summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2016-09-08 20:37:27 +0200
committervarac <varacanero@zeromail.org>2016-09-08 20:37:27 +0200
commit8cb40d25f3e74b37c47b0c265b346f9de860aa77 (patch)
tree82798a5ef02f6403959fb0b814a77005a19e0151 /puppet/modules
parent49fdcf22084258954410d158428d5e38652c36f4 (diff)
parenta3af8acba8cd479f47d76784082d95100c0833ef (diff)
Merge branch 'ensure_clamav_running' into develop
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/clamav/files/clamav-daemon.path12
-rw-r--r--puppet/modules/clamav/manifests/daemon.pp1
-rw-r--r--puppet/modules/clamav/manifests/daemon/activation.pp24
-rw-r--r--puppet/modules/systemd/manifests/enable.pp8
4 files changed, 45 insertions, 0 deletions
diff --git a/puppet/modules/clamav/files/clamav-daemon.path b/puppet/modules/clamav/files/clamav-daemon.path
new file mode 100644
index 00000000..6e57d187
--- /dev/null
+++ b/puppet/modules/clamav/files/clamav-daemon.path
@@ -0,0 +1,12 @@
+[Unit]
+Description=Path Activation for Clam AntiVirus userspace daemon
+Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/
+
+[Path]
+# Check and wait for database existence before starting up
+PathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
+PathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}
+
+[Install]
+WantedBy=sockets.target
+
diff --git a/puppet/modules/clamav/manifests/daemon.pp b/puppet/modules/clamav/manifests/daemon.pp
index 2e13a8fb..b51a07e9 100644
--- a/puppet/modules/clamav/manifests/daemon.pp
+++ b/puppet/modules/clamav/manifests/daemon.pp
@@ -1,5 +1,6 @@
# deploy clamav daemon
class clamav::daemon {
+ include clamav::daemon::activation
$domain_hash = hiera('domain')
$domain = $domain_hash['full_suffix']
diff --git a/puppet/modules/clamav/manifests/daemon/activation.pp b/puppet/modules/clamav/manifests/daemon/activation.pp
new file mode 100644
index 00000000..09c1e55e
--- /dev/null
+++ b/puppet/modules/clamav/manifests/daemon/activation.pp
@@ -0,0 +1,24 @@
+# ensure clamav starts after the definitions are downloaded
+# needed because sometimes clamd cannot get started by freshclam,
+# see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827909
+class clamav::daemon::activation {
+
+ file { '/etc/systemd/system/clamav-daemon.path':
+ source => 'puppet:///modules/clamav/clamav-daemon.path',
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => [ Exec['systemctl-daemon-reload'], Systemd::Enable['clamav-daemon.path'] ]
+ }
+
+ systemd::enable { 'clamav-daemon.path':
+ require => Exec['systemctl-daemon-reload'],
+ notify => Exec['start_clamd_path_monitor']
+ }
+
+ exec { 'start_clamd_path_monitor':
+ command => '/bin/systemctl start clamav-daemon.path',
+ refreshonly => true,
+ before => Service['freshclam']
+ }
+}
diff --git a/puppet/modules/systemd/manifests/enable.pp b/puppet/modules/systemd/manifests/enable.pp
new file mode 100644
index 00000000..e1bee18a
--- /dev/null
+++ b/puppet/modules/systemd/manifests/enable.pp
@@ -0,0 +1,8 @@
+# enables a systemd resource
+define systemd::enable () {
+
+ exec { "enable_systemd_${name}":
+ refreshonly => true,
+ command => "/bin/systemctl enable ${name}"
+ }
+}