diff options
author | Julien Dessaux | 2018-05-04 12:14:25 +0200 |
---|---|---|
committer | Julien Dessaux | 2018-05-04 12:15:06 +0200 |
commit | 102da120671f339eefd97048c7f6ce6478b55ce0 (patch) | |
tree | 817e0b518a3dd316489083c21732d61aca2fad7f | |
parent | Added fail2ban support for sshd on linux (diff) | |
download | masterfiles-102da120671f339eefd97048c7f6ce6478b55ce0.tar.gz masterfiles-102da120671f339eefd97048c7f6ce6478b55ce0.tar.bz2 masterfiles-102da120671f339eefd97048c7f6ce6478b55ce0.zip |
Bootstrapped inventory system
-rw-r--r-- | controls/cf_serverd.cf | 3 | ||||
-rw-r--r-- | services/inventory.cf | 17 | ||||
-rw-r--r-- | services/main.cf | 8 | ||||
-rw-r--r-- | templates/inventory/host_info_report.mustache | 49 |
4 files changed, 74 insertions, 3 deletions
diff --git a/controls/cf_serverd.cf b/controls/cf_serverd.cf index 38ff3ac..5e09ae7 100644 --- a/controls/cf_serverd.cf +++ b/controls/cf_serverd.cf @@ -25,6 +25,9 @@ bundle server access_rules() "$(sys.masterdir)/modules" shortcut => "modules", admit => { "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" }; + "$(sys.workdir)/inventory" + shortcut => "inventory", + admit => { "10.1.0.204/32" }; "/bin/sh" admit => { "$(sys.policy_hub)" }; roles: diff --git a/services/inventory.cf b/services/inventory.cf new file mode 100644 index 0000000..93bd580 --- /dev/null +++ b/services/inventory.cf @@ -0,0 +1,17 @@ +bundle agent inventory +{ + files: + any:: + "$(sys.workdir)/inventory/." + create => "true", + perms => system_owned("700"), + classes => if_repaired("inventory_folder_repaired"); + "$(sys.workdir)/inventory/host_info_report" + create => "true", + perms => system_owned("400"), + edit_template => "$(sys.inputdir)/templates/inventory/host_info_report.mustache", + template_method => "mustache"; + reports: + any:: + "$(this.bundle): $(sys.workdir)/inventory folder repaired" ifvarclass => "inventory_folder_repaired"; +} diff --git a/services/main.cf b/services/main.cf index 6a688d4..1305be0 100644 --- a/services/main.cf +++ b/services/main.cf @@ -3,6 +3,7 @@ body file control inputs => { "services/common.cf", "services/applications.cf", + "services/inventory.cf", "services/os.cf", "services/julien.cf", }; @@ -13,12 +14,13 @@ bundle common classify vars: any:: "bundles" slist => { - "common", - "os", - "julien", "bareos_fd", "check_mk", + "common", + "inventory", + "julien", "nrpe", + "os", "sshd", }; classes: diff --git a/templates/inventory/host_info_report.mustache b/templates/inventory/host_info_report.mustache new file mode 100644 index 0000000..bc125de --- /dev/null +++ b/templates/inventory/host_info_report.mustache @@ -0,0 +1,49 @@ +# Host Information +Generated: {{vars.sys.date}} + +## Identity +Fully Qualified Hostname: {{vars.sys.fqhost}} +Host ID: {{vars.sys.key_digest}} + +## CFEngine +Version: CFEngine {{#classes.enterprise}}Enterprise{{/classes.enterprise}} {{vars.sys.cf_version}} +Last Agent Run: {{vars.host_info_report_cfengine.last_agent_run}} +Policy Release ID: {{vars.host_info_report_cfengine.cf_promises_release_id.releaseId}} +Policy Last Updated: {{vars.host_info_report_cfengine.cf_promises_validated_timestamp_formatted}} +Bootstrapped to: {{vars.sys.policy_hub}} + +## OS +Architecture: {{vars.sys.arch}} +Os: {{vars.sys.os}} +Release: {{vars.sys.release}} +Flavor: {{vars.sys.flavor}} +Version: {{vars.sys.version}} +Uptime: {{vars.sys.uptime}} minutes + +## Hardware +No. CPUs: {{vars.sys.cpus}} +Total Memory: {{{vars.mon.value_mem_total}}} MB +Total Swap: {{{vars.mon.value_mem_swap}}} MB +Free Memory: {{{vars.mon.value_mem_free}}} MB +Free Swap: {{{vars.mon.value_mem_freeswap}}} MB + +## Network + +### Interfaces +{{#vars.host_info_report_cfengine.interface_info}} + * {{.}} +{{/vars.host_info_report_cfengine.interface_info}} + +{{! Redmine:4506 https://cfengine.com/dev/issues/4506 }} +### IPv4 TCP Ports listening +{{#vars.mon.listening_tcp4_ports}} + * {{.}} +{{/vars.mon.listening_tcp4_ports}} + +{{#classes.show_software}} +{{! Redmine:4507 https://cfengine.com/dev/issues/4507 }} +## Software +{{#vars.host_info_report_software.packages}} +[{{method}}] {{name}}: version {{version}}, arch {{arch}} +{{/vars.host_info_report_software.packages}} +{{/classes.show_software}} |