Add ssl-cert-check to cacti server
Add monitoring of SSL certificates for openstack websites Change-Id: I50b6a8aced7ae563381eb948ce4e8f854a6d85a9 Reviewed-on: https://review.openstack.org/30490 Reviewed-by: Clark Boylan <clark.boylan@gmail.com> Approved: Jeremy Stanley <fungi@yuggoth.org> Reviewed-by: Jeremy Stanley <fungi@yuggoth.org> Tested-by: Jenkins
This commit is contained in:
Elizabeth Krumbach
Jenkins
parent
fa1bb4f3f7
commit
6ee09c0918
@ -86,6 +86,7 @@ node 'jenkins-dev.openstack.org' {
|
||||
}
|
||||
|
||||
node 'cacti.openstack.org' {
|
||||
include openstack_project::ssl_cert_check
|
||||
class { 'openstack_project::cacti':
|
||||
sysadmins => hiera('sysadmins'),
|
||||
}
|
||||
|
||||
@ -0,0 +1,5 @@
|
||||
review.openstack.org 443
|
||||
jenkins.openstack.org 443
|
||||
etherpad.openstack.org 443
|
||||
wiki.openstack.org 443
|
||||
www.openstack.org 443
|
||||
16
modules/openstack_project/manifests/ssl_cert_check.pp
Normal file
16
modules/openstack_project/manifests/ssl_cert_check.pp
Normal file
@ -0,0 +1,16 @@
|
||||
# Class to configure ssl-cert-check on a node.
|
||||
class openstack_project::ssl_cert_check {
|
||||
class { '::ssl_cert_check':
|
||||
domainlist_file => '/var/lib/certcheck/ssldomains',
|
||||
email => 'root',
|
||||
days => '30'
|
||||
}
|
||||
|
||||
file { '/var/lib/certcheck/ssldomains':
|
||||
ensure => present,
|
||||
owner => 'certcheck',
|
||||
group => 'certcheck',
|
||||
mode => '0444',
|
||||
source => 'puppet:///modules/openstack_project/ssl_cert_check/ssldomains'
|
||||
}
|
||||
}
|
||||
41
modules/ssl_cert_check/manifests/init.pp
Normal file
41
modules/ssl_cert_check/manifests/init.pp
Normal file
@ -0,0 +1,41 @@
|
||||
# == Class: ssl_cert_check
|
||||
#
|
||||
class ssl_cert_check(
|
||||
$domainlist_file = '',
|
||||
$email = '',
|
||||
$days = ''
|
||||
) {
|
||||
package { 'ssl-cert-check':
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
file {'/var/lib/certcheck':
|
||||
ensure => directory,
|
||||
owner => 'certcheck',
|
||||
group => 'certcheck',
|
||||
mode => '0755',
|
||||
require => User['certcheck'],
|
||||
}
|
||||
|
||||
group { 'certcheck':
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
user { 'certcheck':
|
||||
ensure => present,
|
||||
home => '/var/lib/certcheck',
|
||||
shell => '/bin/bash',
|
||||
gid => 'certcheck',
|
||||
managehome => true,
|
||||
require => Group['certcheck'],
|
||||
}
|
||||
|
||||
cron { 'check ssl certificates':
|
||||
user => 'certcheck',
|
||||
command => "ssl-cert-check -a -q -f ${domainlist_file} -x ${days} -e ${email}",
|
||||
hour => '12',
|
||||
minute => '04',
|
||||
}
|
||||
}
|
||||
|
||||
# vim:sw=2:ts=2:expandtab:textwidth=79
|
||||
Loading…
Reference in New Issue
Block a user