modules/ntp/manifests/init.pp

   1 class ntp {
   2     package { ntp: ensure => installed }
   3     file {
   4         "/var/lib/ntp/":
   5             ensure  => directory,
   6             owner   => ntp,
   7             group   => ntp,
   8             mode    => 755,
   9             require => Package["ntp"]
  10             ;
  11         "/var/lib/ntpstats":
  12             ensure  => directory,
  13             owner   => ntp,
  14             group   => ntp,
  15             mode    => 755,
  16             require => Package["ntp"]
  17             ;
  18         "/etc/ntp.conf":
  19             owner   => root,
  20             group   => root,
  21             mode    => 444,
  22             content => template("ntp/ntp.conf"),
  23             notify  => Exec["ntp restart"],
  24             require => Package["ntp"]
  25             ;
  26         "/etc/ntp.keys.d":
  27             owner   => root,
  28             group   => ntp,
  29             mode    => 750,
  30             ensure  => directory,
  31             require => Package["ntp"]
  32             ;
  33     }
  34     case getfromhash($nodeinfo, 'timeserver') {
  35         true: { }
  36         default: {
  37             file {
  38                 "/etc/default/ntp":
  39                     owner   => root,
  40                     group   => root,
  41                     mode    => 444,
  42                     source  => [ "puppet:///modules/ntp/etc-default-ntp" ],
  43                     require => Package["ntp"],
  44                     notify  => Exec["ntp restart"],
  45                     ;
  46
  47                 "/etc/ntp.keys.d/ntpkey_iff_merikanto":
  48                     owner   => root,
  49                     group   => root,
  50                     mode    => 444,
  51                     source  => [ "puppet:///modules/ntp/ntpkey_iff_merikanto.pub" ],
  52                     require => Package["ntp"],
  53                     notify  => Exec["ntp restart"],
  54                     ;
  55                 "/etc/ntp.keys.d/ntpkey_iff_orff":
  56                     owner   => root,
  57                     group   => root,
  58                     mode    => 444,
  59                     source  => [ "puppet:///modules/ntp/ntpkey_iff_orff.pub" ],
  60                     require => Package["ntp"],
  61                     notify  => Exec["ntp restart"],
  62                     ;
  63                 "/etc/ntp.keys.d/ntpkey_iff_ravel":
  64                     owner   => root,
  65                     group   => root,
  66                     mode    => 444,
  67                     source  => [ "puppet:///modules/ntp/ntpkey_iff_ravel.pub" ],
  68                     require => Package["ntp"],
  69                     notify  => Exec["ntp restart"],
  70                     ;
  71                 "/etc/ntp.keys.d/ntpkey_iff_busoni":
  72                     owner   => root,
  73                     group   => root,
  74                     mode    => 444,
  75                     source  => [ "puppet:///modules/ntp/ntpkey_iff_busoni.pub" ],
  76                     require => Package["ntp"],
  77                     notify  => Exec["ntp restart"],
  78                     ;
  79             }
  80         }
  81     }
  82
  83
  84     exec { "ntp restart":
  85         path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
  86         refreshonly => true,
  87     }
  88     @ferm::rule { "dsa-ntp":
  89         domain          => "(ip ip6)",
  90         description     => "Allow ntp access",
  91         rule            => "&SERVICE(udp, 123)"
  92     }
  93 }
  94 # vim:set et:
  95 # vim:set sts=4 ts=4:
  96 # vim:set shiftwidth=4: