X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=inline;f=modules%2Fferm%2Fmanifests%2Finit.pp;h=e23e15d964e87cbd091369fe03df33232aed248a;hb=01bc08d800396c1ef68ebce27940988972d43367;hp=03025d53533dd857a385da953ab3270ed06c619a;hpb=5ea37807b322b81a3da0a113f54c2fbeb0efc0ee;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index 03025d535..e23e15d96 100644
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -9,33 +9,34 @@
 class ferm {
 	# realize (i.e. enable) all @ferm::rule virtual resources
 	Ferm::Rule <| |>
+	Ferm::Conf <| |>
 
 	File { mode => '0400' }
 
 	package { 'ferm':
 		ensure => installed
 	}
-	package { 'ulogd':
+	package { 'ulogd2':
 		ensure => installed
 	}
+	package { 'ulogd':
+		# Remove instead of purge ulogd because it deletes log files on purge.
+		ensure => absent
+	}
 
 	service { 'ferm':
 		hasstatus   => false,
 		status      => '/bin/true',
 	}
 
-	$munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
+	$munin_ips = getfromhash($site::nodeinfo, 'misc', 'v4addrs')
+		.map |$addr| { "ip_${addr}" }
 
 	munin::check { $munin_ips: script => 'ip_', }
 
-	if $v6ips {
-		$munin6_ips = split(regsubst($v6ips, '([^,]+)', 'ip_\1', 'G'), ',')
-		munin::ipv6check { $munin6_ips: }
-	}
-
-	# get rid of old stuff
-	$munin6_ip6s = split(regsubst($v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
-	munin::check { $munin6_ip6s: ensure => absent }
+	$munin6_ips = getfromhash($site::nodeinfo, 'misc', 'v6addrs')
+		.map |$addr| { "ip_${addr}" }
+	munin::ipv6check { $munin6_ips: }
 
 	file { '/etc/ferm':
 		ensure  => directory,
@@ -66,7 +67,11 @@ class ferm {
 		mode    => '0444',
 	}
 	file { '/etc/ferm/ferm.conf':
-		source  => 'puppet:///modules/ferm/ferm.conf',
+		content => template('ferm/ferm.conf.erb'),
+		notify  => Service['ferm'],
+	}
+	file { '/etc/ferm/conf.d/00-init.conf':
+		content => template('ferm/00-init.conf.erb'),
 		notify  => Service['ferm'],
 	}
 	file { '/etc/ferm/conf.d/me.conf':
@@ -81,10 +86,23 @@ class ferm {
 		content => template('ferm/interfaces.conf.erb'),
 		notify  => Service['ferm'],
 	}
+	augeas { 'logrotate_ulogd2':
+		context => '/files/etc/logrotate.d/ulogd2',
+		changes => [
+			'set rule/schedule daily',
+			'set rule/delaycompress delaycompress',
+			'set rule/rotate 10',
+			'set rule/ifempty notifempty',
+		],
+	}
 	file { '/etc/logrotate.d/ulogd':
-		source  => 'puppet:///modules/ferm/logrotate-ulogd',
-		mode    => '0444',
-		require => Package['debian.org'],
+		ensure  => absent,
+	}
+	file { '/etc/logrotate.d/ulogd.dpkg-bak':
+		ensure  => absent,
+	}
+	file { '/etc/logrotate.d/ulogd.dpkg-dist':
+		ensure  => absent,
 	}
 
 }