diff options
-rw-r--r-- | manifests/plugins/gpg.pp | 12 | ||||
-rw-r--r-- | manifests/service/gpgkey.pp | 5 |
2 files changed, 10 insertions, 7 deletions
diff --git a/manifests/plugins/gpg.pp b/manifests/plugins/gpg.pp index 3493ff8..198f5ab 100644 --- a/manifests/plugins/gpg.pp +++ b/manifests/plugins/gpg.pp @@ -1,6 +1,8 @@ # check_gpg from # https://github.com/lelutin/nagios-plugins/blob/master/check_gpg -class nagios::plugins::gpg { +class nagios::plugins::gpg( + $keyserver = 'hkp://keys.mayfirst.org', +) { require ::gpg nagios::plugin{'check_gpg': source => 'nagios/plugins/check_gpg', @@ -15,8 +17,8 @@ class nagios::plugins::gpg { mode => '0600', require => Nagios::Plugin['check_gpg']; '/etc/cron.daily/update_nagios_gpgkeys': - content => "!#/bin/bash -function exec() { + content => "#!/bin/bash +function gpg() { cmd=\$1 outout=\$(su - nagios -s /bin/bash -c 'gpg --homedir ${gpg_home} --logger-fd 1 \${cmd}') if [ \$? -gt 0 ]; then @@ -25,8 +27,8 @@ function exec() { fi } -gpg('--with-fingerprint --list-keys --with-colons') | grep \"^pub\" -A 1 | tail -n 1 | cut -f10 -d\":\" | sort --random-sort | while read key; do - gpg(\"--recv-keys \${key}\") +su - nagios -s /bin/bash -c 'gpg --homedir ${gpg_home} --with-fingerprint --list-keys --with-colons | grep \"^pub\" -A 1 | tail -n 1 | cut -f10 -d\":\" | sort --random-sort | while read key; do + gpg \"--keyserver ${keyserver} --recv-keys \${key}\" done ", owner => root, diff --git a/manifests/service/gpgkey.pp b/manifests/service/gpgkey.pp index bea2c57..08b7473 100644 --- a/manifests/service/gpgkey.pp +++ b/manifests/service/gpgkey.pp @@ -6,7 +6,8 @@ define nagios::service::gpgkey( ){ validate_slength($name,40,40) require ::nagios::plugins::gpg - $gpg_home = $nagios::plugins::gpg::gpg_home + $gpg_home = $nagios::plugins::gpg::gpg_home + $gpg_keyserver = $nagios::plugins::gpg::keyserver exec{"manage_key_${name}": user => nagios, @@ -19,7 +20,7 @@ define nagios::service::gpgkey( if $ensure == 'present' { Exec["manage_key_${name}"]{ - command => "gpg --homedir ${gpg_home} --recv-keys ${name}", + command => "gpg --keyserver ${gpg_keyserver} --homedir ${gpg_home} --recv-keys ${name}", unless => "gpg --homedir ${gpg_home} --list-keys ${name}", before => Nagios::Service["check_gpg_${name}"], } |