summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulien Dessaux2018-05-04 12:14:25 +0200
committerJulien Dessaux2018-05-04 12:15:06 +0200
commit102da120671f339eefd97048c7f6ce6478b55ce0 (patch)
tree817e0b518a3dd316489083c21732d61aca2fad7f
parentAdded fail2ban support for sshd on linux (diff)
downloadmasterfiles-102da120671f339eefd97048c7f6ce6478b55ce0.tar.gz
masterfiles-102da120671f339eefd97048c7f6ce6478b55ce0.tar.bz2
masterfiles-102da120671f339eefd97048c7f6ce6478b55ce0.zip
Bootstrapped inventory system
-rw-r--r--controls/cf_serverd.cf3
-rw-r--r--services/inventory.cf17
-rw-r--r--services/main.cf8
-rw-r--r--templates/inventory/host_info_report.mustache49
4 files changed, 74 insertions, 3 deletions
diff --git a/controls/cf_serverd.cf b/controls/cf_serverd.cf
index 38ff3ac..5e09ae7 100644
--- a/controls/cf_serverd.cf
+++ b/controls/cf_serverd.cf
@@ -25,6 +25,9 @@ bundle server access_rules()
"$(sys.masterdir)/modules"
shortcut => "modules",
admit => { "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" };
+ "$(sys.workdir)/inventory"
+ shortcut => "inventory",
+ admit => { "10.1.0.204/32" };
"/bin/sh"
admit => { "$(sys.policy_hub)" };
roles:
diff --git a/services/inventory.cf b/services/inventory.cf
new file mode 100644
index 0000000..93bd580
--- /dev/null
+++ b/services/inventory.cf
@@ -0,0 +1,17 @@
+bundle agent inventory
+{
+ files:
+ any::
+ "$(sys.workdir)/inventory/."
+ create => "true",
+ perms => system_owned("700"),
+ classes => if_repaired("inventory_folder_repaired");
+ "$(sys.workdir)/inventory/host_info_report"
+ create => "true",
+ perms => system_owned("400"),
+ edit_template => "$(sys.inputdir)/templates/inventory/host_info_report.mustache",
+ template_method => "mustache";
+ reports:
+ any::
+ "$(this.bundle): $(sys.workdir)/inventory folder repaired" ifvarclass => "inventory_folder_repaired";
+}
diff --git a/services/main.cf b/services/main.cf
index 6a688d4..1305be0 100644
--- a/services/main.cf
+++ b/services/main.cf
@@ -3,6 +3,7 @@ body file control
inputs => {
"services/common.cf",
"services/applications.cf",
+ "services/inventory.cf",
"services/os.cf",
"services/julien.cf",
};
@@ -13,12 +14,13 @@ bundle common classify
vars:
any::
"bundles" slist => {
- "common",
- "os",
- "julien",
"bareos_fd",
"check_mk",
+ "common",
+ "inventory",
+ "julien",
"nrpe",
+ "os",
"sshd",
};
classes:
diff --git a/templates/inventory/host_info_report.mustache b/templates/inventory/host_info_report.mustache
new file mode 100644
index 0000000..bc125de
--- /dev/null
+++ b/templates/inventory/host_info_report.mustache
@@ -0,0 +1,49 @@
+# Host Information
+Generated: {{vars.sys.date}}
+
+## Identity
+Fully Qualified Hostname: {{vars.sys.fqhost}}
+Host ID: {{vars.sys.key_digest}}
+
+## CFEngine
+Version: CFEngine {{#classes.enterprise}}Enterprise{{/classes.enterprise}} {{vars.sys.cf_version}}
+Last Agent Run: {{vars.host_info_report_cfengine.last_agent_run}}
+Policy Release ID: {{vars.host_info_report_cfengine.cf_promises_release_id.releaseId}}
+Policy Last Updated: {{vars.host_info_report_cfengine.cf_promises_validated_timestamp_formatted}}
+Bootstrapped to: {{vars.sys.policy_hub}}
+
+## OS
+Architecture: {{vars.sys.arch}}
+Os: {{vars.sys.os}}
+Release: {{vars.sys.release}}
+Flavor: {{vars.sys.flavor}}
+Version: {{vars.sys.version}}
+Uptime: {{vars.sys.uptime}} minutes
+
+## Hardware
+No. CPUs: {{vars.sys.cpus}}
+Total Memory: {{{vars.mon.value_mem_total}}} MB
+Total Swap: {{{vars.mon.value_mem_swap}}} MB
+Free Memory: {{{vars.mon.value_mem_free}}} MB
+Free Swap: {{{vars.mon.value_mem_freeswap}}} MB
+
+## Network
+
+### Interfaces
+{{#vars.host_info_report_cfengine.interface_info}}
+ * {{.}}
+{{/vars.host_info_report_cfengine.interface_info}}
+
+{{! Redmine:4506 https://cfengine.com/dev/issues/4506 }}
+### IPv4 TCP Ports listening
+{{#vars.mon.listening_tcp4_ports}}
+ * {{.}}
+{{/vars.mon.listening_tcp4_ports}}
+
+{{#classes.show_software}}
+{{! Redmine:4507 https://cfengine.com/dev/issues/4507 }}
+## Software
+{{#vars.host_info_report_software.packages}}
+[{{method}}] {{name}}: version {{version}}, arch {{arch}}
+{{/vars.host_info_report_software.packages}}
+{{/classes.show_software}}