summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulien Dessaux2017-09-20 16:11:12 +0200
committerJulien Dessaux2017-09-21 16:21:41 +0200
commit3eaa59684cd906af379a90c2e14094b9b85ecbf1 (patch)
tree40ac37b56df8553254901442b356cafe6d002c2e
parentFinished adding nagios policy along with simple nginx policy (diff)
downloadmasterfiles-3eaa59684cd906af379a90c2e14094b9b85ecbf1.tar.gz
masterfiles-3eaa59684cd906af379a90c2e14094b9b85ecbf1.tar.bz2
masterfiles-3eaa59684cd906af379a90c2e14094b9b85ecbf1.zip
Added ipam.adyxax.org policies
-rw-r--r--services/applications.cf1
-rw-r--r--services/applications/ipam.cf41
-rw-r--r--services/applications/php56.cf5
-rw-r--r--services/main.cf2
-rw-r--r--templates/common/hosts2
-rw-r--r--templates/nagios/conf.d/hostgroups.cfg1
-rw-r--r--templates/nagios/conf.d/ipam.adyxax.org.cfg6
-rw-r--r--templates/nginx/ipam_nginx.conf62
8 files changed, 119 insertions, 1 deletions
diff --git a/services/applications.cf b/services/applications.cf
index c380374..b33b344 100644
--- a/services/applications.cf
+++ b/services/applications.cf
@@ -4,6 +4,7 @@ body file control
"services/applications/bareos_fd.cf",
"services/applications/check_mk.cf",
"services/applications/fcgiwrap.cf",
+ "services/applications/ipam.cf",
"services/applications/nagios.cf",
"services/applications/nginx.cf",
"services/applications/php56.cf",
diff --git a/services/applications/ipam.cf b/services/applications/ipam.cf
new file mode 100644
index 0000000..067cb29
--- /dev/null
+++ b/services/applications/ipam.cf
@@ -0,0 +1,41 @@
+bundle agent ipam
+{
+ vars:
+ ipam::
+ "config[host]" string => "mysql01";
+ "config[user]" string => "phpipam";
+ "config[pass]" string => "Hee0Hai8lie2gaaBia8xaisieSiengie";
+ "config[name]" string => "phpipam";
+ "config[port]" string => "3306";
+ "index" slist => getindices("ipam.config");
+ "packages" slist => {
+ "pear",
+ "php56-filter",
+ "php56-gettext",
+ "php56-gd",
+ "php56-gmp",
+ "php56-json",
+ "php56-mbstring",
+ "php56-openssl",
+ "php56-pdo_mysql",
+ "php56-session",
+ "php56-simplexml",
+ "php56-sockets",
+ };
+ methods:
+ ipam::
+ "ipam" usebundle => install_package("$(this.bundle)", "$(ipam.packages)");
+ "ipam" usebundle => fcgiwrap("nobody", "www", "770");
+ "ipam" usebundle => php56();
+ "ipam" usebundle => nginx("$(sys.inputdir)/templates/nginx/ipam_nginx.conf", "nginx.conf");
+ files:
+ ipam::
+ "/var/www/phpipam/config.php"
+ create => "true",
+ perms => system_owned("444"),
+ edit_line => regex_replace("\$db\['$(index)'\]\s+=\s+\"(?!$(config[$(index)]))[^\"]+\";", "$db['$(index)'] = \"$(config[$(index)])\";"),
+ classes => if_repaired("ipam_ipam_config_php_repaired");
+ reports:
+ any::
+ "$(this.bundle): /var/www/phpipam/config.php repaired" ifvarclass => "ipam_ipam_config_php_repaired";
+}
diff --git a/services/applications/php56.cf b/services/applications/php56.cf
index 5f96d25..e62a389 100644
--- a/services/applications/php56.cf
+++ b/services/applications/php56.cf
@@ -16,6 +16,10 @@ bundle agent php56
perms => system_owned("444"),
edit_template => "$(sys.inputdir)/templates/php/freebsd-php56-php-fpm.conf",
classes => if_repaired("php56_php_fpm_conf_file_repaired");
+ "/var/run/php-fpm/."
