modules/ntp/manifests/init.pp

   1 class ntp {
   2     package { ntp: ensure => installed }
   3     file {
   4         "/var/lib/ntp/":
   5             ensure  => directory,
   6             owner   => ntp,
   7             group   => ntp,
   8             mode    => 755,
   9             require => Package["ntp"]
  10             ;
  11         "/var/lib/ntpstats":
  12             ensure  => directory,
  13             owner   => ntp,
  14             group   => ntp,
  15             mode    => 755,
  16             require => Package["ntp"]
  17             ;
  18         "/etc/ntp.conf":
  19             owner   => root,
  20             group   => root,
  21             mode    => 444,
  22             content => template("ntp/ntp.conf"),
  23             notify  => Exec["ntp restart"],
  24             require => Package["ntp"]
  25             ;
  26         "/etc/ntp.keys.d":
  27             owner   => root,
  28             group   => ntp,
  29             mode    => 750,
  30             ensure  => directory,
  31             ;
  32     }
  33     case getfromhash($nodeinfo, 'timeserver') {
  34         true: { }
  35         default: {
  36             file {
  37                 "/etc/default/ntp":
  38                     owner   => root,
  39                     group   => root,
  40                     mode    => 444,
  41                     source  => [ "puppet:///modules/ntp/etc-default-ntp" ],
  42                     require => Package["ntp"],
  43                     notify  => Exec["ntp restart"],
  44                     ;
  45
  46                 "/etc/ntp.keys.d/ntpkey_iff_merikanto":
  47                     owner   => root,
  48                     group   => root,
  49                     mode    => 444,
  50                     source  => [ "puppet:///modules/ntp/ntpkey_iff_merikanto.pub" ],
  51                     require => Package["ntp"],
  52                     notify  => Exec["ntp restart"],
  53                     ;
  54                 "/etc/ntp.keys.d/ntpkey_iff_orff":
  55                     owner   => root,
  56                     group   => root,
  57                     mode    => 444,
  58                     source  => [ "puppet:///modules/ntp/ntpkey_iff_orff.pub" ],
  59                     require => Package["ntp"],
  60                     notify  => Exec["ntp restart"],
  61                     ;
  62                 "/etc/ntp.keys.d/ntpkey_iff_ravel":
  63                     owner   => root,
  64                     group   => root,
  65                     mode    => 444,
  66                     source  => [ "puppet:///modules/ntp/ntpkey_iff_ravel.pub" ],
  67                     require => Package["ntp"],
  68                     notify  => Exec["ntp restart"],
  69                     ;
  70                 "/etc/ntp.keys.d/ntpkey_iff_busoni":
  71                     owner   => root,
  72                     group   => root,
  73                     mode    => 444,
  74                     source  => [ "puppet:///modules/ntp/ntpkey_iff_busoni.pub" ],
  75                     require => Package["ntp"],
  76                     notify  => Exec["ntp restart"],
  77                     ;
  78             }
  79         }
  80     }
  81
  82
  83     exec { "ntp restart":
  84         path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
  85         refreshonly => true,
  86     }
  87     @ferm::rule { "dsa-ntp":
  88         domain          => "(ip ip6)",
  89         description     => "Allow ntp access",
  90         rule            => "&SERVICE(udp, 123)"
  91     }
  92 }
  93 # vim:set et:
  94 # vim:set sts=4 ts=4:
  95 # vim:set shiftwidth=4: