Puppet Class: rancid
- Defined in:
- modules/rancid/manifests/init.pp
Summary
class to mange rancidOverview
SPDX-License-Identifier: Apache-2.0 Really Awful Notorious CIsco config Differ
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
# File 'modules/rancid/manifests/init.pp', line 5
class rancid (
Stdlib::Fqdn $active_server,
){
ensure_packages('rancid')
systemd::sysuser { 'rancid':
home_dir => '/var/lib/rancid',
shell => '/bin/sh',
}
keyholder::agent { 'rancid':
trusted_groups => ['rancid'],
}
file {
default:
ensure => file,
owner => 'root',
group => 'root',
mode => '0755';
'/etc/rancid':
ensure => directory;
'/etc/rancid/rancid.conf':
mode => '0444',
content => template('rancid/rancid.conf.erb');
'/var/lib/rancid/bin/oglogin':
source => 'puppet:///modules/rancid/bin/oglogin';
'/var/lib/rancid/bin/ograncid':
source => 'puppet:///modules/rancid/bin/ograncid';
'/var/lib/rancid/bin/ssh-serial-console-wrapper':
source => 'puppet:///modules/rancid/bin/ssh-serial-console-wrapper';
}
file {
default:
ensure => file,
owner => 'rancid',
group => 'rancid';
'/var/lib/rancid':
ensure => directory,
mode => '0750',
group => 'wikidev';
'/var/lib/rancid/.cloginrc':
mode => '0440',
content => template('rancid/cloginrc.erb');
'/var/lib/rancid/.gitconfig':
mode => '0440',
content => template('rancid/gitconfig.erb');
'/var/lib/rancid/.ssh':
ensure => directory,
mode => '0700';
'/var/lib/rancid/.ssh/config':
mode => '0644',
source => 'puppet:///modules/rancid/ssh_config';
'/var/lib/rancid/core':
ensure => directory,
recurse => remote,
mode => '0774',
source => 'puppet:///modules/rancid/core';
'/var/lib/rancid/core/configs':
ensure => directory,
mode => '0774';
'/var/log/rancid':
ensure => directory,
mode => '0755';
}
file_line { 'opengear_script':
path => '/etc/rancid/rancid.types.base',
line => 'opengear;script;ograncid',
}
file_line { 'opengear_login':
path => '/etc/rancid/rancid.types.base',
line => 'opengear;login;oglogin',
}
$job_ensure = ($active_server == $facts['networking']['fqdn']).bool2str('present', 'absent')
systemd::timer::job { 'rancid-differ':
ensure => $job_ensure,
user => 'rancid',
description => 'run rancid-run',
environment => { 'SSH_AUTH_SOCK' => '/run/keyholder/proxy.sock' },
command => '/usr/lib/rancid/bin/rancid-run',
interval => {'start' => 'OnUnitInactiveSec', 'interval' => '1h'},
monitoring_enabled => false,
logging_enabled => false,
}
systemd::timer::job { 'rancid-clean-logs':
ensure => $job_ensure,
user => 'rancid',
description => 'clean rancid logs',
command => '/usr/bin/find /var/log/rancid -type f -mtime +2 -exec rm {} \;',
interval => {'start' => 'OnCalendar', 'interval' => '*-*-* 23:50:0'},
monitoring_enabled => false,
logging_enabled => false,
}
}
|