summaryrefslogtreecommitdiff
path: root/services/applications
diff options
context:
space:
mode:
authorJulien Dessaux2017-08-25 17:21:05 +0200
committerJulien Dessaux2017-08-25 17:46:13 +0200
commit5239846956644f27d1619ce43b742034925d3ebc (patch)
tree59cc92daa324f03509b26de75587892b59b2f35c /services/applications
parentAdded bareos-fd policy (diff)
downloadmasterfiles-5239846956644f27d1619ce43b742034925d3ebc.tar.gz
masterfiles-5239846956644f27d1619ce43b742034925d3ebc.tar.bz2
masterfiles-5239846956644f27d1619ce43b742034925d3ebc.zip
Changed policies organisation to use methods
Diffstat (limited to 'services/applications')
-rw-r--r--services/applications/bareos_fd.cf38
-rw-r--r--services/applications/check_mk.cf43
-rw-r--r--services/applications/fcgiwrap.cf8
-rw-r--r--services/applications/sshd.cf33
4 files changed, 122 insertions, 0 deletions
diff --git a/services/applications/bareos_fd.cf b/services/applications/bareos_fd.cf
new file mode 100644
index 0000000..3b16a91
--- /dev/null
+++ b/services/applications/bareos_fd.cf
@@ -0,0 +1,38 @@
+bundle agent bareos_fd
+{
+ vars:
+ freebsd::
+ "packages" slist => {
+ "bareos-client",
+ };
+ "rc_conf_lines" slist => {
+ "bareos_fd_enable=\"YES\"",
+ "bareos_fd_config=\"/usr/local/etc/bareos/\"",
+ };
+ !freebsd::
+ "packages" slist => {};
+ classes:
+ freebsd::
+ "bareos_fd_service_running" expression => returnszero("/usr/sbin/service bareos-fd status", "noshell");
+ methods:
+ freebsd::
+ "any" usebundle => install_package("$(bareos_fd.packages)");
+ "any" usebundle => add_rc_conf_line("$(bareos_fd.rc_conf_lines)");
+ files:
+ freebsd::
+ "/usr/local/etc/bareos/bareos-fd.d/client/myself.conf"
+ edit_defaults => std_defs,
+ perms => system_owned("444"),
+ edit_line => replace_line_end("Name =", "$(sys.host)-fd"),
+ classes => if_repaired("bareos_client_file_repaired");
+ commands:
+ freebsd.!bareos_fd_service_running::
+ "/usr/sbin/service bareos-fd start" classes => if_repaired("bareos_fd_service_repaired");
+ freebsd.bareos_client_file_repaired::
+ "/usr/sbin/service bareos-fd restart" classes => if_repaired("bareos_fd_service_restarted");
+ reports:
+ any::
+ "$(this.bundle): /usr/local/etc/bareos/bareos-fd.d/client/myself.conf repaired" ifvarclass => "bareos_client_file_repaired";
+ "$(this.bundle): bareos-fd service repaired" ifvarclass => "bareos_fd_service_repaired";
+ "$(this.bundle): bareos-fd service restarted" ifvarclass => "bareos_fd_service_restarted";
+}
diff --git a/services/applications/check_mk.cf b/services/applications/check_mk.cf
new file mode 100644
index 0000000..0731eaa
--- /dev/null
+++ b/services/applications/check_mk.cf
@@ -0,0 +1,43 @@
+bundle agent check_mk
+{
+ vars:
+ freebsd::
+ "rc_conf_lines" slist => {
+ "inetd_enable=\"YES\"",
+ "inetd_flags=\"-wW\"",
+ };
+ files:
+ freebsd::
+ "/etc/services"
+ edit_defaults => std_defs,
+ perms => system_owned("444"),
+ edit_line => append_if_no_line("check_mk_agent 6556/tcp"),
+ classes => if_repaired("check_mk_services_file_repaired");
+ "/etc/inetd.conf"
+ edit_defaults => std_defs,
+ perms => system_owned("444"),
