From 3a39c6e693a835d98ed382bdc3ce72eac31ea664 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Fri, 16 Oct 2015 15:38:20 +0200
Subject: fetch things over hkps and on every check

---
 manifests/plugins/gpg.pp | 27 ++++++---------------------
 1 file changed, 6 insertions(+), 21 deletions(-)

(limited to 'manifests/plugins/gpg.pp')

diff --git a/manifests/plugins/gpg.pp b/manifests/plugins/gpg.pp
index 632ad1f..a09736a 100644
--- a/manifests/plugins/gpg.pp
+++ b/manifests/plugins/gpg.pp
@@ -1,8 +1,6 @@
 # check_gpg from
 # https://github.com/lelutin/nagios-plugins/blob/master/check_gpg
-class nagios::plugins::gpg(
-  $keyserver = 'hkp://keys.mayfirst.org',
-) {
+class nagios::plugins::gpg {
   require ::gpg
   nagios::plugin{'check_gpg':
     source => 'nagios/plugins/check_gpg',
@@ -16,25 +14,12 @@ class nagios::plugins::gpg(
       group   => nagios,
       mode    => '0600',
       require => Nagios::Plugin['check_gpg'];
-    '/etc/cron.daily/update_nagios_gpgkeys':
-      content => "#!/bin/bash
-function gpg() {
-  cmd=\$1
-  outout=\$(su - nagios -s /bin/bash -c 'gpg --homedir ${gpg_home} --logger-fd 1 \${cmd}')
-  if [ \$? -gt 0 ]; then
-   echo \$output
-   exit 1
-  fi
-}
-
-su - nagios -s /bin/bash -c 'gpg --homedir ${gpg_home} --with-fingerprint --list-keys --with-colons | grep \"^pub\" -A 1 | tail -n 1 | cut -f10 -d\":\" | sort --random-sort | while read key; do
-  gpg \"--keyserver ${keyserver} --recv-keys \${key}\"
-done
-",
-      owner   => root,
+    "${gpg_home}/sks-keyservers.netCA.pem":
+      source  => 'puppet:///modules/nagios/plugin_data/sks-keyservers.netCA.pem',
+      owner   => nagios,
       group   => 0,
-      mode    => '0700',
-      require => File[$gpg_home];
+      mode    => '0400',
+      before  => Nagios_command['check_gpg'];
   }
   nagios_command {
     'check_gpg':
-- 
cgit v1.2.3