projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
ferm: open ssh from mirror-master to ports mirror
[mirror/dsa-puppet.git]
/
modules
/
munin
/
manifests
/
init.pp
diff --git
a/modules/munin/manifests/init.pp
b/modules/munin/manifests/init.pp
index
3f7f4ae
..
91657e0
100644
(file)
--- a/
modules/munin/manifests/init.pp
+++ b/
modules/munin/manifests/init.pp
@@
-33,45
+33,59
@@
class munin {
require => Package['munin-node'],
}
require => Package['munin-node'],
}
- file { [ '/etc/munin/plugins/df', '/etc/munin/plugins/df_abs', '/etc/munin/plugins/df_inode' ]:
+ file { '/etc/munin/plugins/df':
+ ensure => link,
+ target => '/usr/share/munin/plugins/df',
+ require => Package['munin-node'],
+ notify => Service['munin-node'],
+ }
+
+ file { '/etc/munin/plugins/df_abs':
+ ensure => file,
source => 'puppet:///modules/munin/df-wrap',
mode => '0555',
require => Package['munin-node'],
notify => Service['munin-node'],
}
source => 'puppet:///modules/munin/df-wrap',
mode => '0555',
require => Package['munin-node'],
notify => Service['munin-node'],
}
- @ferm::rule { 'dsa-munin-v4':
+ file { '/etc/munin/plugins/df_inode':
+ ensure => link,
+ target => '/usr/share/munin/plugins/df_inode',
+ require => Package['munin-node'],
+ notify => Service['munin-node'],
+ }
+
+ ferm::rule { 'dsa-munin-v4':
description => 'Allow munin from munin master',
rule => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V4 $HOST_NAGIOS_V4) ACCEPT; }',
notarule => true,
}
description => 'Allow munin from munin master',
rule => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V4 $HOST_NAGIOS_V4) ACCEPT; }',
notarule => true,
}
-
@
ferm::rule { 'dsa-munin-v6':
+ ferm::rule { 'dsa-munin-v6':
description => 'Allow munin from munin master',
domain => 'ip6',
rule => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V6 $HOST_NAGIOS_V6) ACCEPT; }',
notarule => true,
}
description => 'Allow munin from munin master',
domain => 'ip6',
rule => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V6 $HOST_NAGIOS_V6) ACCEPT; }',
notarule => true,
}
- @@munin::master-per-node {
- $::fqdn:
+ @@munin::master_per_node { $::fqdn:
ipaddress => $::ipaddress,
munin_async => $::munin_async,
ipaddress => $::ipaddress,
munin_async => $::munin_async,
- ;
}
}
- #if $::munin_async and str2bool($::munin_async) == true {
- # file { '/etc/ssh/userkeys/munin-async':
- # source => 'puppet:///modules/munin/munin-async-authkeys',
- # }
- #} else {
- # file { '/etc/ssh/userkeys/munin-async':
- # ensure => 'absent',
- # }
- #}
package { 'munin-async':
ensure => installed
}
package { 'munin-async':
ensure => installed
}
+ service { 'munin-async':
+ ensure => running,
+ require => Package['munin-async'],
+ }
+ dsa_systemd::override { 'munin-async':
+ content => @("EOF"),
+ [Service]
+ RestartSec=10
+ | EOF
+ }
file { '/etc/ssh/userkeys/munin-async':
source => 'puppet:///modules/munin/munin-async-authkeys',
}
file { '/etc/ssh/userkeys/munin-async':
source => 'puppet:///modules/munin/munin-async-authkeys',
}