+ create => "true",
+ perms => system_owned("444"),
+ classes => if_repaired("php56_php_run_dir_repaired");
classes:
freebsd::
"php_fpm_service_running" expression => returnszero("/usr/sbin/service php-fpm status", "noshell");
@@ -28,6 +32,7 @@ bundle agent php56
any::
"$(this.bundle): /usr/local/etc/php.ini repaired" ifvarclass => "php56_php_ini_file_repaired";
"$(this.bundle): /usr/local/etc/php-fpm.conf repaired" ifvarclass => "php56_php_fpm_conf_file_repaired";
+ "$(this.bundle): /var/run/php-fpm/ directory repaired" ifvarclass => "php56_php_run_dir_repaired";
"$(this.bundle): sshd service repaired" ifvarclass => "php_fpm_service_repaired";
"$(this.bundle): sshd service restarted" ifvarclass => "php_fpm_service_restarted";
}
diff --git a/services/main.cf b/services/main.cf
index d5e52bb..c948457 100644
--- a/services/main.cf
+++ b/services/main.cf
@@ -34,6 +34,8 @@ bundle agent classify
};
"mail_servers" or => { "legend" };
methods:
+ ipam::
+ "ipam" usebundle => ipam;
nagios::
"nagios" usebundle => nagios;
}
diff --git a/templates/common/hosts b/templates/common/hosts
index de9217c..0f5225b 100644
--- a/templates/common/hosts
+++ b/templates/common/hosts
@@ -14,7 +14,7 @@ ff02::2 ip6-allrouters
10.1.0.101 weechat_relay.jail weechat_relay
10.1.0.200 tiddlywiki.jail tiddlywiki
-10.1.0.201 phpipam.lxd phpipam
+10.1.0.201 ipam.jail ipam
10.1.0.202 check_mk.lxd check_mk
10.1.0.203 miniflux.lxd miniflux
10.1.0.204 hub.lxd hub
diff --git a/templates/nagios/conf.d/hostgroups.cfg b/templates/nagios/conf.d/hostgroups.cfg
index 636bc5a..b592eb7 100644
--- a/templates/nagios/conf.d/hostgroups.cfg
+++ b/templates/nagios/conf.d/hostgroups.cfg
@@ -9,5 +9,6 @@ define hostgroup {
alias FreeBSD Jails
members console.adyxax.org, \
git.adyxax.org, \
+ ipam.adyxax.org, \
nagios.adyxax.org
}
diff --git a/templates/nagios/conf.d/ipam.adyxax.org.cfg b/templates/nagios/conf.d/ipam.adyxax.org.cfg
new file mode 100644
index 0000000..9391ac6
--- /dev/null
+++ b/templates/nagios/conf.d/ipam.adyxax.org.cfg
@@ -0,0 +1,6 @@
+define host {
+ use freebsd-server
+ host_name ipam.adyxax.org
+ address ipam.jail
+ parents cobsd.adyxax.org
+}
diff --git a/templates/nginx/ipam_nginx.conf b/templates/nginx/ipam_nginx.conf
new file mode 100644
index 0000000..fe703ef
--- /dev/null
+++ b/templates/nginx/ipam_nginx.conf
@@ -0,0 +1,62 @@
+worker_processes 1;
+
+# This default error log path is compiled-in to make sure configuration parsing
+# errors are logged somewhere, especially during unattended boot when stderr
+# isn't normally logged anywhere. This path will be touched on every nginx
+# start regardless of error log location configured here. See
+# https://trac.nginx.org/nginx/ticket/147 for more info.
+#
+#error_log /var/log/nginx/error.log;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ include mime.types;
+ default_type application/octet-stream;
+
+ sendfile on;
+ keepalive_timeout 65;
+ gzip on;
+
+ server {
+ listen 80;
+ server_name localhost;
+
+ root /var/www/phpipam/;
+
+ location ~ ^/(favicon.ico|robots.txt)$ {
+ access_log off;
+ expires max;
+ }
+ location ~ ^/(api/controllers|api/README|app|db|functions|install|misc|upgrade|INSTALL.txt|README|UPDATE)$ {
+ deny all;
+ access_log off;
+ log_not_found off;
+ }
+ location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; deny all; }
+
+ location / {
+ index index.php;
+ try_files $uri $uri/ index.php;
+ }
+
+ #error_page 404 /404.html;
+
+ # redirect server error pages to the static page /50x.html
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root /usr/local/www/nginx-dist;
+ }
+ location ~ \.php$ {
+ fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params;
+ fastcgi_pass_header Authorization;
+ }
+ }
+}
+