X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fnagios%2Fmanifests%2Fclient.pp;h=94bbf93c6994615af7e0cf52954cc16edea046d9;hb=05bfa391748bf827189c42c1a79694ca4cef28c3;hp=a49aec527b101dad251080b36c409e1df4d616db;hpb=8c81dab8b39a143712beb2479a41d5e2f303ddc9;p=mirror%2Fdsa-puppet.git

diff --git a/modules/nagios/manifests/client.pp b/modules/nagios/manifests/client.pp
index a49aec527..94bbf93c6 100644
--- a/modules/nagios/manifests/client.pp
+++ b/modules/nagios/manifests/client.pp
@@ -1,50 +1,87 @@
 class nagios::client inherits nagios {
-	package {
-		dsa-nagios-nrpe-config: ensure => purged;
-		dsa-nagios-checks: ensure => installed;
+
+	package { 'dsa-nagios-nrpe-config':
+		ensure => purged
+	}
+	package { 'dsa-nagios-checks':
+		ensure => installed,
+		tag    => extra_repo,
 	}
 
-	file {
-		"/etc/default/nagios-nrpe-server":
-			source  => [ "puppet:///nagios/per-host/$fqdn/default",
-			             "puppet:///nagios/common/default" ],
-			require => Package["nagios-nrpe-server"],
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/default/nagios-nrpe":
-			ensure  => absent,
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/nagios/nrpe.cfg":
-			source  => [ "puppet:///nagios/per-host/$fqdn/nrpe.cfg",
-			             "puppet:///nagios/common/nrpe.cfg" ],
-			require => Package["nagios-nrpe-server"],
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/nagios/nrpe.d":
-			mode    => 755,
-			require => Package["nagios-nrpe-server"],
-			ensure  => directory;
-		"/etc/nagios/nrpe.d/debianorg.cfg":
-			source  => [ "puppet:///nagios/per-host/$fqdn/inc-debian.org",
-			             "puppet:///nagios/common/inc-debian.org" ],
-			require => Package["nagios-nrpe-server"],
-			notify  => Exec["nagios-nrpe-server restart"];
-		"/etc/nagios/nrpe.d/nrpe_dsa.cfg":
-			source  => [ "puppet:///nagios/dsa-nagios/generated/nrpe_dsa.cfg" ],
-			require => Package["dsa-nagios-checks"],
-			notify  => Exec["nagios-nrpe-server restart"];
+	service { 'nagios-nrpe-server':
+		ensure    => running,
+		hasstatus => false,
+		pattern   => 'nrpe',
+	}
 
-		"/etc/nagios/obsolete-packages-ignore":
-			source  => [ "puppet:///nagios/per-host/$fqdn/obsolete-packages-ignore",
-			             "puppet:///nagios/common/obsolete-packages-ignore" ],
-			require => Package["dsa-nagios-checks"];
+	@ferm::rule { 'dsa-nagios-v4':
+		description => 'Allow nrpe from nagios master',
+		rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V4) ACCEPT; }',
+		notarule    => true,
+	}
+	@ferm::rule { 'dsa-nagios-v6':
+		description => 'Allow nrpe from nagios master',
+		domain      => 'ip6',
+		rule        => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V6) ACCEPT; }',
+		notarule    => true,
+	}
 
-		"/etc/nagios/obsolete-packages-ignore.d/hostspecific":
-			source  => [ "puppet:///nagios/per-host/$fqdn/obsolete-packages-ignore.d-hostspecific",
-			             "puppet:///nagios/common/obsolete-packages-ignore.d-hostspecific" ],
-			require => Package["dsa-nagios-checks"];
+	file { '/etc/default/nagios-nrpe-server':
+		source  => 'puppet:///modules/nagios/common/default',
+		require => Package['nagios-nrpe-server'],
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/default/nagios-nrpe':
+		ensure  => absent,
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/':
+		ensure  => directory,
+		recurse => remote,
+		source  => 'puppet:///files/empty/',
+		require => Package['nagios-nrpe-server'],
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.cfg':
+		content => template('nagios/nrpe.cfg.erb'),
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.d':
+		ensure  => directory,
+		recurse => remote,
+		source  => 'puppet:///files/empty/',
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.d/debianorg.cfg':
+		content => template('nagios/inc-debian.org.erb'),
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/nrpe.d/nrpe_dsa.cfg':
+		source  => 'puppet:///modules/nagios/dsa-nagios/generated/nrpe_dsa.cfg',
+		notify  => Service['nagios-nrpe-server'],
+	}
+	file { '/etc/nagios/obsolete-packages-ignore':
+		source  => 'puppet:///modules/nagios/common/obsolete-packages-ignore',
+		require => Package['dsa-nagios-checks'],
+	}
+	file { '/etc/nagios/check-libs.conf':
+		source  => 'puppet:///modules/nagios/common/check-libs.conf',
+		require => Package['dsa-nagios-checks'],
+	}
+	file { '/etc/nagios/obsolete-packages-ignore.d/hostspecific':
+		content => template('nagios/obsolete-packages-ignore.d-hostspecific.erb'),
+		require => Package['dsa-nagios-checks'],
+	}
+	file { '/usr/local/sbin/dsa-check-libs':
+		ensure => absent,
 	}
 
-	exec { "nagios-nrpe-server restart":
-		path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
-		refreshonly => true,
+	file { '/etc/cron.d/puppet-nagios-wraps': ensure => absent, }
+	concat::fragment { 'dsa-puppet-stuff--nagios--dsa-check-puppet-agent':
+		target => '/etc/cron.d/dsa-puppet-stuff',
+		order  => '010',
+		content  => @(EOF)
+			47 * * * * root dsa-wrap-nagios-check -s puppet-agent dsa-check_puppet_agent -d0 -c 28800 -w 18000
+			| EOF
 	}
 }