From b7bc2437a32b4c214369e2cb6bc0006ca6363c6e Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Thu, 15 Mar 2018 19:02:29 +0100 Subject: Imported some more openvpn tunnels --- cmdb/hosts/cobsd-jde.yaml | 13 +++++++++++++ cmdb/hosts/collab-jde.yaml | 14 ++++++++++++++ cmdb/hosts/hurricane.yaml | 17 +++++++++++++++++ cmdb/hosts/legend.yaml | 21 +++++++++++++++++++-- cmdb/hosts/myth.yaml | 23 +++++++++++++++++++++++ services/applications/openvpn.cf | 8 ++------ services/main.cf | 2 +- 7 files changed, 89 insertions(+), 9 deletions(-) create mode 100644 cmdb/hosts/cobsd-jde.yaml create mode 100644 cmdb/hosts/hurricane.yaml create mode 100644 cmdb/hosts/myth.yaml diff --git a/cmdb/hosts/cobsd-jde.yaml b/cmdb/hosts/cobsd-jde.yaml new file mode 100644 index 0000000..14cdd8b --- /dev/null +++ b/cmdb/hosts/cobsd-jde.yaml @@ -0,0 +1,13 @@ +domain: adyxax.org +host_interface: lo1 +host_ip: "10.1.0.250" + +tunnels: + legend: + port: 1199 + ip: "10.1.0.30" + peer: "10.1.0.31" + myth: + port: 1198 + ip: "10.1.0.24" + peer: "10.1.0.25" diff --git a/cmdb/hosts/collab-jde.yaml b/cmdb/hosts/collab-jde.yaml index e02e571..0adbdf7 100644 --- a/cmdb/hosts/collab-jde.yaml +++ b/cmdb/hosts/collab-jde.yaml @@ -7,3 +7,17 @@ tunnels: port: 1199 ip: "10.1.0.14" peer: "10.1.0.15" + hurricane: + port: 1194 + ip: "10.1.0.5" + peer: "10.1.0.4" + legend: + port: 1195 + ip: "10.1.0.7" + peer: "10.1.0.6" + remote_host: legend.adyxax.org + remote_port: 1196 + myth: + port: 1198 + ip: "10.1.0.16" + peer: "10.1.0.17" diff --git a/cmdb/hosts/hurricane.yaml b/cmdb/hosts/hurricane.yaml new file mode 100644 index 0000000..740bd9d --- /dev/null +++ b/cmdb/hosts/hurricane.yaml @@ -0,0 +1,17 @@ +domain: adyxax.org +host_interface: dummy0 +host_ip: "10.1.0.252" + +tunnels: + collab: + port: 1195 + ip: "10.1.0.4" + peer: "10.1.0.5" + remote_host: collab-jde.nexen.net + remote_port: 1194 + legend: + port: 1194 + ip: "10.1.0.1" + peer: "10.1.0.0" + remote_host: legend.adyxax.org + remote_port: 1194 diff --git a/cmdb/hosts/legend.yaml b/cmdb/hosts/legend.yaml index 46cd451..131449d 100644 --- a/cmdb/hosts/legend.yaml +++ b/cmdb/hosts/legend.yaml @@ -1,5 +1,5 @@ domain: adyxax.org -host_interface: dummy0 +host_interface: br0 host_ip: "10.1.0.254" tunnels: @@ -7,4 +7,21 @@ tunnels: port: 1195 ip: "10.1.0.2" peer: "10.1.0.3" - + cobsd: + port: 1200 + ip: "10.1.0.31" + peer: "10.1.0.30" + remote_host: cobsd-jde.nexen.net + remote_port: 1199 + collab: + port: 1196 + ip: "10.1.0.6" + peer: "10.1.0.7" + hurricane: + port: 1194 + ip: "10.1.0.0" + peer: "10.1.0.1" + myth: + port: 1199 + ip: "10.1.0.28" + peer: "10.1.0.29" diff --git a/cmdb/hosts/myth.yaml b/cmdb/hosts/myth.yaml new file mode 100644 index 0000000..213c109 --- /dev/null +++ b/cmdb/hosts/myth.yaml @@ -0,0 +1,23 @@ +domain: adyxax.org +host_interface: br0 +host_ip: "10.1.0.247" + +tunnels: + cobsd: + port: 1194 + ip: "10.1.0.25" + peer: "10.1.0.24" + remote_host: cobsd-jde.nexen.net + remote_port: 1198 + collab: + port: 1197 + ip: "10.1.0.17" + peer: "10.1.0.16" + remote_host: collab-jde.nexen.net + remote_port: 1198 + legend: + port: 1196 + ip: "10.1.0.29" + peer: "10.1.0.28" + remote_host: legend.adyxax.org + remote_port: 1199 diff --git a/services/applications/openvpn.cf b/services/applications/openvpn.cf index 597318f..963c720 100644 --- a/services/applications/openvpn.cf +++ b/services/applications/openvpn.cf @@ -3,9 +3,6 @@ bundle agent openvpn vars: any:: "tunnels" slist => getindices("g.host_data[tunnels]"); - classes: - any:: - "$(tunnels)_needs_restart" or => { "openvpn_common_key_repaired", "linux.openvpn_$(tunnels)_conf_repaired" }; files: any:: "/etc/openvpn/common.key" @@ -25,7 +22,7 @@ bundle agent openvpn classes => if_repaired("tunnel_$(tunnels)_service_repaired"); commands: any:: - "/usr/sbin/service openvpn@$(tunnels) restart" classes => if_repaired("tunnel_$(tunnels)_service_repaired"), ifvarclass => "$(tunnels)_needs_restart"; + "/usr/sbin/service openvpn@$(tunnels) restart" classes => if_repaired("tunnel_$(tunnels)_service_repaired"), ifvarclass => "openvpn_common_key_repaired"; reports: any:: "$(this.bundle): common.key repaired" ifvarclass => "openvpn_common_key_repaired"; @@ -36,7 +33,6 @@ bundle agent openvpn_tunnel(tunnel) { classes: any:: - "$(tunnel)_needs_restart" or => { "openvpn_common_key_repaired", "linux.openvpn_$(tunnel)_conf_repaired" }; "has_remote" and => { isvariable("g.host_data[tunnels][$(tunnel)][remote_host]"), isvariable("g.host_data[tunnels][$(tunnel)][remote_port]") }; files: any:: @@ -49,7 +45,7 @@ bundle agent openvpn_tunnel(tunnel) classes => if_repaired("openvpn_$(tunnel)_conf_repaired"); commands: any:: - "/usr/sbin/service openvpn@$(tunnel) restart" classes => if_repaired("tunnel_$(tunnel)_service_repaired"), ifvarclass => "$(tunnel)_needs_restart"; + "/usr/sbin/service openvpn@$(tunnel) restart" classes => if_repaired("tunnel_$(tunnel)_service_repaired"), ifvarclass => "openvpn_$(tunnel)_conf_repaired"; reports: any:: "$(this.bundle): $(tunnel).conf repaired" ifvarclass => "openvpn_$(tunnel)_conf_repaired"; diff --git a/services/main.cf b/services/main.cf index 0d4270f..31e20d5 100644 --- a/services/main.cf +++ b/services/main.cf @@ -57,7 +57,7 @@ bundle common g bundle agent main { methods: - andromeda|collab_jde:: + linux.!containers:: "andromeda" usebundle => openvpn; nagios:: "nagios" usebundle => nagios; -- cgit v1.2.3