blob: 198f5abaa411ce2f54f120fa58e81dd2c400eba6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
# check_gpg from
# https://github.com/lelutin/nagios-plugins/blob/master/check_gpg
class nagios::plugins::gpg(
$keyserver = 'hkp://keys.mayfirst.org',
) {
require ::gpg
nagios::plugin{'check_gpg':
source => 'nagios/plugins/check_gpg',
}
$gpg_home = '/var/local/nagios_gpg_homedir'
file{
$gpg_home:
ensure => 'directory',
owner => nagios,
group => nagios,
mode => '0600',
require => Nagios::Plugin['check_gpg'];
'/etc/cron.daily/update_nagios_gpgkeys':
content => "#!/bin/bash
function gpg() {
cmd=\$1
outout=\$(su - nagios -s /bin/bash -c 'gpg --homedir ${gpg_home} --logger-fd 1 \${cmd}')
if [ \$? -gt 0 ]; then
echo \$output
exit 1
fi
}
su - nagios -s /bin/bash -c 'gpg --homedir ${gpg_home} --with-fingerprint --list-keys --with-colons | grep \"^pub\" -A 1 | tail -n 1 | cut -f10 -d\":\" | sort --random-sort | while read key; do
gpg \"--keyserver ${keyserver} --recv-keys \${key}\"
done
",
owner => root,
group => 0,
mode => '0700',
require => File[$gpg_home];
}
nagios_command {
'check_gnupg':
command_line => "\$USER1\$/check_gpg --gnupg-homedir ${gpg_home} -w \$ARG1\$ \$ARG2\$",
require => Nagios::Plugin['check_gpg'],
}
}
|