7 files changed, 89 insertions, 9 deletions

diff --git a/cmdb/hosts/cobsd-jde.yaml b/cmdb/hosts/cobsd-jde.yaml
new file mode 100644
index 0000000..14cdd8b
--- /dev/null
+++ b/cmdb/hosts/cobsd-jde.yaml
@@ -0,0 +1,13 @@
+domain: adyxax.org
+host_interface: lo1
+host_ip: "10.1.0.250"
+
+tunnels:
+    legend:
+        port: 1199
+        ip: "10.1.0.30"
+        peer: "10.1.0.31"
+    myth:
+        port: 1198
+        ip: "10.1.0.24"
+        peer: "10.1.0.25"
diff --git a/cmdb/hosts/collab-jde.yaml b/cmdb/hosts/collab-jde.yaml
index e02e571..0adbdf7 100644
--- a/cmdb/hosts/collab-jde.yaml
+++ b/cmdb/hosts/collab-jde.yaml
@@ -7,3 +7,17 @@ tunnels:
         port: 1199
         ip: "10.1.0.14"
         peer: "10.1.0.15"
+    hurricane:
+        port: 1194
+        ip: "10.1.0.5"
+        peer: "10.1.0.4"
+    legend:
+        port: 1195
+        ip: "10.1.0.7"
+        peer: "10.1.0.6"
+        remote_host: legend.adyxax.org
+        remote_port: 1196
+    myth:
+        port: 1198
+        ip: "10.1.0.16"
+        peer: "10.1.0.17"
diff --git a/cmdb/hosts/hurricane.yaml b/cmdb/hosts/hurricane.yaml
new file mode 100644
index 0000000..740bd9d
--- /dev/null
+++ b/cmdb/hosts/hurricane.yaml
@@ -0,0 +1,17 @@
+domain: adyxax.org
+host_interface: dummy0
+host_ip: "10.1.0.252"
+
+tunnels:
+    collab:
+        port: 1195
+        ip: "10.1.0.4"
+        peer: "10.1.0.5"
+        remote_host: collab-jde.nexen.net
+        remote_port: 1194
+    legend:
+        port: 1194
+        ip: "10.1.0.1"
+        peer: "10.1.0.0"
+        remote_host: legend.adyxax.org
+        remote_port: 1194
diff --git a/cmdb/hosts/legend.yaml b/cmdb/hosts/legend.yaml
index 46cd451..131449d 100644
--- a/cmdb/hosts/legend.yaml
+++ b/cmdb/hosts/legend.yaml
@@ -1,5 +1,5 @@
 domain: adyxax.org
-host_interface: dummy0
+host_interface: br0
 host_ip: "10.1.0.254"
 
 tunnels:
@@ -7,4 +7,21 @@ tunnels:
         port: 1195
         ip: "10.1.0.2"
         peer: "10.1.0.3"
-
+    cobsd:
+        port: 1200
+        ip: "10.1.0.31"
+        peer: "10.1.0.30"
+        remote_host: cobsd-jde.nexen.net
+        remote_port: 1199
+    collab:
+        port: 1196
+        ip: "10.1.0.6"
+        peer: "10.1.0.7"
+    hurricane:
+        port: 1194
+        ip: "10.1.0.0"
+        peer: "10.1.0.1"
+    myth:
+        port: 1199
+        ip: "10.1.0.28"
+        peer: "10.1.0.29"
diff --git a/cmdb/hosts/myth.yaml b/cmdb/hosts/myth.yaml
new file mode 100644
index 0000000..213c109
--- /dev/null
+++ b/cmdb/hosts/myth.yaml
@@ -0,0 +1,23 @@
+domain: adyxax.org
+host_interface: br0
+host_ip: "10.1.0.247"
+
+tunnels:
+    cobsd:
+        port: 1194
+        ip: "10.1.0.25"
+        peer: "10.1.0.24"
+        remote_host: cobsd-jde.nexen.net
+        remote_port: 1198
+    collab:
+        port: 1197
+        ip: "10.1.0.17"
+        peer: "10.1.0.16"
+        remote_host: collab-jde.nexen.net
+        remote_port: 1198
+    legend:
+        port: 1196
+        ip: "10.1.0.29"
+        peer: "10.1.0.28"
+        remote_host: legend.adyxax.org
+        remote_port: 1199
diff --git a/services/applications/openvpn.cf b/services/applications/openvpn.cf
index 597318f..963c720 100644
--- a/services/applications/openvpn.cf
+++ b/services/applications/openvpn.cf
@@ -3,9 +3,6 @@ bundle agent openvpn
     vars:
         any::
             "tunnels" slist => getindices("g.host_data[tunnels]");
-    classes:
-        any::
-            "$(tunnels)_needs_restart" or => { "openvpn_common_key_repaired", "linux.openvpn_$(tunnels)_conf_repaired" };
     files:
         any::
             "/etc/openvpn/common.key"
@@ -25,7 +22,7 @@ bundle agent openvpn
                 classes => if_repaired("tunnel_$(tunnels)_service_repaired");
     commands:
         any::
-            "/usr/sbin/service openvpn@$(tunnels) restart" classes => if_repaired("tunnel_$(tunnels)_service_repaired"), ifvarclass => "$(tunnels)_needs_restart";
+            "/usr/sbin/service openvpn@$(tunnels) restart" classes => if_repaired("tunnel_$(tunnels)_service_repaired"), ifvarclass => "openvpn_common_key_repaired";
     reports:
         any::
             "$(this.bundle): common.key repaired" ifvarclass => "openvpn_common_key_repaired";
@@ -36,7 +33,6 @@ bundle agent openvpn_tunnel(tunnel)
 {
     classes:
         any::
-            "$(tunnel)_needs_restart" or => { "openvpn_common_key_repaired", "linux.openvpn_$(tunnel)_conf_repaired" };
             "has_remote" and => { isvariable("g.host_data[tunnels][$(tunnel)][remote_host]"), isvariable("g.host_data[tunnels][$(tunnel)][remote_port]") };
     files:
         any::
@@ -49,7 +45,7 @@ bundle agent openvpn_tunnel(tunnel)
                 classes => if_repaired("openvpn_$(tunnel)_conf_repaired");
     commands:
         any::
-            "/usr/sbin/service openvpn@$(tunnel) restart" classes => if_repaired("tunnel_$(tunnel)_service_repaired"), ifvarclass => "$(tunnel)_needs_restart";
+            "/usr/sbin/service openvpn@$(tunnel) restart" classes => if_repaired("tunnel_$(tunnel)_service_repaired"), ifvarclass => "openvpn_$(tunnel)_conf_repaired";
     reports:
         any::
             "$(this.bundle): $(tunnel).conf repaired" ifvarclass => "openvpn_$(tunnel)_conf_repaired";
diff --git a/services/main.cf b/services/main.cf
index 0d4270f..31e20d5 100644
--- a/services/main.cf
+++ b/services/main.cf
@@ -57,7 +57,7 @@ bundle common g
 bundle agent main
 {
     methods:
-        andromeda|collab_jde::
+        linux.!containers::
             "andromeda" usebundle => openvpn;
         nagios::
             "nagios"  usebundle => nagios;