tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Manual merge of abusehelper and abusesa from parameterize branch

Browse source
This commit is contained in:
Ossi Salmi 2015-03-16 17:12:34 +02:00
parent f517230310
commit 09ae1aa84b
10 changed files with 501 additions and 354 deletions
Download patch file Download diff file Expand all files Collapse all files

22
abusehelper/lib/facter/botnets.rb
View file

@ -1,15 +1,15 @@
Facter.add(:botnets) do
setcode do
botnets = []
if File.executable?("/usr/bin/botnet")
listcmd = "su -s /bin/sh - nobody -c '/usr/bin/botnet list'"
output = Facter::Util::Resolution.exec(listcmd)
output.each_line do |line|
if m = line.match(/^\[\d+\]\s+(.*\.py)/)
botnets << File.basename(File.dirname(m[1]))
end
end
setcode do
botnets = []
if File.executable?('/usr/bin/botnet')
listcmd = "su -s /bin/sh - nobody -c '/usr/bin/botnet list'"
output = Facter::Util::Resolution.exec(listcmd)
output.each_line do |line|
if m = line.match(/^\[\d+\]\s+(.*\.py)/)
botnets << File.basename(File.dirname(m[1]))
end
botnets.sort.join(',')
end
end
botnets.sort.join(',')
end
end

