From 6e2f04d2859bc432622f82f9b2d00c88557a24c2 Mon Sep 17 00:00:00 2001
From: Julien Dessaux
Date: Fri, 10 Mar 2017 13:50:24 +0100
Subject: Added cfengine watchdog policy

---
 cfengine/core_policies.cf            |  7 +++++++
 cfengine/watchdog.cf                 | 20 ++++++++++++++++++++
 promises.cf                          |  4 ++++
 templates/cfengine/cfengine_watchdog |  6 ++++++
 4 files changed, 37 insertions(+)
 create mode 100644 cfengine/core_policies.cf
 create mode 100644 cfengine/watchdog.cf
 create mode 100644 templates/cfengine/cfengine_watchdog

diff --git a/cfengine/core_policies.cf b/cfengine/core_policies.cf
new file mode 100644
index 0000000..b919b59
--- /dev/null
+++ b/cfengine/core_policies.cf
@@ -0,0 +1,7 @@
+bundle common core_policies
+{
+    vars:
+        any::
+            "bundles" slist => { "cfengine_watchdog" };
+            "inputs" slist => { "cfengine/watchdog.cf" };
+}
diff --git a/cfengine/watchdog.cf b/cfengine/watchdog.cf
new file mode 100644
index 0000000..22d045d
--- /dev/null
+++ b/cfengine/watchdog.cf
@@ -0,0 +1,20 @@
+bundle agent cfengine_watchdog
+{
+    vars:
+        systemd::
+            "data" string => '{"systemd": true}';
+        !systemd::
+            "data" string => '{"systemd": false}';
+    files:
+        any::
+            "/etc/cron.d/cfengine_watchdog"
+                create => "true",
+                perms => system_owned("444"),
+                edit_template => "$(sys.inputdir)/templates/cfengine/cfengine_watchdog",
+                template_method => "mustache",
+                template_data => parsejson("$(data)"),
+                classes => if_repaired("cfengine_watchdog_repaired");
+    reports:
+        any::
+            "$(this.bundle): /etc/cron.d/cfengine_watchdog repaired" ifvarclass => "cfengine_watchdog_repaired";
+}
diff --git a/promises.cf b/promises.cf
index 4295ec9..b082c27 100644
--- a/promises.cf
+++ b/promises.cf
@@ -4,12 +4,16 @@ body common control
         bundlesequence => {
             cfengine_controls,
             cfengine_stdlib,
+            core_policies,
+            @(core_policies.bundles),
             classify,
             @(classify.bundles),
         };
         inputs => {
             @(cfengine_controls.inputs),
             @(cfengine_stdlib.inputs),
+            "cfengine/core_policies.cf",
+            @(core_policies.inputs),
             "services/main.cf",
             @(classify.inputs),
         };
diff --git a/templates/cfengine/cfengine_watchdog b/templates/cfengine/cfengine_watchdog
new file mode 100644
index 0000000..a998511
--- /dev/null
+++ b/templates/cfengine/cfengine_watchdog
@@ -0,0 +1,6 @@
+###############################################################################
+#     \_o<     WARNING : This file is being managed by cfengine!     >o_/     #
+#     ~~~~                                                           ~~~~     #
+###############################################################################
+{{#systemd}}* * * * * root [ -x "/var/cfengine/bin/cf-execd" ] && if ! /bin/systemctl status cfengine3 > /dev/null; then /bin/systemctl start cfengine3; fi{{/systemd}}
+{{^systemd}}* * * * * root [ -x "/var/cfengine/bin/cf-execd" ] && if ! /usr/bin/pgrep cf-execd > /dev/null; then "/var/cfengine/bin/cf-execd"; fi{{/systemd}}
-- 
cgit v1.2.3