X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fnagios%2Fmanifests%2Fclient.pp;h=45acf85c1259527bfbf1e6b72e7111e6949fa0a2;hb=ada2a1dd5c06f69eb3ba3e69ffa21a1a550ec403;hp=8c6f94c81d8302e60343db547c50d23cfdbb6bee;hpb=e1d5c69770ca56c9585455473b9a445220b99c2c;p=mirror%2Fdsa-puppet.git

diff --git a/modules/nagios/manifests/client.pp b/modules/nagios/manifests/client.pp
index 8c6f94c81..45acf85c1 100644
--- a/modules/nagios/manifests/client.pp
+++ b/modules/nagios/manifests/client.pp
@@ -1,49 +1,95 @@
 class nagios::client inherits nagios {
-	package {
-		dsa-nagios-nrpe-config: ensure => purged;
-		dsa-nagios-checks: ensure => installed;
+
+	package { 'dsa-nagios-nrpe-config':
+		ensure => purged
+	}
+	package { 'dsa-nagios-checks':
+		ensure => installed,
+		tag    => extra_repo,
 	}
 
-	file {
-		"/etc/default/nagios-nrpe-server":
-			source  => [ "puppet:///nagios/per-host/$fqdn/default",
-			             "puppet:///nagios/common/default" ],
-			require => Package["nagios-nrpe-server"],
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/default/nagios-nrpe":
-			ensure  => absent,
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/nagios/nrpe.cfg":
-			source  => [ "puppet:///nagios/per-host/$fqdn/nrpe.cfg",
-			             "puppet:///nagios/common/nrpe.cfg" ],
-			require => Package["nagios-nrpe-server"],
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/nagios/nrpe.d":
-			mode    => 755,
-			ensure  => directory;
-		"/etc/nagios/nrpe.d/debianorg.cfg":
-			source  => [ "puppet:///nagios/per-host/$fqdn/inc-debian.org",
-			             "puppet:///nagios/common/inc-debian.org" ],
-			require => Package["nagios-nrpe-server"],
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/nagios/nrpe.d/nrpe_dsa.cfg":
-			source  => [ "puppet:///nagios/dsa-nagios/generated/nrpe_dsa.cfg" ],
-			require => Package["dsa-nagios-checks"],
-			notify  => Exec["nagios-nrpe-server restart"];
+	service { 'nagios-nrpe-server':
+		ensure    => running,
+		hasstatus => false,
+		pattern   => 'nrpe',
+	}
 
-		"/etc/nagios/obsolete-packages-ignore":
-			source  => [ "puppet:///nagios/per-host/$fqdn/obsolete-packages-ignore",
-			             "puppet:///nagios/common/obsolete-packages-ignore" ],
-			require => Package["dsa-nagios-checks"];
+	@ferm::rule { 'dsa-nagios-v4':
+		description => 'Allow nrpe from nagios master',
+		rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V4) ACCEPT; }',
+		notarule    => true,
+	}
+	@ferm::rule { 'dsa-nagios-v6':
+		description => 'Allow nrpe from nagios master',
+		domain      => 'ip6',
+		rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V6) ACCEPT; }',
+		notarule    => true,
+	}
 
-		"/etc/nagios/obsolete-packages-ignore.d/perhost":
-			source  => [ "puppet:///nagios/per-host/$fqdn/obsolete-packages-ignore.d-perhost",
-			             "puppet:///nagios/common/obsolete-packages-ignore.d-perhost" ],
-			require => Package["dsa-nagios-checks"];
+	file { '/etc/default/nagios-nrpe-server':
+		source  => 'puppet:///modules/nagios/common/default',
+		require => Package['nagios-nrpe-server'],
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/default/nagios-nrpe':
+		ensure  => absent,
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/':
+		ensure  => directory,
+		recurse => remote,
+		source  => 'puppet:///files/empty/',
+		require => Package['nagios-nrpe-server'],
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.cfg':
+		content => template('nagios/nrpe.cfg.erb'),
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.d':
+		ensure  => directory,
+		recurse => remote,
+		source  => 'puppet:///files/empty/',
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.d/debianorg.cfg':
+		content => template('nagios/inc-debian.org.erb'),
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.d/nrpe_dsa.cfg':
+		source  => 'puppet:///modules/nagios/dsa-nagios/generated/nrpe_dsa.cfg',
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/obsolete-packages-ignore':
+		source  => 'puppet:///modules/nagios/common/obsolete-packages-ignore',
+		require => Package['dsa-nagios-checks'],
+	}
+	file { '/etc/nagios/check-libs.conf':
+		source  => 'puppet:///modules/nagios/common/check-libs.conf',
+		require => Package['dsa-nagios-checks'],
+	}
+	file { '/etc/nagios/obsolete-packages-ignore.d/hostspecific':
+		content => template('nagios/obsolete-packages-ignore.d-hostspecific.erb'),
+		require => Package['dsa-nagios-checks'],
+	}
+	file { '/usr/local/sbin/dsa-check-libs':
+		ensure => absent,
 	}
 
-	exec { "nagios-nrpe-server restart":
-		path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
-		refreshonly => true,
+	concat { '/etc/cron.d/puppet-nagios-wraps': }
+	concat::fragment { 'puppet-nagios-wraps--header':
+		target => '/etc/cron.d/puppet-nagios-wraps',
+		order  => '000',
+		content  => @(EOF)
+			SHELL=/bin/bash
+			PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/nagios/plugins
+			| EOF
+	}
+	concat::fragment { 'dsa-check_puppet_agent':
+		target => '/etc/cron.d/puppet-nagios-wraps',
+		order  => '010',
+		content  => @(EOF)
+			47 * * * * root dsa-wrap-nagios-check -s puppet-agent dsa-check_puppet_agent -d0 -c 28800 -w 18000
+			| EOF
 	}
 }