diff --git a/inputs/update.cf b/inputs/update.cf index 435be3b..8db884d 100644 --- a/inputs/update.cf +++ b/inputs/update.cf @@ -1,71 +1,60 @@ bundle agent update { vars: "upd_policymaster" string => "cfmaster.xkqr.org"; - classes: - "upd_policy_servers" or => { classify("$(upd_policymaster)") }; - files: "$(sys.workdir)/." comment => "Set permissions for $(sys.workdir)", create => "true", perms => upd_workdir_perms("0600"); "$(sys.bindir)/." comment => "Copy cfengine binaries to $(sys.bindir)", create => "true", perms => upd_workdir_perms("0700"), depth_search => upd_recurse("inf"), file_select => upd_cf3_bin_files, copy_from => upd_copy_cf3_bin_files("/usr/local/bin"); "$(sys.masterdir)/." comment => "Set permissions for $(sys.masterdir)", create => "true", perms => upd_workdir_perms("0600"), depth_search => upd_recurse("inf"); - upd_policy_servers:: - "$(sys.inputdir)/." - comment => "Set permissions of input files on policy server", - create => "true", - perms => upd_workdir_perms("0600"), - depth_search => upd_recurse("inf"); - - !upd_policy_servers:: "$(sys.inputdir)/." comment => "Update input files from policy server", create => "true", perms => upd_workdir_perms("0600"), depth_search => upd_recurse("inf"), copy_from => upd_policy_copy("$(upd_policymaster)"); } body perms upd_workdir_perms(mode) { mode => "$(mode)"; owners => { "root" }; groups => { "wheel" }; } body depth_search upd_recurse(d) { depth => "$(d)"; xdev => "true"; } body file_select upd_cf3_bin_files { leaf_name => { "cf-.*" }; file_result => "leaf_name"; } body copy_from upd_copy_cf3_bin_files(path) { source => "$(path)"; compare => "digest"; } body copy_from upd_policy_copy(server) { source => "$(sys.masterdir)"; servers => { "$(upd_policymaster)" }; compare => "digest"; purge => "true"; copy_backup => "false"; } diff --git a/masterfiles/classes.cf b/masterfiles/classes.cf index 07b01c8..a003c2a 100644 --- a/masterfiles/classes.cf +++ b/masterfiles/classes.cf @@ -1,46 +1,37 @@ bundle common myclasses { classes: - "hypervisors" or => { - classify("caspian.skruttet.xkqr.org") # Gateway for home LAN - classify("vm1.xkqr.org"), # JohnCompanies VPS - }; + "hypervisors" or => { classify("caspian.skruttet.xkqr.org"), # Gateway for home LAN + classify("vm1.xkqr.org") }; # JohnCompanies VPS - "prod" or => { - classify("caspian.skruttet.xkqr.org"), # Gateway for home LAN - classify("$(defs.policymaster)"), # CFEngine policy master - classify("dev.xkqr.org"), # Phabricator instance - classify("dhcp.xkqr.org"), # DHCP server for domain - classify("dns.xkqr.org"), # DNS server for domain - classify("ganglia.xkqr.org"), # Cluster metrics - classify("i.xkqr.org"), # Uploads - classify("notmuch.xkqr.org"), # Email client - classify("two-wrongs.xkqr.org"), # Two-Wrongs website - classify("vm1.xkqr.org"), # JohnCompanies VPS - classify("vps.xkqr.org"), # Linode VPS - classify("weechat.xkqr.org"), # IRC and Matrix client - classify("xkqr.org") # Professional profile - }; + "prod" or => { classify("caspian.skruttet.xkqr.org"), # Gateway for home LAN + classify("$(defs.policymaster)"), # CFEngine policy master + classify("dev.xkqr.org"), # Phabricator instance + classify("dhcp.xkqr.org"), # DHCP server for domain + classify("dns.xkqr.org"), # DNS server for domain + classify("ganglia.xkqr.org"), # Cluster metrics + classify("i.xkqr.org"), # Uploads + classify("notmuch.xkqr.org"), # Email client + classify("two-wrongs.xkqr.org"), # Two-Wrongs website + classify("vm1.xkqr.org"), # JohnCompanies VPS + classify("vps.xkqr.org"), # Linode VPS + classify("weechat.xkqr.org"), # IRC and Matrix client + classify("xkqr.org") }; # Professional profile - "skruttet" or => { - classify("airsonic.skruttet.xkqr.org"), # Music player - classify("caspian.skruttet.xkqr.org"), # Gateway for home LAN - classify("contempt.skruttet.xkqr.org"), # Wifi access point - classify("mfp.skruttet.xkqr.org"), # HP Printer - classify("surprise.skruttet.xkqr.org"), # Desktop computer - classify("teven.skruttet.xkqr.org"), # Television - classify("transmission.skruttet.xkqr.org") # Torrent server - }; - "stage" or => { - classify("notmuch.stage.xkqr.org") # Email stage environment - } + "skruttet" or => { classify("airsonic.skruttet.xkqr.org"), # Music player + classify("caspian.skruttet.xkqr.org"), # Gateway for home LAN + classify("contempt.skruttet.xkqr.org"), # Wifi access point + classify("mfp.skruttet.xkqr.org"), # HP Printer + classify("surprise.skruttet.xkqr.org"), # Desktop computer + classify("teven.skruttet.xkqr.org"), # Television + classify("transmission.skruttet.xkqr.org") }; # Torrent server + - "notmuch" or => { - classify("notmuch.xkqr.org"), # Email client - classify("notmuch.stage.xkqr.org") # Email stage environment - }; + "stage" or => { classify("notmuch.stage.xkqr.org") }; # Email stage environment - "policy_servers" or => { - classify("$(defs.policymaster)") - }; -} \ No newline at end of file + + "notmuch" or => { classify("notmuch.xkqr.org"), # Email client + classify("notmuch.stage.xkqr.org") }; # Email stage environment + + "policy_servers" or => { classify("$(defs.policymaster)") }; +} diff --git a/masterfiles/update.cf b/masterfiles/update.cf index 435be3b..8db884d 100644 --- a/masterfiles/update.cf +++ b/masterfiles/update.cf @@ -1,71 +1,60 @@ bundle agent update { vars: "upd_policymaster" string => "cfmaster.xkqr.org"; - classes: - "upd_policy_servers" or => { classify("$(upd_policymaster)") }; - files: "$(sys.workdir)/." comment => "Set permissions for $(sys.workdir)", create => "true", perms => upd_workdir_perms("0600"); "$(sys.bindir)/." comment => "Copy cfengine binaries to $(sys.bindir)", create => "true", perms => upd_workdir_perms("0700"), depth_search => upd_recurse("inf"), file_select => upd_cf3_bin_files, copy_from => upd_copy_cf3_bin_files("/usr/local/bin"); "$(sys.masterdir)/." comment => "Set permissions for $(sys.masterdir)", create => "true", perms => upd_workdir_perms("0600"), depth_search => upd_recurse("inf"); - upd_policy_servers:: - "$(sys.inputdir)/." - comment => "Set permissions of input files on policy server", - create => "true", - perms => upd_workdir_perms("0600"), - depth_search => upd_recurse("inf"); - - !upd_policy_servers:: "$(sys.inputdir)/." comment => "Update input files from policy server", create => "true", perms => upd_workdir_perms("0600"), depth_search => upd_recurse("inf"), copy_from => upd_policy_copy("$(upd_policymaster)"); } body perms upd_workdir_perms(mode) { mode => "$(mode)"; owners => { "root" }; groups => { "wheel" }; } body depth_search upd_recurse(d) { depth => "$(d)"; xdev => "true"; } body file_select upd_cf3_bin_files { leaf_name => { "cf-.*" }; file_result => "leaf_name"; } body copy_from upd_copy_cf3_bin_files(path) { source => "$(path)"; compare => "digest"; } body copy_from upd_policy_copy(server) { source => "$(sys.masterdir)"; servers => { "$(upd_policymaster)" }; compare => "digest"; purge => "true"; copy_backup => "false"; }