diff options
-rw-r--r-- | promises.cf | 2 | ||||
-rw-r--r-- | services/applications.cf | 8 | ||||
-rw-r--r-- | services/applications/bareos_fd.cf (renamed from services/bareos_fd.cf) | 4 | ||||
-rw-r--r-- | services/applications/check_mk.cf (renamed from services/check_mk.cf) | 3 | ||||
-rw-r--r-- | services/applications/fcgiwrap.cf | 8 | ||||
-rw-r--r-- | services/applications/sshd.cf (renamed from services/sshd.cf) | 0 | ||||
-rw-r--r-- | services/common.cf | 38 | ||||
-rw-r--r-- | services/julien.cf | 5 | ||||
-rw-r--r-- | services/main.cf | 16 | ||||
-rw-r--r-- | services/os.cf | 22 | ||||
-rw-r--r-- | services/os/debian.cf (renamed from services/debian.cf) | 2 | ||||
-rw-r--r-- | services/os/freebsd.cf (renamed from services/freebsd.cf) | 12 | ||||
-rw-r--r-- | services/os/ubuntu.cf (renamed from services/ubuntu.cf) | 2 | ||||
-rw-r--r-- | services/specific.cf | 12 |
14 files changed, 78 insertions, 56 deletions
diff --git a/promises.cf b/promises.cf index 6be237d..b082c27 100644 --- a/promises.cf +++ b/promises.cf @@ -6,7 +6,6 @@ body common control cfengine_stdlib, core_policies, @(core_policies.bundles), - specific, classify, @(classify.bundles), }; @@ -15,7 +14,6 @@ body common control @(cfengine_stdlib.inputs), "cfengine/core_policies.cf", @(core_policies.inputs), - "services/specific.cf", "services/main.cf", @(classify.inputs), }; diff --git a/services/applications.cf b/services/applications.cf new file mode 100644 index 0000000..07ac9e0 --- /dev/null +++ b/services/applications.cf @@ -0,0 +1,8 @@ +body file control +{ + inputs => { + "services/applications/bareos_fd.cf", + "services/applications/check_mk.cf", + "services/applications/sshd.cf", + }; +} diff --git a/services/bareos_fd.cf b/services/applications/bareos_fd.cf index 457655d..3b16a91 100644 --- a/services/bareos_fd.cf +++ b/services/applications/bareos_fd.cf @@ -14,6 +14,10 @@ bundle agent bareos_fd classes: freebsd:: "bareos_fd_service_running" expression => returnszero("/usr/sbin/service bareos-fd status", "noshell"); + methods: + freebsd:: + "any" usebundle => install_package("$(bareos_fd.packages)"); + "any" usebundle => add_rc_conf_line("$(bareos_fd.rc_conf_lines)"); files: freebsd:: "/usr/local/etc/bareos/bareos-fd.d/client/myself.conf" diff --git a/services/check_mk.cf b/services/applications/check_mk.cf index fef8549..0731eaa 100644 --- a/services/check_mk.cf +++ b/services/applications/check_mk.cf @@ -25,6 +25,9 @@ bundle agent check_mk classes: freebsd:: "inetd_service_running" expression => returnszero("/usr/sbin/service inetd status", "noshell"); + methods: + freebsd:: + "any" usebundle => add_rc_conf_line("$(check_mk.rc_conf_lines)"); commands: freebsd.!inetd_service_running:: "/usr/sbin/service inetd start" classes => if_repaired("inet_service_repaired"); diff --git a/services/applications/fcgiwrap.cf b/services/applications/fcgiwrap.cf new file mode 100644 index 0000000..af2e8f8 --- /dev/null +++ b/services/applications/fcgiwrap.cf @@ -0,0 +1,8 @@ +bundle common fcgiwrap +{ + vars: + use_fcgiwrap:: + "packages" slist => { + "fcgiwrap", + }; +} diff --git a/services/sshd.cf b/services/applications/sshd.cf index da602a1..da602a1 100644 --- a/services/sshd.cf +++ b/services/applications/sshd.cf diff --git a/services/common.cf b/services/common.cf index 7cb92d5..b5e7b75 100644 --- a/services/common.cf +++ b/services/common.cf @@ -1,13 +1,5 @@ bundle agent common { - vars: - any:: - "packages" slist => { - @(flavour.packages), - @(julien.packages), - @(bareos_fd.packages), - @(specific.packages), - }; files: any:: "/etc/hosts" @@ -15,21 +7,9 @@ bundle agent common perms => system_owned("444"), edit_template => "$(sys.inputdir)/templates/common/hosts", classes => if_repaired("common_hosts_files_repaired"); - packages: - debian|ubuntu:: - "$(packages)" - policy => "present", - package_module => apt_get, - classes => if_repaired("common_packages_$(packages)_add_repaired"); - freebsd:: - "$(packages)" - policy => "present", - package_module => pkg, - classes => if_repaired("common_packages_$(packages)_add_repaired"); reports: any:: "$(this.bundle): /etc/hosts