Make Vagrantfile work again

[vagrant-mail.git] / test-vagrant-salt / Vagrantfile

diff --git a/test-vagrant-salt/Vagrantfile b/test-vagrant-salt/Vagrantfile
index 46c7514..25fbaf3 100644 (file)
--- a/test-vagrant-salt/Vagrantfile
+++ b/test-vagrant-salt/Vagrantfile
@@ -13,12 +13,17 @@ Vagrant.configure(2) do |config|
     gateway_config.vm.network "private_network", ip: "192.168.33.2"
     gateway_config.vm.synced_folder "salt/", "/srv/salt"
 
+    # Salt bootstrap needs Python and SSL certificates
+    gateway_config.vm.provision :shell,
+      inline: "sudo apt-get -qq update && sudo apt-get install -qqy python ca-certificates"
+
     gateway_config.vm.provision :salt do |salt|
       salt.minion_config = "saltconfig"
       salt.install_type = "stable"
       salt.masterless = true
       salt.verbose = true
       salt.colorize = true
+      salt.run_highstate = true
       # https://github.com/mitchellh/vagrant/issues/5973#issuecomment-137276605
       salt.bootstrap_options = "-F -c /tmp/ -P"
     end
@@ -33,15 +38,22 @@ Vagrant.configure(2) do |config|
     testvm_config.vm.synced_folder "saltpillar/", "/srv/saltpillar"
 
     # Change the default route to the gateway VM
-    testvm_config.vm.provision "shell",
+    # The host may need to adjust its firewall to prevent packets between VMs from being NAT'ed:
+    #     iptables -t nat -I POSTROUTING -o 'virbr+' -s 192.168.33.0/24 -j RETURN
+    testvm_config.vm.provision :shell,
       inline: "sudo ip route delete default ; sudo ip route add default via 192.168.33.2"
 
+    # Salt bootstrap needs SSL certificates
+    testvm_config.vm.provision :shell,
+      inline: "sudo apt-get -qq update && sudo apt-get install -qqy ca-certificates"
+
     testvm_config.vm.provision :salt do |salt|
       salt.minion_config = "saltconfig"
       salt.install_type = "stable"
       salt.masterless = true
       salt.verbose = true
       salt.colorize = true
+      salt.run_highstate = true
       salt.bootstrap_options = "-F -c /tmp/ -P"
     end
   end