From 6e2f04d2859bc432622f82f9b2d00c88557a24c2 Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Fri, 10 Mar 2017 13:50:24 +0100 Subject: Added cfengine watchdog policy --- cfengine/core_policies.cf | 7 +++++++ cfengine/watchdog.cf | 20 ++++++++++++++++++++ promises.cf | 4 ++++ templates/cfengine/cfengine_watchdog | 6 ++++++ 4 files changed, 37 insertions(+) create mode 100644 cfengine/core_policies.cf create mode 100644 cfengine/watchdog.cf create mode 100644 templates/cfengine/cfengine_watchdog diff --git a/cfengine/core_policies.cf b/cfengine/core_policies.cf new file mode 100644 index 0000000..b919b59 --- /dev/null +++ b/cfengine/core_policies.cf @@ -0,0 +1,7 @@ +bundle common core_policies +{ + vars: + any:: + "bundles" slist => { "cfengine_watchdog" }; + "inputs" slist => { "cfengine/watchdog.cf" }; +} diff --git a/cfengine/watchdog.cf b/cfengine/watchdog.cf new file mode 100644 index 0000000..22d045d --- /dev/null +++ b/cfengine/watchdog.cf @@ -0,0 +1,20 @@ +bundle agent cfengine_watchdog +{ + vars: + systemd:: + "data" string => '{"systemd": true}'; + !systemd:: + "data" string => '{"systemd": false}'; + files: + any:: + "/etc/cron.d/cfengine_watchdog" + create => "true", + perms => system_owned("444"), + edit_template => "$(sys.inputdir)/templates/cfengine/cfengine_watchdog", + template_method => "mustache", + template_data => parsejson("$(data)"), + classes => if_repaired("cfengine_watchdog_repaired"); + reports: + any:: + "$(this.bundle): /etc/cron.d/cfengine_watchdog repaired" ifvarclass => "cfengine_watchdog_repaired"; +} diff --git a/promises.cf b/promises.cf index 4295ec9..b082c27 100644 --- a/promises.cf +++ b/promises.cf @@ -4,12 +4,16 @@ body common control bundlesequence => { cfengine_controls, cfengine_stdlib, + core_policies, + @(core_policies.bundles), classify, @(classify.bundles), }; inputs => { @(cfengine_controls.inputs), @(cfengine_stdlib.inputs), + "cfengine/core_policies.cf", + @(core_policies.inputs), "services/main.cf", @(classify.inputs), }; diff --git a/templates/cfengine/cfengine_watchdog b/templates/cfengine/cfengine_watchdog new file mode 100644 index 0000000..a998511 --- /dev/null +++ b/templates/cfengine/cfengine_watchdog @@ -0,0 +1,6 @@ +############################################################################### +# \_o< WARNING : This file is being managed by cfengine! >o_/ # +# ~~~~ ~~~~ # +############################################################################### +{{#systemd}}* * * * * root [ -x "/var/cfengine/bin/cf-execd" ] && if ! /bin/systemctl status cfengine3 > /dev/null; then /bin/systemctl start cfengine3; fi{{/systemd}} +{{^systemd}}* * * * * root [ -x "/var/cfengine/bin/cf-execd" ] && if ! /usr/bin/pgrep cf-execd > /dev/null; then "/var/cfengine/bin/cf-execd"; fi{{/systemd}} -- cgit v1.2.3