Puppet Class: rancid

Defined in:
modules/rancid/manifests/init.pp

Overview

Really Awful Notorious CIsco config Differ

Parameters:

  • active_server (Stdlib::Fqdn)


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# File 'modules/rancid/manifests/init.pp', line 2

class rancid (
    Stdlib::Fqdn $active_server,
){

    package { 'rancid':
        ensure => present,
    }

    group { 'rancid':
        ensure => present,
        name   => 'rancid',
        system => true,
    }

    user { 'rancid':
        shell      => '/bin/sh',
        gid        => 'rancid',
        managehome => true,
        system     => true,
        home       => '/var/lib/rancid',
    }

    ::keyholder::agent { 'rancid':
        require        => Group['rancid'],
        trusted_groups => ['rancid'],
    }

    file { '/etc/rancid/rancid.conf':
        require => Package['rancid'],
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template('rancid/rancid.conf.erb'),
    }

    file { '/var/lib/rancid/bin/oglogin':
        require => Package['rancid'],
        owner   => 'root',
        group   => 'root',
        mode    => '0755',
        source  => 'puppet:///modules/rancid/bin/oglogin',
    }

    file { '/var/lib/rancid/bin/ograncid':
        require => Package['rancid'],
        owner   => 'root',
        group   => 'root',
        mode    => '0755',
        source  => 'puppet:///modules/rancid/bin/ograncid',
    }

    file { '/var/lib/rancid/bin/ssh-serial-console-wrapper':
        require => Package['rancid'],
        owner   => 'root',
        group   => 'root',
        mode    => '0755',
        source  => 'puppet:///modules/rancid/bin/ssh-serial-console-wrapper',
    }

    file { '/var/lib/rancid/core':
        require => [ Package['rancid'], User['rancid'] ],
        owner   => 'rancid',
        group   => 'rancid',
        mode    => '0774',
        recurse => remote,
        source  => 'puppet:///modules/rancid/core',
    }

    file { '/var/lib/rancid/.cloginrc':
        require => Package['rancid'],
        owner   => 'rancid',
        group   => 'rancid',
        mode    => '0440',
        content => template('rancid/cloginrc.erb'),
    }

    file { '/var/lib/rancid/.gitconfig':
        require => Package['rancid'],
        owner   => 'rancid',
        group   => 'rancid',
        mode    => '0440',
        content => template('rancid/gitconfig.erb'),
    }

    file_line { 'opengear_script':
      path => '/etc/rancid/rancid.types.base',
      line => 'opengear;script;ograncid',
    }

    file_line { 'opengear_login':
      path => '/etc/rancid/rancid.types.base',
      line => 'opengear;login;oglogin',
    }

    if $active_server == $::fqdn {
        $job_ensure = 'present'
    } else {
        $job_ensure = 'absent'
    }

    systemd::timer::job { 'rancid-differ':
        ensure             => $job_ensure,
        user               => 'rancid',
        description        => 'run rancid-run',
        environment        => { 'SSH_AUTH_SOCK' => '/run/keyholder/proxy.sock' },
        command            => '/usr/lib/rancid/bin/rancid-run',
        interval           => {'start' => 'OnUnitInactiveSec', 'interval' => '1h'},
        monitoring_enabled => false,
        logging_enabled    => false,
    }

    systemd::timer::job { 'rancid-clean-logs':
        ensure             => $job_ensure,
        user               => 'rancid',
        description        => 'clean rancid logs',
        command            => '/usr/bin/find /var/log/rancid -type f -mtime +2 -exec rm {} \;',
        interval           => {'start' => 'OnCalendar', 'interval' => '*-*-* 23:50:0'},
        monitoring_enabled => false,
        logging_enabled    => false,
    }

    file { '/var/log/rancid':
        owner => 'rancid',
        group => 'rancid',
        mode  => '0750',
    }
}