summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmdb/hosts/cobsd-jde.yaml13
-rw-r--r--cmdb/hosts/collab-jde.yaml14
-rw-r--r--cmdb/hosts/hurricane.yaml17
-rw-r--r--cmdb/hosts/legend.yaml21
-rw-r--r--cmdb/hosts/myth.yaml23
-rw-r--r--services/applications/openvpn.cf8
-rw-r--r--services/main.cf2
7 files changed, 89 insertions, 9 deletions
diff --git a/cmdb/hosts/cobsd-jde.yaml b/cmdb/hosts/cobsd-jde.yaml
new file mode 100644
index 0000000..14cdd8b
--- /dev/null
+++ b/cmdb/hosts/cobsd-jde.yaml
@@ -0,0 +1,13 @@
+domain: adyxax.org
+host_interface: lo1
+host_ip: "10.1.0.250"
+
+tunnels:
+ legend:
+ port: 1199
+ ip: "10.1.0.30"
+ peer: "10.1.0.31"
+ myth:
+ port: 1198
+ ip: "10.1.0.24"
+ peer: "10.1.0.25"
diff --git a/cmdb/hosts/collab-jde.yaml b/cmdb/hosts/collab-jde.yaml
index e02e571..0adbdf7 100644
--- a/cmdb/hosts/collab-jde.yaml
+++ b/cmdb/hosts/collab-jde.yaml
@@ -7,3 +7,17 @@ tunnels:
port: 1199
ip: "10.1.0.14"
peer: "10.1.0.15"
+ hurricane:
+ port: 1194
+ ip: "10.1.0.5"
+ peer: "10.1.0.4"
+ legend:
+ port: 1195
+ ip: "10.1.0.7"
+ peer: "10.1.0.6"
+ remote_host: legend.adyxax.org
+ remote_port: 1196
+ myth:
+ port: 1198
+ ip: "10.1.0.16"
+ peer: "10.1.0.17"
diff --git a/cmdb/hosts/hurricane.yaml b/cmdb/hosts/hurricane.yaml
new file mode 100644
index 0000000..740bd9d
--- /dev/null
+++ b/cmdb/hosts/hurricane.yaml
@@ -0,0 +1,17 @@
+domain: adyxax.org
+host_interface: dummy0
+host_ip: "10.1.0.252"
+
+tunnels:
+ collab:
+ port: 1195
+ ip: "10.1.0.4"
+ peer: "10.1.0.5"
+ remote_host: collab-jde.nexen.net
+ remote_port: 1194
+ legend:
+ port: 1194
+ ip: "10.1.0.1"
+ peer: "10.1.0.0"
+ remote_host: legend.adyxax.org
+ remote_port: 1194
diff --git a/cmdb/hosts/legend.yaml b/cmdb/hosts/legend.yaml
index 46cd451..131449d 100644
--- a/cmdb/hosts/legend.yaml
+++ b/cmdb/hosts/legend.yaml
@@ -1,5 +1,5 @@
domain: adyxax.org
-host_interface: dummy0
+host_interface: br0
host_ip: "10.1.0.254"
tunnels:
@@ -7,4 +7,21 @@ tunnels:
port: 1195
ip: "10.1.0.2"
peer: "10.1.0.3"
-
+ cobsd:
+ port: 1200
+ ip: "10.1.0.31"
+ peer: "10.1.0.30"
+ remote_host: cobsd-jde.nexen.net
+ remote_port: 1199
+ collab:
+ port: 1196
+ ip: "10.1.0.6"
+ peer: "10.1.0.7"
+ hurricane:
+ port: 1194
+ ip: "10.1.0.0"
+ peer: "10.1.0.1"
+ myth:
+ port: 1199
+ ip: "10.1.0.28"
+ peer: "10.1.0.29"
diff --git a/cmdb/hosts/myth.yaml b/cmdb/hosts/myth.yaml
new file mode 100644
index 0000000..213c109
--- /dev/null
+++ b/cmdb/hosts/myth.yaml
@@ -0,0 +1,23 @@
+domain: adyxax.org
+host_interface: br0
+host_ip: "10.1.0.247"
+
+tunnels:
+ cobsd:
+ port: 1194
+ ip: "10.1.0.25"
+ peer: "10.1.0.24"
+ remote_host: cobsd-jde.nexen.net
+ remote_port: 1198
+ collab:
+ port: 1197
+ ip: "10.1.0.17"
+ peer: "10.1.0.16"
+ remote_host: collab-jde.nexen.net
+ remote_port: 1198
+ legend:
+ port: 1196
+ ip: "10.1.0.29"
+ peer: "10.1.0.28"
+ remote_host: legend.adyxax.org
+ remote_port: 1199
diff --git a/services/applications/openvpn.cf b/services/applications/openvpn.cf
index 597318f..963c720 100644
--- a/services/applications/openvpn.cf
+++ b/services/applications/openvpn.cf
@@ -3,9 +3,6 @@ bundle agent openvpn
vars:
any::
"tunnels" slist => getindices("g.host_data[tunnels]");
- classes:
- any::
- "$(tunnels)_needs_restart" or => { "openvpn_common_key_repaired", "linux.openvpn_$(tunnels)_conf_repaired" };
files:
any::
"/etc/openvpn/common.key"
@@ -25,7 +22,7 @@ bundle agent openvpn
classes => if_repaired("tunnel_$(tunnels)_service_repaired");
commands:
any::
- "/usr/sbin/service openvpn@$(tunnels) restart" classes => if_repaired("tunnel_$(tunnels)_service_repaired"), ifvarclass => "$(tunnels)_needs_restart";
+ "/usr/sbin/service openvpn@$(tunnels) restart" classes => if_repaired("tunnel_$(tunnels)_service_repaired"), ifvarclass => "openvpn_common_key_repaired";
reports:
any::
"$(this.bundle): common.key repaired" ifvarclass => "openvpn_common_key_repaired";
@@ -36,7 +33,6 @@ bundle agent openvpn_tunnel(tunnel)
{
classes:
any::
- "$(tunnel)_needs_restart" or => { "openvpn_common_key_repaired", "linux.openvpn_$(tunnel)_conf_repaired" };
"has_remote" and => { isvariable("g.host_data[tunnels][$(tunnel)][remote_host]"), isvariable("g.host_data[tunnels][$(tunnel)][remote_port]") };
files:
any::
@@ -49,7 +45,7 @@ bundle agent openvpn_tunnel(tunnel)
classes => if_repaired("openvpn_$(tunnel)_conf_repaired");
commands:
any::
- "/usr/sbin/service openvpn@$(tunnel) restart" classes => if_repaired("tunnel_$(tunnel)_service_repaired"), ifvarclass => "$(tunnel)_needs_restart";
+ "/usr/sbin/service openvpn@$(tunnel) restart" classes => if_repaired("tunnel_$(tunnel)_service_repaired"), ifvarclass => "openvpn_$(tunnel)_conf_repaired";
reports:
any::
"$(this.bundle): $(tunnel).conf repaired" ifvarclass => "openvpn_$(tunnel)_conf_repaired";
diff --git a/services/main.cf b/services/main.cf
index 0d4270f..31e20d5 100644
--- a/services/main.cf
+++ b/services/main.cf
@@ -57,7 +57,7 @@ bundle common g
bundle agent main
{
methods:
- andromeda|collab_jde::
+ linux.!containers::
"andromeda" usebundle => openvpn;
nagios::
"nagios" usebundle => nagios;