From 25b9b5f7cd2d64f464fb198d90cc757a1bff1c81 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 22 Apr 2014 00:17:34 -0700 Subject: replace homedir with more specific keydir, authdir, and authfile in order to allow overriding each. modify ::agent, ::agent::config, and ::agent::generate_sshkey to allow changing at each level, with reasonable defaults --- manifests/agent.pp | 44 +++++++++++++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 11 deletions(-) (limited to 'manifests/agent.pp') diff --git a/manifests/agent.pp b/manifests/agent.pp index 2ff9da5..505db64 100644 --- a/manifests/agent.pp +++ b/manifests/agent.pp @@ -4,7 +4,9 @@ class check_mk::agent ( $ip_whitelist = undef, $port = '6556', $server_dir = '/usr/bin', - $homedir = '/omd/sites/monitoring', + $keydir = '/omd/sites/monitoring', + $authdir = '/omd/sites/monitoring', + $authfile = undef, $use_cache = false, $user = 'root', $version = undef, @@ -40,16 +42,36 @@ class check_mk::agent ( agent_logwatch_package_name => $agent_logwatch_package_name, method => $method } - class { 'check_mk::agent::config': - ip_whitelist => $ip_whitelist, - port => $port, - server_dir => $server_dir, - homedir => $homedir, - use_cache => $use_cache, - user => $user, - method => $method, - generate_sshkey => $generate_sshkey, - require => Class['check_mk::agent::install'], + + if $authfile { + # if authfile is set, pass it though + class { 'check_mk::agent::config': + ip_whitelist => $ip_whitelist, + port => $port, + server_dir => $server_dir, + keydir => $keydir, + authdir => $authdir, + authfile => $authfile, + use_cache => $use_cache, + user => $user, + method => $method, + generate_sshkey => $generate_sshkey, + require => Class['check_mk::agent::install'], + } + } else { + # otherwise don't + class { 'check_mk::agent::config': + ip_whitelist => $ip_whitelist, + port => $port, + server_dir => $server_dir, + keydir => $keydir, + authdir => $authdir, + use_cache => $use_cache, + user => $user, + method => $method, + generate_sshkey => $generate_sshkey, + require => Class['check_mk::agent::install'], + } } if ( $register_agent ) { -- cgit v1.2.3 From ec8169eadc16fde4a8019b67f4966d2b119cb765 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 1 May 2014 14:07:53 -0700 Subject: create an sshuser parameter, so we can determine when we need to use sudo in the agent authorized_keys command --- manifests/agent.pp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'manifests/agent.pp') diff --git a/manifests/agent.pp b/manifests/agent.pp index 505db64..9a365a3 100644 --- a/manifests/agent.pp +++ b/manifests/agent.pp @@ -15,6 +15,7 @@ class check_mk::agent ( $agent_logwatch_package_name = 'check_mk-agent-logwatch', $method = 'xinetd', $generate_sshkey = false, + $sshuser = undef, $use_ssh_tag = 'ssh', $register_agent = true ) { @@ -56,6 +57,7 @@ class check_mk::agent ( user => $user, method => $method, generate_sshkey => $generate_sshkey, + sshuser => $sshuser, require => Class['check_mk::agent::install'], } } else { @@ -70,6 +72,7 @@ class check_mk::agent ( user => $user, method => $method, generate_sshkey => $generate_sshkey, + sshuser => $sshuser, require => Class['check_mk::agent::install'], } } -- cgit v1.2.3 From 3736a2b0a2b33bc00231d7222a65ae33af5a43c9 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Mon, 10 Nov 2014 14:47:37 -0800 Subject: make setting host_tags a little safer if we're using the module default of undef --- manifests/agent.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'manifests/agent.pp') diff --git a/manifests/agent.pp b/manifests/agent.pp index 9a365a3..e34a293 100644 --- a/manifests/agent.pp +++ b/manifests/agent.pp @@ -26,10 +26,10 @@ class check_mk::agent ( include check_mk::agent::service } 'ssh': { - if ( $host_tags != '' ) { - $tags = "${host_tags}|${use_ssh_tag}" - } else { + if ( $host_tags == undef ) or ( $host_tags == '' ) { $tags = $use_ssh_tag + } else { + $tags = "${host_tags}|${use_ssh_tag}" } } default: {} -- cgit v1.2.3 From ef821fad2dda052fd60255e7c6e3a199d536fa69 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 22 Jan 2015 12:11:04 -0800 Subject: we don't need to check $authfile, puppet will do the right thing Conflicts: manifests/agent/generate_sshkey.pp --- manifests/agent.pp | 44 +++++++++++++------------------------------- 1 file changed, 13 insertions(+), 31 deletions(-) (limited to 'manifests/agent.pp') diff --git a/manifests/agent.pp b/manifests/agent.pp index e34a293..c455bd5 100644 --- a/manifests/agent.pp +++ b/manifests/agent.pp @@ -44,37 +44,19 @@ class check_mk::agent ( method => $method } - if $authfile { - # if authfile is set, pass it though - class { 'check_mk::agent::config': - ip_whitelist => $ip_whitelist, - port => $port, - server_dir => $server_dir, - keydir => $keydir, - authdir => $authdir, - authfile => $authfile, - use_cache => $use_cache, - user => $user, - method => $method, - generate_sshkey => $generate_sshkey, - sshuser => $sshuser, - require => Class['check_mk::agent::install'], - } - } else { - # otherwise don't - class { 'check_mk::agent::config': - ip_whitelist => $ip_whitelist, - port => $port, - server_dir => $server_dir, - keydir => $keydir, - authdir => $authdir, - use_cache => $use_cache, - user => $user, - method => $method, - generate_sshkey => $generate_sshkey, - sshuser => $sshuser, - require => Class['check_mk::agent::install'], - } + class { 'check_mk::agent::config': + ip_whitelist => $ip_whitelist, + port => $port, + server_dir => $server_dir, + keydir => $keydir, + authdir => $authdir, + authfile => $authfile, + use_cache => $use_cache, + user => $user, + method => $method, + generate_sshkey => $generate_sshkey, + sshuser => $sshuser, + require => Class['check_mk::agent::install'], } if ( $register_agent ) { -- cgit v1.2.3