1# Copyright 2021 Northern.tech AS 2 3# This file is part of CFEngine 3 - written and maintained by Northern.tech AS. 4 5# This program is free software; you can redistribute it and/or modify it 6# under the terms of the GNU General Public License as published by the 7# Free Software Foundation; version 3. 8 9# This program is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13 14# You should have received a copy of the GNU General Public License 15# along with this program; if not, write to the Free Software 16# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 17 18# To the extent this program is licensed as part of the Enterprise 19# versions of Cfengine, the applicable Commercial Open Source License 20# (COSL) may apply to this file if you as a licensee so wish it. See 21# included file COSL.txt. 22 23#cop update,example 24#cop What should a failsafe and update file contain?,example 25 26# Minimum failsafe 27 28body common control 29{ 30 bundlesequence => { "update" }; 31} 32 33bundle agent update 34{ 35 vars: 36 37 "master_location" string => "$(sys.workdir)/masterfiles"; 38 39 "policy_server" string => readfile("$(sys.workdir)/policy_server.dat",40), 40 comment => "IP address to locate your policy host."; 41 42 classes: 43 44 "policy_host" or => { 45 classmatch(canonify("ipv4_$(policy_server)")), 46 classmatch(canonify("$(policy_server)")) 47 }, 48 49 comment => "Define the ip identity of the policy source host"; 50 51 "have_ppkeys" expression => fileexists("$(sys.workdir)/ppkeys/localhost.pub"); 52 53 "nofile" expression => fileexists("$(sys.workdir)/policy_server.dat"); 54 55 commands: 56 57 !have_ppkeys:: 58 59 "/var/cfengine/bin/cf-key"; 60 61 files: 62 63 "/var/cfengine/inputs" 64 65 handle => "update_policy", 66 perms => u_p("600"), 67 copy_from => u_scp("$(master_location)"), 68 depth_search => u_recurse("inf"), 69 action => immediate; 70 71 processes: 72 73 any:: 74 75 "cf-execd" restart_class => "start_exec"; 76 77 policy_host:: 78 79 "cf-serverd" restart_class => "start_server"; 80 81 commands: 82 83 start_exec:: 84 "$(sys.workdir)/bin/cf-execd" 85 action => logme("executor"); 86 87 start_server:: 88 "$(sys.workdir)/bin/cf-serverd" 89 action => logme("server"); 90 91 reports: 92 93 bootstrap_mode.policy_host:: 94 95 "I am the policy host - i.e. with ipv4 address $(policy_server)"; 96 97} 98 99############################################ 100 101body action logme(x) 102{ 103 log_repaired => "stdout"; 104 log_string => " -> Started the $(x) (success)"; 105} 106 107############################################ 108 109body perms u_p(p) 110 111{ 112 mode => "$(p)"; 113} 114 115############################################# 116 117body copy_from u_scp(from) 118 119{ 120 source => "$(from)"; 121 compare => "digest"; 122 trustkey => "true"; 123 124 !policy_host:: 125 126 servers => { "$(policy_server)" }; 127} 128 129######################################################### 130 131body action immediate 132{ 133 ifelapsed => "1"; 134} 135 136############################################ 137 138body depth_search u_recurse(d) 139 140{ 141 depth => "$(d)"; 142} 143