I develop the Salt scripts against a local VM. Once it is time to deploy remotely the process is as follows:
- Start up the VM with provider of choice (I use and recommend Bytemark)
- Log in via SSH
- Add the appropriate Saltstack Package Repoisitory
apt-get install salt-minion
- Configure the SaltStack Minion to run masterless: edit
/etc/salt/minionand ensure that
file_client: localis set.
- Tar up the SaltStack configuration files you’ve created,
scpthem across to the server, and
tar xzfthem out into
salt-call --local state.apply
- Now wait a bit. Hopefully there won’t be any errors.
systemctl restart exim4
Check that everything is working. netstat -nlpt should show that ports 22, 25, 143 and 993 are open to the Internet. Port 783 (Spam Assassin) should only be available on 127.0.0.1.
Try connecting with telnet and/or your email client. Ensure that STARTTLS is working as expected – you don’t want to be sending email or your credentials across the Internet.
Once you are happy that everything is as expected you’ll need to refine your logcheck rules and then enjoy!