84b78e8dd2
This change converts the aide heat tempalate to using the aide role from tripleo-ansible. Depends-On: I3a34152dd0cd7363a6f138d6e1c6fd0f062a3ac6 Change-Id: I20b5e91c2d5f03b5cfd78b5568ee9b0d8c1f6157 Signed-off-by: Kevin Carter <kecarter@redhat.com>
87 lines
2.4 KiB
YAML
87 lines
2.4 KiB
YAML
heat_template_version: rocky
|
|
description: >
|
|
Aide service configured with Ansible
|
|
|
|
parameters:
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
AideConfPath:
|
|
description: Aide configuration file
|
|
type: string
|
|
default: '/etc/aide.conf'
|
|
AideDBPath:
|
|
description: Aide integrity database location
|
|
type: string
|
|
default: '/var/lib/aide/aide.db'
|
|
AideDBTempPath:
|
|
description: Aide integrity database temp location
|
|
type: string
|
|
default: '/var/lib/aide/aide.db.new'
|
|
AideHour:
|
|
description: Hour value for Cron Job
|
|
type: number
|
|
default: 11
|
|
AideCronUser:
|
|
description: User which creates and runs the cron job for aide
|
|
type: string
|
|
default: 'root'
|
|
AideMinute:
|
|
description: Minute value for Cron Job
|
|
type: number
|
|
default: 30
|
|
AideEmail:
|
|
description: Email address to send reports on Cron Job
|
|
type: string
|
|
default: ''
|
|
AideMuaPath:
|
|
description: Full POSIX path to mail binary
|
|
type: string
|
|
default: '/bin/mail'
|
|
AideRules:
|
|
description: A hash of Aide rules
|
|
type: json
|
|
default: {}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the aide service
|
|
value:
|
|
service_name: aide
|
|
host_prep_tasks:
|
|
- include_role:
|
|
name: aide
|
|
ansible_group_vars:
|
|
aide_rules: {get_param: AideRules}
|
|
aide_conf_path: {get_param: AideConfPath}
|
|
aide_db_path: {get_param: AideDBPath}
|
|
aide_db_temp_path: {get_param: AideDBTempPath}
|
|
aide_cron_user: {get_param: AideCronUser}
|
|
aide_hour: {get_param: AideHour}
|
|
aide_minute: {get_param: AideMinute}
|
|
aide_email: {get_param: AideEmail}
|
|
aide_mua_path: {get_param: AideMuaPath}
|