-
-
Save zzamboni/714948 to your computer and use it in GitHub Desktop.
| # Parameters are: | |
| # file: file to edit | |
| # params: an array indexed by parameter name, containing the corresponding values. For example: | |
| # "sshd[Protocol]" string => "2"; | |
| # "sshd[X11Forwarding]" string => "yes"; | |
| # "sshd[UseDNS]" string => "no"; | |
| # Diego Zamboni, November 2010 | |
| bundle agent edit_sshd(file,params) | |
| { | |
| files: | |
| "$(file)" | |
| handle => "edit_sshd", | |
| comment => "Set desired sshd_config parameters", | |
| edit_line => set_config_values("$(params)"), | |
| classes => if_repaired("restart_sshd"); | |
| commands: | |
| restart_sshd.!no_restarts:: | |
| "/etc/init.d/sshd restart" | |
| handle => "sshd_restart", | |
| comment => "Restart sshd if the configuration file was modified"; | |
| } | |
| bundle edit_line set_config_values(v) | |
| # Sets the RHS of configuration items in the file of the form | |
| # LHS RHS | |
| # If the line is commented out with #, it gets uncommented first. | |
| # Adds a new line if none exists. | |
| # The argument is an associative array containing v[LHS]="rhs" | |
| # Based on set_variable_values from cfengine_stdlib.cf, modified to | |
| # use whitespace as separator, and to handle commented-out lines. | |
| { | |
| vars: | |
| "index" slist => getindices("$(v)"); | |
| # Be careful if the index string contains funny chars | |
| "cindex[$(index)]" string => canonify("$(index)"); | |
| field_edits: | |
| # If the line is there, but commented out, first uncomment it | |
| "#+$(index)\s+.*" | |
| edit_field => col("\s+","1","$(index)","set"); | |
| # match a line starting like the key something | |
| "$(index)\s+.*" | |
| edit_field => col("\s+","2","$($(v)[$(index)])","set"), | |
| classes => if_ok("not_$(cindex[$(index)])"); | |
| insert_lines: | |
| "$(index) $($(v)[$(index)])", | |
| ifvarclass => "!not_$(cindex[$(index)])"; | |
| } |
| bundle agent configfiles | |
| { | |
| vars: | |
| "sshdconfig" string => "/etc/ssh/sshd_config"; | |
| # SSHD configuration to set | |
| "sshd[Protocol]" string => "2"; | |
| "sshd[X11Forwarding]" string => "yes"; | |
| "sshd[UseDNS]" string => "no"; | |
| methods: | |
| "sshd" usebundle => edit_sshd("$(sshdconfig)", "configfiles.sshd"); | |
| } |
fbiryujin: the redefinition error is most likely caused because you are including cfengine_stdlib.cf in your policy, which contains set_config_values already - I included it in this example to make it self contained, but you should remove it if you are using the standard library already. For it to run, you need to include the "configfiles" bundle in your bundlesequence declaration or call it through some other mechanism (e.g. a methods: promise), otherwise it will never get executed.
Another comment: if you want to use this, I'd suggest looking at the networking/ssh sketch in the CFEngine Design Center: https://github.com/cfengine/design-center/tree/master/sketches/networking/ssh, since that is the maintained and updated version of this code.
For an introduction to the Design Center and how to use it, please see https://github.com/cfengine/design-center/wiki
Thanks. I'll give that a shot, and get back to you. It'd be really cool to see a way to get CFEngine code syntax coloring added to Visual Studio, or Xcode.
Interesting. It'd be great to get an Xcode or VS plugin working.
When trying to check the promises I see this error: "Redefinition of bundle set_config_values for edit_line is a broken promise, near token '{'" Also this promise won't run in my promises.cf when I bootstrap computers to my policy hub. Is the syntax in this wrong?