X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fmunin-node%2Fmanifests%2Finit.pp;h=ab177817e3f85e7a9631fbab948a71fc64b1a17a;hb=3161cb2b71f606f6384c7dfe44674f8f27ed1b19;hp=5b61d16783f48db779743bc60aa183994f4dc1cb;hpb=b507681f854f09cfc91da7b0b3a625c9d3c30022;p=mirror%2Fdsa-puppet.git

diff --git a/modules/munin-node/manifests/init.pp b/modules/munin-node/manifests/init.pp
index 5b61d1678..ab177817e 100644
--- a/modules/munin-node/manifests/init.pp
+++ b/modules/munin-node/manifests/init.pp
@@ -1,13 +1,13 @@
-define activate_munin_check($ensure=present, $script=$name) {
+define activate_munin_check($ensure=present, $script = none) {
     case $script {
-        "": { $base = $name }
-        default: { $base = $script }
+        none: { $link = $name }
+        default: { $link = $script }
     }
 
     case $ensure {
         present: {
             file { "/etc/munin/plugins/$name":
-                     ensure => "/usr/share/munin/plugins/$base",
+                     ensure => "/usr/share/munin/plugins/$link",
                      notify => Exec["munin-node restart"];
             }
         }
@@ -54,14 +54,19 @@ class munin-node {
 
     case $vsftpd {
         "true": {
-              include munin-node::vsftpd
+              package { 
+                      "logtail": ensure => installed;
+              }
+              activate_munin_check {
+                      "vsftpd":;
+                      "ps_vsftpd": script => "ps_";
+              }
         }
     }
 
     file {
         "/etc/munin/munin-node.conf":
-            source  => [ "puppet:///munin-node/per-host/$fqdn/munin-node.conf",
-                         "puppet:///munin-node/common/munin-node.conf" ],
+            content => template("munin-node/munin-node.conf.erb"),
             require => Package["munin-node"],
             notify  => Exec["munin-node restart"];
 
@@ -75,10 +80,19 @@ class munin-node {
         path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
         refreshonly => true,
     }
-    ferm::rule { "dsa-munin":
-        description     => "Allow munin-node from spohr.debian.org",
-        rule            => "proto tcp dport 4949 saddr $HOST_MUNIN ACCEPT"
-	prio		=> "02"
-   }
+    @ferm::rule { "dsa-munin-v4":
+            description     => "Allow munin from munin master",
+            rule            => "proto tcp mod state state (NEW) dport (munin) @subchain 'munin' { saddr (\$HOST_MUNIN_V4 \$HOST_NAGIOS_V4) ACCEPT; }",
+            notarule        => true,
+    }
+    @ferm::rule { "dsa-munin-v6":
+            description     => "Allow munin from munin master",
+            domain          => "ip6",
+            rule            => "proto tcp mod state state (NEW) dport (munin) @subchain 'munin' { saddr (\$HOST_MUNIN_V6 \$HOST_NAGIOS_V6) ACCEPT; }",
+            notarule        => true,
+    }
 }
 
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4: