PROXY
    export http_proxy=$HTTP_PROXY
    export no_proxy=$NO_PROXY
  path: /etc/profile.d/proxy.sh
- content: |
    ${fqdn}
  path: /etc/salt/minion_id
- content: |
    master: ${salt_master}
  path: /etc/salt/minion
- content: |
    grains:
      environment: ${ environment }
      aws_partition: ${ aws_partition }
      aws_partition_alias: ${ aws_partition_alias }
      splunk_prefix: ${ splunk_prefix }
      aws_region: ${ aws_region }
  path: /etc/salt/minion.d/cloud_init_grains.conf

#yum_repos:
#  epel-release:
#    baseurl: http://download.fedoraproject.org/pub/epel/7/$basearch
#    enabled: false
#    failovermethod: priority
#    gpgcheck: true
#    gpgkey: http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
#    name: Extra Packages for Enterprise Linux 7 - Release

packages:
 - vim

package_update: true # Always patch

growpart:
  mode: auto
  devices: [ '/', '/var', '/var/log', '/var/log/audit', '/var/tmp', '/tmp', '/home' ]
  ignore_growroot_disabled: false

runcmd:
 - /bin/systemctl restart salt-minion
 - /bin/systemctl enable salt-minion
 - /bin/systemctl start amazon-ssm-agent
 - /bin/systemctl enable amazon-ssm-agent
 - /usr/sbin/aide --update --verbose=0
 - /bin/cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

# Either final message or power state, but probably not both
final_message: "The system is up after $UPTIME seconds"
#power_state:
#  delay: "+30"
#  mode: reboot
#  message: "System configured after $UPTIME seconds"
#  timeout: 300
#  condition: true