+ edit_line => append_if_no_line("check_mk_agent stream tcp nowait root /usr/local/bin/check_mk_agent check_mk_agent"),
+ classes => if_repaired("check_mk_inetd_conf_file_repaired");
+ "/usr/local/bin/check_mk_agent"
+ perms => system_owned("555"),
+ copy_from => local_cp("$(sys.inputdir)/templates/check_mk/check_mk_agent.freebsd"),
+ classes => if_repaired("check_mk_agent_repaired");
+ classes:
+ freebsd::
+ "inetd_service_running" expression => returnszero("/usr/sbin/service inetd status", "noshell");
+ methods:
+ freebsd::
+ "any" usebundle => add_rc_conf_line("$(check_mk.rc_conf_lines)");
+ commands:
+ freebsd.!inetd_service_running::
+ "/usr/sbin/service inetd start" classes => if_repaired("inet_service_repaired");
+ freebsd.check_mk_inetd_conf_file_repaired::
+ "/usr/sbin/service inetd restart" classes => if_repaired("inetd_service_restarted");
+ reports:
+ any::
+ "$(this.bundle): /etc/services repaired" ifvarclass => "check_mk_services_file_repaired";
+ "$(this.bundle): /etc/inetd.conf repaired" ifvarclass => "check_mk_inetd_conf_file_repaired";
+ "$(this.bundle): /usr/local/bin/check_mk_agent repaired" ifvarclass => "check_mk_agent_repaired";
+ "$(this.bundle): inetd service repaired" ifvarclass => "inetd_service_repaired";
+ "$(this.bundle): inetd service restarted" ifvarclass => "inetd_service_restarted";
+}
diff --git a/services/applications/fcgiwrap.cf b/services/applications/fcgiwrap.cf
new file mode 100644
index 0000000..af2e8f8
--- /dev/null
+++ b/services/applications/fcgiwrap.cf
@@ -0,0 +1,8 @@
+bundle common fcgiwrap
+{
+ vars:
+ use_fcgiwrap::
+ "packages" slist => {
+ "fcgiwrap",
+ };
+}
diff --git a/services/applications/sshd.cf b/services/applications/sshd.cf
new file mode 100644
index 0000000..da602a1
--- /dev/null
+++ b/services/applications/sshd.cf
@@ -0,0 +1,33 @@
+bundle agent sshd
+{
+ files:
+ freebsd::
+ "/etc/rc.conf"
+ create => "true",
+ edit_defaults => std_defs,
+ perms => system_owned("444"),
+ edit_line => append_if_no_line("sshd_enable=\"YES\""),
+ classes => if_repaired("sshd_rc_conf_file_repaired");
+ "/root/.ssh/."
+ create => "true",
+ perms => system_owned("700"),
+ classes => if_repaired("sshd_ssh_dir_repaired");
+ "/root/.ssh/authorized_keys"
+ create => "true",
+ edit_defaults => empty,
+ perms => system_owned("444"),
+ edit_template => "$(sys.inputdir)/templates/sshd/authorized_keys",
+ classes => if_repaired("sshd_authorized_keys_files_repaired");
+ classes:
+ freebsd::
+ "sshd_service_running" expression => returnszero("/usr/sbin/service sshd status", "noshell");
+ commands:
+ freebsd.!sshd_service_running::
+ "/usr/sbin/service sshd start" classes => if_repaired("sshd_service_repaired");
+ reports:
+ any::
+ "$(this.bundle): /etc/rc.conf repaired" ifvarclass => "sshd_rc_conf_file_repaired";
+ "$(this.bundle): /root/.ssh directory repaired" ifvarclass => "sshd_ssh_dir_repaired";
+ "$(this.bundle): /root/.ssh/authorized_keys repaired" ifvarclass => "sshd_rc_conf_file_repaired";
+ "$(this.bundle): sshd service repaired" ifvarclass => "sshd_service_repaired";
+}