7e68dbdf8c
Introduces a service to configure AIDE Intrusion Detection. This service init's the database and copies the new database to the active naming. It also sets a cron job, using email if `AideEmail` is populated, otherwise the reports are sent to `/var/log/aide/`. AIDE rules can be supplied as a hash, and should the rules ever be changed, the service will populate the new rules and re-init a fresh integrity database. Related-Blueprint: tripleo-aide-database Depends-On: Iac2ceb7fc6b610f8920ae6f75faa2885f3edf6eb Change-Id: I23d8ba2c43e907372fe079026df1fca5fa1c9881
35 lines
1.4 KiB
YAML
35 lines
1.4 KiB
YAML
###############################################################################
|
|
# Role: Database #
|
|
###############################################################################
|
|
- name: Database
|
|
description: |
|
|
Standalone database role with the database being managed via Pacemaker
|
|
networks:
|
|
- InternalApi
|
|
HostnameFormatDefault: '%stackname%-database-%index%'
|
|
ServicesDefault:
|
|
- OS::TripleO::Services::Aide
|
|
- OS::TripleO::Services::AuditD
|
|
- OS::TripleO::Services::CACerts
|
|
- OS::TripleO::Services::CertmongerUser
|
|
- OS::TripleO::Services::Collectd
|
|
- OS::TripleO::Services::Clustercheck
|
|
- OS::TripleO::Services::Docker
|
|
- OS::TripleO::Services::Fluentd
|
|
- OS::TripleO::Services::Ipsec
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::LoginDefs
|
|
- OS::TripleO::Services::MySQL
|
|
- OS::TripleO::Services::MySQLClient
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::ContainersLogrotateCrond
|
|
- OS::TripleO::Services::Pacemaker
|
|
- OS::TripleO::Services::Rhsm
|
|
- OS::TripleO::Services::RsyslogSidecar
|
|
- OS::TripleO::Services::SensuClient
|
|
- OS::TripleO::Services::Snmp
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::Tuned
|