repaired" ifvarclass => "common_hosts_files_repaired"; - "$(this.bundle): $(packages) installed" ifvarclass => "common_packages_$(packages)_add_repaired"; } bundle agent home_skel(user) @@ -45,3 +25,21 @@ bundle agent home_skel(user) any:: "$(this.bundle): /home/$(user) initialized" ifvarclass => "home_skel_$(user)_repaired"; } + +bundle agent install_package(package) +{ + packages: + debian|ubuntu:: + "$(package)" + policy => "present", + package_module => apt_get, + classes => if_repaired("common_package_$(package)_add_repaired"); + freebsd:: + "$(package)" + policy => "present", + package_module => pkg, + classes => if_repaired("common_package_$(package)_add_repaired"); + reports: + any:: + "$(this.bundle): $(package) installed" ifvarclass => "common_package_$(package)_add_repaired"; +} diff --git a/services/julien.cf b/services/julien.cf index e154a38..bf21323 100644 --- a/services/julien.cf +++ b/services/julien.cf @@ -1,8 +1,6 @@ bundle agent julien { vars: - !console_julien:: - "packages" slist => {}; console_julien.(debian|ubuntu):: "bash_path" string => "/bin/bash"; "group_command" string => "$(paths.groupadd)"; @@ -34,6 +32,9 @@ bundle agent julien console_julien:: "group_julien_absent" not => groupexists("julien"); + methods: + console_julien:: + "any" usebundle => install_package("$(julien.packages)"); commands: group_julien_absent:: "$(group_command)" diff --git a/services/main.cf b/services/main.cf index 3bde9b0..e6d7642 100644 --- a/services/main.cf +++ b/services/main.cf @@ -4,26 +4,18 @@ bundle common classify any:: "bundles" slist => { "common", + "os", + "julien", "bareos_fd", "check_mk", - "flavour", - "julien", "sshd", }; "inputs" slist => { "services/common.cf", - "services/$(flavour).cf", - "services/bareos_fd.cf", - "services/check_mk.cf", + "services/applications.cf", + "services/os.cf", "services/julien.cf", - "services/sshd.cf", }; - debian:: - "flavour" string => "debian"; - freebsd:: - "flavour" string => "freebsd"; - ubuntu:: - "flavour" string => "ubuntu"; classes: any:: "containers" or => { diff --git a/services/os.cf b/services/os.cf new file mode 100644 index 0000000..ee8dc65 --- /dev/null +++ b/services/os.cf @@ -0,0 +1,22 @@ +body file control +{ + inputs => { + "services/os/debian.cf", + "services/os/freebsd.cf", + "services/os/ubuntu.cf", + }; +} + +bundle agent os +{ + methods: + debian:: + "any" usebundle => install_package("$(debian.packages)"); + "any" usebundle => debian; + freebsd:: + "any" usebundle => install_package("$(freebsd.packages)"); + "any" usebundle => freebsd; + ubuntu:: + "any" usebundle => install_package("$(ubuntu.packages)"); + "any" usebundle => ubuntu; +} diff --git a/services/debian.cf b/services/os/debian.cf index 920816b..3d73c2b 100644 --- a/services/debian.cf +++ b/services/os/debian.cf @@ -1,4 +1,4 @@ -bundle common flavour +bundle common debian { vars: debian:: diff --git a/services/freebsd.cf b/services/os/freebsd.cf index c83e08f..7c930db 100644 --- a/services/freebsd.cf +++ b/services/os/freebsd.cf @@ -1,4 +1,4 @@ -bundle agent flavour +bundle agent freebsd { vars: freebsd:: @@ -6,17 +6,17 @@ bundle agent flavour "bash", "ncdu", }; - "rc_conf_lines" slist => { - @(bareos_fd.rc_conf_lines), - @(check_mk.rc_conf_lines), - }; +} + +bundle agent add_rc_conf_line(line) +{ files: freebsd:: "/etc/rc.conf" create => "true", edit_defaults => std_defs, perms => system_owned("444"), - edit_line => append_if_no_line("$(rc_conf_lines)"), + edit_line => append_if_no_line("$(line)"), classes => if_repaired("freebsd_rc_conf_file_repaired"); reports: any:: diff --git a/services/ubuntu.cf b/services/os/ubuntu.cf index 9b711a3..58bd2d5 100644 --- a/services/ubuntu.cf +++ b/services/os/ubuntu.cf @@ -1,4 +1,4 @@ -bundle common flavour +bundle common ubuntu { vars: ubuntu:: diff --git a/services/specific.cf b/services/specific.cf deleted file mode 100644 index 0b31a61..0000000 --- a/services/specific.cf +++ /dev/null @@ -1,12 +0,0 @@ -bundle common specific -{ - defaults: - !git_lxd:: - "packages" slist => {}; - vars: - git_lxd:: - "packages" slist => { - "git-annex", - "gitolite3", - }; -} |