modules/ntp/manifests/init.pp

   1 class ntp {
   2     package { ntp: ensure => installed }
   3     file {
   4         "/var/lib/ntp/":
   5             ensure  => directory,
   6             owner   => ntp,
   7             group   => ntp,
   8             mode    => 755
   9             ;
  10         "/var/lib/ntpstats":
  11             ensure  => directory,
  12             owner   => ntp,
  13             group   => ntp,
  14             mode    => 755
  15             ;
  16         "/etc/ntp.conf":
  17             owner   => root,
  18             group   => root,
  19             mode    => 444,
  20             content => template("ntp/ntp.conf"),
  21             notify  => Exec["ntp restart"],
  22             require => Package["ntp"]
  23             ;
  24         "/etc/ntp.keys.d":
  25             owner   => root,
  26             group   => ntp,
  27             mode    => 750,
  28             ensure  => directory,
  29             ;
  30     }
  31     case getfromhash($nodeinfo, 'timeserver') {
  32         true: { }
  33         default: {
  34             file {
  35                 "/etc/default/ntp":
  36                     owner   => root,
  37                     group   => root,
  38                     mode    => 444,
  39                     source  => [ "puppet:///modules/ntp/etc-default-ntp" ],
  40                     require => Package["ntp"],
  41                     notify  => Exec["ntp restart"],
  42                     ;
  43
  44                 "/etc/ntp.keys.d/ntpkey_iff_merikanto":
  45                     owner   => root,
  46                     group   => root,
  47                     mode    => 444,
  48                     source  => [ "puppet:///modules/ntp/ntpkey_iff_merikanto.pub" ],
  49                     require => Package["ntp"],
  50                     notify  => Exec["ntp restart"],
  51                     ;
  52                 "/etc/ntp.keys.d/ntpkey_iff_orff":
  53                     owner   => root,
  54                     group   => root,
  55                     mode    => 444,
  56                     source  => [ "puppet:///modules/ntp/ntpkey_iff_orff.pub" ],
  57                     require => Package["ntp"],
  58                     notify  => Exec["ntp restart"],
  59                     ;
  60                 "/etc/ntp.keys.d/ntpkey_iff_ravel":
  61                     owner   => root,
  62                     group   => root,
  63                     mode    => 444,
  64                     source  => [ "puppet:///modules/ntp/ntpkey_iff_ravel.pub" ],
  65                     require => Package["ntp"],
  66                     notify  => Exec["ntp restart"],
  67                     ;
  68                 "/etc/ntp.keys.d/ntpkey_iff_busoni":
  69                     owner   => root,
  70                     group   => root,
  71                     mode    => 444,
  72                     source  => [ "puppet:///modules/ntp/ntpkey_iff_busoni.pub" ],
  73                     require => Package["ntp"],
  74                     notify  => Exec["ntp restart"],
  75                     ;
  76             }
  77         }
  78     }
  79
  80
  81     exec { "ntp restart":
  82         path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
  83         refreshonly => true,
  84     }
  85     @ferm::rule { "dsa-ntp":
  86         domain          => "(ip ip6)",
  87         description     => "Allow ntp access",
  88         rule            => "&SERVICE(udp, 123)"
  89     }
  90 }
  91 # vim:set et:
  92 # vim:set sts=4 ts=4:
  93 # vim:set shiftwidth=4: