Puppet Class: rancid

Defined in:
modules/rancid/manifests/init.pp

Summary

class to mange rancid

Overview

SPDX-License-Identifier: Apache-2.0 Really Awful Notorious CIsco config Differ

Parameters:

  • active_server (Stdlib::Fqdn)

    the FQDN of the active server



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# File 'modules/rancid/manifests/init.pp', line 5

class rancid (
    Stdlib::Fqdn $active_server,
){

    ensure_packages('rancid')

    systemd::sysuser { 'rancid':
        home_dir => '/var/lib/rancid',
        shell    => '/bin/sh',
    }

    keyholder::agent { 'rancid':
        trusted_groups => ['rancid'],
    }

    file {
        default:
            ensure => file,
            owner  => 'root',
            group  => 'root',
            mode   => '0755';
        '/etc/rancid':
            ensure => directory;
        '/etc/rancid/rancid.conf':
            mode    => '0444',
            content => template('rancid/rancid.conf.erb');
        '/var/lib/rancid/bin/oglogin':
            source  => 'puppet:///modules/rancid/bin/oglogin';
        '/var/lib/rancid/bin/ograncid':
            source  => 'puppet:///modules/rancid/bin/ograncid';
        '/var/lib/rancid/bin/ssh-serial-console-wrapper':
            source  => 'puppet:///modules/rancid/bin/ssh-serial-console-wrapper';
    }
    file {
        default:
            ensure => file,
            owner  => 'rancid',
            group  => 'rancid';
        '/var/lib/rancid':
            ensure => directory,
            mode   => '0750',
            group  => 'wikidev';
        '/var/lib/rancid/.cloginrc':
            mode    => '0440',
            content => template('rancid/cloginrc.erb');
        '/var/lib/rancid/.gitconfig':
            mode    => '0440',
            content => template('rancid/gitconfig.erb');
        '/var/lib/rancid/.ssh':
            ensure => directory,
            mode   => '0700';
        '/var/lib/rancid/.ssh/config':
            mode   => '0644',
            source => 'puppet:///modules/rancid/ssh_config';
        '/var/lib/rancid/core':
            ensure  => directory,
            recurse => remote,
            mode    => '0774',
            source  => 'puppet:///modules/rancid/core';
        '/var/lib/rancid/core/configs':
            ensure => directory,
            mode   => '0774';
    }

    file_line { 'opengear_script':
      path => '/etc/rancid/rancid.types.base',
      line => 'opengear;script;ograncid',
    }

    file_line { 'opengear_login':
      path => '/etc/rancid/rancid.types.base',
      line => 'opengear;login;oglogin',
    }

    $job_ensure = ($active_server == $facts['networking']['fqdn']).bool2str('present', 'absent')

    systemd::timer::job { 'rancid-differ':
        ensure             => $job_ensure,
        user               => 'rancid',
        description        => 'run rancid-run',
        environment        => { 'SSH_AUTH_SOCK' => '/run/keyholder/proxy.sock' },
        command            => '/usr/lib/rancid/bin/rancid-run',
        interval           => {'start' => 'OnUnitInactiveSec', 'interval' => '1h'},
        monitoring_enabled => false,
        logging_enabled    => false,
    }

    systemd::timer::job { 'rancid-clean-logs':
        ensure             => $job_ensure,
        user               => 'rancid',
        description        => 'clean rancid logs',
        command            => '/usr/bin/find /var/log/rancid -type f -mtime +2 -exec rm {} \;',
        interval           => {'start' => 'OnCalendar', 'interval' => '*-*-* 23:50:0'},
        monitoring_enabled => false,
        logging_enabled    => false,
    }
}