3 # This class installs ferm and sets up rules
10 # realize (i.e. enable) all @ferm::rule virtual resources
14 File { mode => '0400' }
23 # Remove instead of purge ulogd because it deletes log files on purge.
29 status => '/bin/true',
32 $munin_ips = getfromhash($site::nodeinfo, 'misc', 'v4addrs')
33 .map |$addr| { "ip_${addr}" }
35 munin::check { $munin_ips: script => 'ip_', }
37 $munin6_ips = getfromhash($site::nodeinfo, 'misc', 'v6addrs')
38 .map |$addr| { "ip_${addr}" }
39 munin::ipv6check { $munin6_ips: }
41 # get rid of old stuff
42 $munin6_ip6s = split(regsubst($::v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
43 munin::check { $munin6_ip6s: ensure => absent }
47 notify => Service['ferm'],
48 require => Package['ferm'],
51 file { '/etc/ferm/dsa.d':
57 source => 'puppet:///files/empty/',
59 file { '/etc/ferm/conf.d':
65 source => 'puppet:///files/empty/',
67 file { '/etc/default/ferm':
68 source => 'puppet:///modules/ferm/ferm.default',
69 require => Package['ferm'],
70 notify => Service['ferm'],
73 file { '/etc/ferm/ferm.conf':
74 content => template('ferm/ferm.conf.erb'),
75 notify => Service['ferm'],
77 file { '/etc/ferm/conf.d/00-init.conf':
78 content => template('ferm/00-init.conf.erb'),
79 notify => Service['ferm'],
81 file { '/etc/ferm/conf.d/me.conf':
82 content => template('ferm/me.conf.erb'),
83 notify => Service['ferm'],
85 file { '/etc/ferm/conf.d/defs.conf':
86 content => template('ferm/defs.conf.erb'),
87 notify => Service['ferm'],
89 file { '/etc/ferm/conf.d/interfaces.conf':
90 content => template('ferm/interfaces.conf.erb'),
91 notify => Service['ferm'],
93 augeas { 'logrotate_ulogd2':
94 context => '/files/etc/logrotate.d/ulogd2',
96 'set rule/schedule daily',
97 'set rule/delaycompress delaycompress',
99 'set rule/ifempty notifempty',
102 file { '/etc/logrotate.d/ulogd':
105 file { '/etc/logrotate.d/ulogd.dpkg-bak':
108 file { '/etc/logrotate.d/ulogd.dpkg-dist':