Puppet Class: geoip::data::maxmind

Defined in:
modules/geoip/manifests/data/maxmind.pp

Overview

them from Maxmind with the geoipupdate command. This also installs a timer job to do this weekly.

into a fileserver module. Once the files are there, you can use the default geoip::data::puppet class to sync the files from your puppetmaster, instead of downloading them from maxmind on all your nodes. node puppetmaster {

class { 'geoip::data::maxmind':
   $data_directory => '/etc/puppet/files/GeoIP',
   ...
}

} … node client_node

include geoip::data::puppet

Examples:

You can use this class on your puppetmaster to stick the GeoIP .dat files

Parameters:

  • data_directory (Stdlib::Unixpath) (defaults to: '/usr/share/GeoIP')

    Where the data files should live.

  • license_key (String) (defaults to: '000000000000')

    MaxMind license key.

  • user_id (String) (defaults to: '999999')

    MaxMind user id.

  • product_ids (Array) (defaults to: [506])

    Array of MaxMind product ids to specify which data files to download. default: [506] (GeoLite Country)

  • ca_server (Stdlib::Host) (defaults to: $facts['networking']['fqdn'])

    Proxy server to use to fetch files.

  • proxy (Optional[Stdlib::Httpurl]) (defaults to: undef)

    Active CA server



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# File 'modules/geoip/manifests/data/maxmind.pp', line 27

class geoip::data::maxmind(
  Stdlib::Unixpath $data_directory = '/usr/share/GeoIP',
  String $user_id                  = '999999',
  String $license_key              = '000000000000',
  Array $product_ids               = [506],
  Stdlib::Host $ca_server          = $facts['networking']['fqdn'],
  Optional[Stdlib::Httpurl] $proxy = undef,
) {
  # Version 3 on buster has different config keys to version 2
  $legacy_format = debian::codename::lt('buster')

  ensure_packages(['geoipupdate'])

  ensure_resource('file', $data_directory, {'ensure' => 'directory'})

  $is_active = $facts['networking']['fqdn'] == $ca_server
  $config_file = '/etc/GeoIP.conf'

  # Install GeoIP.conf with Maxmind user_id, licence_key, and product_ids.
  file { $config_file:
    content => template('geoip/GeoIP.conf.erb'),
  }

  # command to run to update the GeoIP database files

  if $is_active {
    # Go ahead and exec geoipupdate now, so that we can be sure we have these
    # files if this is the first time puppetmaster is running this class.
    $geoipupdate_command = "/usr/bin/geoipupdate -f ${config_file} -d ${data_directory}"
    exec { 'geoipupdate':
        command     => $geoipupdate_command,
        refreshonly => true,
        subscribe   => File[$config_file],
        require     => [
            Package['geoipupdate'],
            File[$data_directory]
        ],
    }
  } else {
    $geoipupdate_command = "/usr/bin/printf 'this job only runs on the active ca server: ${ca_server}\\n'"
  }

  # Set up a timer to run geoipupdate daily. This will download .dat files for
  # the specified MaxMind Product IDs.  We expect new data to generally arrive
  # weekly on Tuesdays, but there is no guarantee as to the precise timing in
  # the long term.
  systemd::timer::job { 'geoip_update_legacy':
      ensure      => 'absent',
      user        => 'root',
      description => 'download geoip database from MaxMind',
      command     => $geoipupdate_command,
      interval    => {'start' => 'OnCalendar', 'interval' => '*-*-* 3:30:0'},
  }

  systemd::timer::job { 'geoip_update_main':
      ensure             => 'present',
      user               => 'root',
      description        => 'download geoip databases from MaxMind',
      command            => $geoipupdate_command,
      syslog_identifier  => 'geoip_update_main',
      interval           => {'start' => 'OnCalendar', 'interval' => '*-*-* 3:30:0'},
      monitoring_enabled => true,
      logging_enabled    => true,
      require            => [
        Package['geoipupdate'],
        File[$config_file, $data_directory]
      ],
  }
}