[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Success (Was: anyone running cfengine2 on debian sarge?)
From: |
Karsten Heymann |
Subject: |
Success (Was: anyone running cfengine2 on debian sarge?) |
Date: |
Sat, 03 Jul 2004 17:42:09 +0200 |
User-agent: |
KNode/0.7.7 |
Hello,
I now have a working cfengine2 setup. Thank you all for your pointers! Now I
can begin to learn cfagent.conf syntax. Expect many questions to come ;-)
To give something back, I post the script which now prepares cfengine2 on
our servers after install plus the basic config files (with some minor
anonymizations and without the comments).
For the record: This is for Debian Sarge systems as on 2004-07-03 to turn
then into something usable after installation of cfengine2 (say yes to all
services when asked during installation).
<<<spread_update.conf, run from the policy server>>>
#!/bin/bash
SERVERS="server1 server2" # these are the client servers
MASTER_UPDATE_CONF=/srv/cfengine/masterfiles/update.conf
TARGET_UPDATE_CONF=/var/lib/cfengine2/inputs
for SERVER in $SERVERS
do
echo -n $SERVER:\
ssh $SERVER rm -f /var/lib/cfengine2/inputs
ssh $SERVER mkdir /var/lib/cfengine2/inputs
scp $MASTER_UPDATE_CONF $SERVER://$TARGET_UPDATE_CONF
ssh $SERVER cfagent -q -v
<<<update.conf>>>
control:
actionsequence = ( copy tidy ) # Keep this simple and constant
domain = ( MYDOMAIN )
workdir = ( /var/lib/cfengine2 )
policyhost = ( MYPOLICYHOST.MYDOMAIN )
master_cfinput = ( /srv/cfengine/masterfiles )
copy:
$(master_cfinput) dest=$(workdir)/inputs
r=inf
mode=700
type=binary
exclude=*.lst
exclude=*~
exclude=#*
server=$(policyhost)
trustkey=true
tidy:
$(workdir)/outputs pattern=* age=7
<<<cfservd.conf>>>
control:
domain = ( MYDOMAIN )
AllowUsers = ( root )
cfrunCommand = ( "/usr/sbin/cfagent" )
TrustKeysFrom = ( MYDOMAINS_IPS )
AllowMultipleConnectionsFrom = ( MYDOMAIN_IPS )
AllowConnectionsFrom = ( MYDOMAIN_IPS )
forceipv4 = ( true )
MaxConnections = ( 10 )
LogAllConnections = ( true )
admit:
/srv/cfengine/masterfiles *.MYDOMAIN
/usr/sbin/cfagent *.MYDOMAIN
<<< End of listings >>>
hth,
Karsten
Karsten Heymann wrote:
> I'm trying to deploy cfengine2 on Debian Sarge and am having some
> questions about the install-defaults of the debian package. Especially I
> am wondering wether its default filesystem layout - workdir
> is /var/lib/cfeninge2, /var/lib/cfengine2/inputs is a symlink
> to /etc/cfengine and /var/lib/cfengine2/bin is a symlink to /usr/sbin --
> makes any sense.
>
> I have a lot of questions, if there is someone who is using cfengine2 on
> debian I'd be glad to exchange experiences.
>
> Regards,
> Karsten
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Success (Was: anyone running cfengine2 on debian sarge?),
Karsten Heymann <=