Puppet Class: profile::homer

Defined in:
modules/profile/manifests/homer.pp

Overview

Parameters:

  • private_git_peer (Stdlib::Host) (defaults to: lookup('profile::homer::private_git_peer'))
  • nb_ro_token (String) (defaults to: lookup('profile::netbox::ro_token'))
  • nb_api (Stdlib::HTTPSUrl) (defaults to: lookup('netbox_api_url'))
  • diff_timer_interval (Optional[String[1]]) (defaults to: lookup('profile::homer::diff_timer_interval'))


5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# File 'modules/profile/manifests/homer.pp', line 5

class profile::homer (
    Stdlib::Host $private_git_peer = lookup('profile::homer::private_git_peer'),
    String $nb_ro_token = lookup('profile::netbox::ro_token'),
    Stdlib::HTTPSUrl $nb_api = lookup('netbox_api_url'),
    Optional[String[1]] $diff_timer_interval = lookup('profile::homer::diff_timer_interval'),
){

    ensure_packages(['virtualenv', 'make'])

    class { 'python_deploy::venv':
        project_name => 'homer',
        deploy_user  => 'deploy-homer',
    }

    keyholder::agent { 'homer':
        trusted_groups => ['ops', 'root'],
    }

    class { 'homer':
        private_git_peer => $private_git_peer,
        nb_token         => $nb_ro_token,
        nb_api           => $nb_api,
    }

    file { '/usr/local/sbin/check-homer-diff':
        ensure  => present,
        owner   => 'root',
        group   => 'root',
        mode    => '0544',
        source  => 'puppet:///modules/profile/homer/check_homer_diff.sh',
        require => Class['homer'],
    }

    $check_homer_diff_ensure = $diff_timer_interval  ? {
        undef   => absent,
        default => present,
    }

    # If unset set a fixed value in the past just to pass validation by systemd-analyze calendar
    # as the timer will be absented in this case and interval is a required parameter.
    $effective_diff_timer_interval = pick($diff_timer_interval, '2021-01-01')

    systemd::timer::job { 'check-homer-diff':
        ensure      => $check_homer_diff_ensure,
        description => 'Check if any network device has a live config that differs from the code-defined one',
        command     => '/usr/local/sbin/check-homer-diff',
        interval    => {
            'start'    => 'OnCalendar',
            'interval' => $effective_diff_timer_interval,
        },
        user        => 'root',  # Needed to access the keyholder SSH key
        require     => File['/usr/local/sbin/check-homer-diff'],
    }
    profile::contact { $title:
        contacts => ['ayounsi', 'volans']
    }
}