290
abusehelper/manifests/init.pp
View file

@ -1,171 +1,173 @@
# Install abusehelper.
#
# === Global variables
# === Parameters
#
# $abusehelper_datadir:
# Abusehelper home directory. Defaults to /var/lib/ah2.
# $datadir:
# Abusehelper home directory. Defaults to /var/lib/ah2.
#
# $abusehelper_botnets:
# Array of botnet paths to start at boot.
# $botnets:
# Array of botnet paths to start at boot.
#
class abusehelper {
# $botuser:
# User to run bots as. Defaults to abusehel.
#
class abusehelper(
$datadir='/var/lib/ah2',
$botnets=undef,
$botuser='abusehel'
) {
case $::operatingsystem {
"ubuntu": {
package { [ "python-pyme", "python-tz" ]:
ensure => installed,
}
}
case $::operatingsystem {
'ubuntu': {
package { [ 'python-pyme', 'python-tz' ]:
ensure => installed,
}
}
default: { }
}
if !$abusehelper_package {
if $abusehelper_package_latest {
$abusehelper_package = $abusehelper_package_latest
} else {
fail("Must define \$abusehelper_package or \$abusehelper_package_latest")
}
}
if !$idiokit_package {
if $idiokit_package_latest {
$idiokit_package = $idiokit_package_latest
} else {
fail("Must define \$idiokit_package or \$idiokit_package_latest")
}
}
file { "/usr/local/src/abusehelper.tar.gz":
ensure => present,
mode => "0644",
owner => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
source => "puppet:///files/packages/${abusehelper_package}",
}
util::extract::tar { "/usr/local/src/abusehelper":
ensure => latest,
strip => 1,
source => "/usr/local/src/abusehelper.tar.gz",
require => File["/usr/local/src/abusehelper.tar.gz"],
before => Python::Setup::Install["/usr/local/src/abusehelper"],
}
file { "/usr/local/src/idiokit.tar.gz":
ensure => present,
mode => "0644",
owner => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
source => "puppet:///files/packages/${idiokit_package}",
}
util::extract::tar { "/usr/local/src/idiokit":
ensure => latest,
strip => 1,
source => "/usr/local/src/idiokit.tar.gz",
require => File["/usr/local/src/idiokit.tar.gz"],
before => Python::Setup::Install["/usr/local/src/idiokit"],
}
if $::operatingsystem in ["CentOS","RedHat"] and versioncmp($::operatingsystemrelease, "6") < 0 {
include python::python26
python::setup::install { [ "/usr/local/src/abusehelper",
"/usr/local/src/idiokit", ]:
python => "python2.6",
require => Package["python26"],
}
if ! $abusehelper_package {
if $::abusehelper_package_latest {
$abusehelper_package = $::abusehelper_package_latest
} else {
python::setup::install { [ "/usr/local/src/abusehelper",
"/usr/local/src/idiokit", ]:
}
fail('Must define $abusehelper_package or $abusehelper_package_latest')
}
}
include user::system
realize(User["abusehel"], Group["abusehel"])
if $abusehelper_datadir {
file { $abusehelper_datadir:
ensure => directory,
mode => "2770",
owner => "abusehel",
group => "abusehel",
require => User["abusehel"],
}
file { "/var/lib/ah2":
ensure => link,
target => $abusehelper_datadir,
require => File[$abusehelper_datadir],
}
if ! $idiokit_package {
if $::idiokit_package_latest {
$idiokit_package = $::idiokit_package_latest
} else {
file { "/var/lib/ah2":
ensure => directory,
mode => "2770",
owner => "abusehel",
group => "abusehel",
require => User["abusehel"],
}
fail('Must define $idiokit_package or $idiokit_package_latest')
}
}
file { "/var/lib/ah2/.profile":
ensure => present,
mode => "0600",
owner => "abusehel",
group => "abusehel",
content => "umask 007\n",
require => File["/var/lib/ah2"],
}
file { '/usr/local/src/abusehelper.tar.gz':
ensure => present,
mode => '0644',
owner => 'root',
group => $::operatingsystem ? {
'openbsd' => 'wheel',
default => 'root',
},
source => "puppet:///files/packages/${abusehelper_package}",
}
util::extract::tar { '/usr/local/src/abusehelper':
ensure => latest,
strip => '1',
source => '/usr/local/src/abusehelper.tar.gz',
require => File['/usr/local/src/abusehelper.tar.gz'],
before => Python::Setup::Install['/usr/local/src/abusehelper'],
}
if $abusehelper_botnets {
class { "abusehelper::init":
botnets => $abusehelper_botnets,
}
file { '/usr/local/src/idiokit.tar.gz':
ensure => present,
mode => '0644',
owner => 'root',
group => $::operatingsystem ? {
'openbsd' => 'wheel',
default => 'root',
},
source => "puppet:///files/packages/${idiokit_package}",
}
util::extract::tar { '/usr/local/src/idiokit':
ensure => latest,
strip => '1',
source => '/usr/local/src/idiokit.tar.gz',
require => File['/usr/local/src/idiokit.tar.gz'],
before => Python::Setup::Install['/usr/local/src/idiokit'],
}
if $::operatingsystem in ['CentOS','RedHat'] and versioncmp($::operatingsystemrelease, '6') < 0 {
include python::python26
python::setup::install { [
'/usr/local/src/abusehelper',
'/usr/local/src/idiokit',
]:
python => 'python2.6',
require => Package['python26'],
}
} else {
python::setup::install { [
'/usr/local/src/abusehelper',
'/usr/local/src/idiokit',
]: }
}
include user::system
realize(User['abusehel'], Group['abusehel'])
if $datadir != '/var/lib/ah2' {
file { '/var/lib/ah2':
ensure => link,
target => $datadir,
}
}
file { $datadir:
ensure => directory,
mode => '2770',
owner => 'abusehel',
group => 'abusehel',
}
file { '/var/lib/ah2/.profile':
ensure => present,
mode => '0600',
owner => 'abusehel',
group => 'abusehel',
content => "umask 007\n",
}
if $botnets {
class { 'abusehelper::init':
botnets => $botnets,
botuser => $botuser,
}
}
}
# Install abusehelper init script.
#
class abusehelper::init($botnets, $botuser="abusehel") {
class abusehelper::init($botnets, $botuser) {
file { "/etc/sysconfig/botnet":
ensure => present,
name => $::operatingsystem ? {
"debian" => "/etc/default/botnet",
"ubuntu" => "/etc/default/botnet",
default => "/etc/sysconfig/botnet",
},
mode => "0644",
owner => "root",
group => "root",
content => template("abusehelper/botnet.sysconfig.erb"),
before => Service["botnet"],
}
file { '/etc/sysconfig/botnet':
ensure => present,
name => $::operatingsystem ? {
'debian' => '/etc/default/botnet',
'ubuntu' => '/etc/default/botnet',
default => '/etc/sysconfig/botnet',
},
mode => '0644',
owner => 'root',
group => 'root',
content => template('abusehelper/botnet.sysconfig.erb'),
before => Service['botnet'],
}
file { "/etc/init.d/botnet":
ensure => present,
mode => "0755",
owner => "root",
group => "root",
source => "puppet:///modules/abusehelper/botnet.init",
notify => Exec["add-service-botnet"],
}
exec { "add-service-botnet":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => $::operatingsystem ? {
"debian" => "update-rc.d botnet defaults",
"ubuntu" => "update-rc.d botnet defaults",
default => "chkconfig --add botnet",
},
refreshonly => true,
before => Service["botnet"],
}
file { '/etc/init.d/botnet':
ensure => present,
mode => '0755',
owner => 'root',
group => 'root',
source => 'puppet:///modules/abusehelper/botnet.init',
notify => Exec['add-service-botnet'],
}
exec { 'add-service-botnet':
path => '/bin:/usr/bin:/sbin:/usr/sbin',
command => $::operatingsystem ? {
'debian' => 'update-rc.d botnet defaults',
'ubuntu' => 'update-rc.d botnet defaults',
default => 'chkconfig --add botnet',
},
refreshonly => true,
before => Service['botnet'],
}
service { "botnet":
enable => true,
}
service { 'botnet':
enable => true,
}
}