summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--cfengine/watchdog.cf8
-rw-r--r--failsafe.cf25
-rw-r--r--templates/common/hosts2
3 files changed, 29 insertions, 6 deletions
diff --git a/cfengine/watchdog.cf b/cfengine/watchdog.cf
index 22d045d..baf3993 100644
--- a/cfengine/watchdog.cf
+++ b/cfengine/watchdog.cf
@@ -6,7 +6,7 @@ bundle agent cfengine_watchdog
!systemd::
"data" string => '{"systemd": false}';
files:
- any::
+ !alpinelinux::
"/etc/cron.d/cfengine_watchdog"
create => "true",
perms => system_owned("444"),
@@ -14,6 +14,12 @@ bundle agent cfengine_watchdog
template_method => "mustache",
template_data => parsejson("$(data)"),
classes => if_repaired("cfengine_watchdog_repaired");
+ alpinelinux::
+ "/etc/crontabs/root"
+ create => "false",
+ perms => system_owned("400"),
+ edit_line => append_if_no_line("* * * * * [ -x \"/var/lib/cfengine/bin/cf-execd\" ] && if ! /usr/bin/pgrep cf-execd > /dev/null; then \"/var/lib/cfengine/bin/cf-execd\"; fi"),
+ classes => if_repaired("cfengine_watchdog_repaired");
reports:
any::
"$(this.bundle): /etc/cron.d/cfengine_watchdog repaired" ifvarclass => "cfengine_watchdog_repaired";
diff --git a/failsafe.cf b/failsafe.cf
index daba0fc..a7cacc1 100644
--- a/failsafe.cf
+++ b/failsafe.cf
@@ -2,13 +2,15 @@
# - Always ensured to run the update bundle. Do not modify. Ever.
# Failsafe imports and promises
-body agent control {
+body agent control
+{
any::
abortclasses => { "no_ppkeys_ABORT_kept" }; # Bootstrapping can't continue without keys
ifelapsed => "0"; # Make sure that running failsafe many times in a row does not change functionality
}
-bundle agent main {
+bundle agent main
+{
methods:
any::
"Check Keys"
@@ -37,8 +39,11 @@ bundle agent failsafe_checkkeys
bundle agent failsafe_copy_binaries
{
+ classes:
+ any::
+ "alpinelinux" expression => fileexists("/etc/alpine-release");
vars:
- freebsd::
+ alpinelinux|freebsd::
"binaries" slist => {
"cf-agent",
"cf-execd",
@@ -50,6 +55,11 @@ bundle agent failsafe_copy_binaries
"cf-upgrade",
};
files:
+ alpinelinux::
+ "$(sys.bindir)/$(binaries)"
+ copy_from => failsafe_cp("/usr/sbin/$(binaries)"),
+ action => failsafe_u_immediate,
+ classes => failsafe_results("namespace", "copy_binaries");
freebsd::
"$(sys.bindir)/$(binaries)"
copy_from => failsafe_cp("/usr/local/sbin/$(binaries)"),
@@ -73,6 +83,11 @@ bundle agent failsafe_update {
# produced binaries vs packages from the debian repository).
"masterfiles_dir_remote" string => ifelse( "policy_server", $(sys.masterdir), "masterfiles" );
classes:
+ any::
+ "alpinelinux" expression => fileexists("/etc/alpine-release");
+ alpinelinux::
+ "cf_execd_not_running" expression => returnszero("/usr/bin/pgrep cf-execd", "noshell");
+ "cf_serverd_not_running" expression => returnszero("/usr/bin/pgrep cf-serverd", "noshell");
systemd::
"cfengine3_service_running" expression => returnszero("/bin/systemctl status cfengine3", "noshell");
files:
@@ -100,9 +115,9 @@ bundle agent failsafe_update {
file_select => failsafe_exclude_vcs_files,
classes => failsafe_results("namespace", "modulesdir_update");
processes:
- !(windows|systemd)::
+ !(alpinelinux|systemd|windows)::
"cf-serverd" restart_class => "cf_serverd_not_running";
- !systemd.inputdir_update_repaired::
+ !(alpinelinux|systemd|windows).inputdir_update_repaired::
"cf-execd" restart_class => "cf_execd_not_running";
commands:
cf_execd_not_running::
diff --git a/templates/common/hosts b/templates/common/hosts
index 7db7628..a90735f 100644
--- a/templates/common/hosts
+++ b/templates/common/hosts
@@ -27,6 +27,8 @@ ff02::2 ip6-allrouters
10.1.0.211 postgresql01
10.1.0.212 registry
+10.1.0.248 coalp
+10.1.0.249 hero
10.1.0.250 cobsd
10.1.0.251 reality
10.1.0.252 hurricane