manifests/tunnel.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

define autossh::tunnel (
  $ensure = present,
  $user,
  $bind_address = 'localhost',
  $port,
  $host = 'localhost',
  $hostport,
  $sshport = '22',
  $remote_host,
  $remote_user = 'absent',
  $monitor_port = 'absent',
  $gatetime = 'absent',
  $first_poll = 'absent',
  $poll = 'absent',
  $maxstart = 'absent',
  $maxlifetime = 'absent',
  $logfile = 'absent'
) {

  include autossh

  $real_remote_user = $remote_user ? {
      'absent' => $user,
      default => $remote_user,
  } 

  # According to the autossh documentation, using OpenSSH ServerAlive 
  # options is better than using a monitor port, so we do that by default.
  if ($monitor_port == 'absent') {
    $real_monitor_port = 0
    $ssh_extra_options = "-o ServerAliveInterval=30 -o ServerAliveCountMax=3"
  }
  else {
    $real_monitor_port = $monitor_port
    $ssh_extra_options = ''
  }

  if ($ensure == 'present') {
  
    file { "/etc/init.d/autossh-tunnel-${name}":
      content => template("autossh/autossh-tunnel.erb"),
      owner   => root,
      group   => root,
      mode    => '755',
      require => Package["autossh"],
      notify => Service["autossh-tunnel-${name}"],
    }

    exec { "autossh-tunnel-${name}_update_rcd":
      command => "update-rc.d autossh-tunnel-${name} start 18 2 3 4 5 . stop 81 0 1 6 .",
      unless => "test -e /etc/rc2.d/S??autossh-tunnel-${name}",
      path => "/bin:/sbin:/usr/sbin:/usr/bin",
      require => [ Package["autossh"], File["/etc/init.d/autossh-tunnel-${name}"]],
    }
    
    service { "autossh-tunnel-${name}":
      ensure => running,
      hasrestart => true,
      hasstatus => true,
      require => File["/etc/init.d/autossh-tunnel-${name}"],
    }
    
  }
  else {
  
    exec { "autossh-tunnel-${name}_stop":
      command => "/etc/init.d/autossh-tunnel-${name} stop",
      path => "/bin:/sbin:/usr/sbin:/usr/bin",
      onlyif => "test -x /etc/init.d/autossh-tunnel-${name} && test -e /var/run/autossh-tunnel-${name}.pid",
    }

    file { "/etc/init.d/autossh-tunnel-${name}":
      ensure => absent,
      require => Exec["autossh-tunnel-${name}_stop"],
    }

    exec { "autossh-tunnel-${name}_update_rcd_remove":
      command => "update-rc.d autossh-tunnel-${name} remove",
      path => "/bin:/sbin:/usr/sbin:/usr/bin",
      onlyif => "test -L /etc/rc2.d/S18autossh-tunnel-${name}",
      require => File["/etc/init.d/autossh-tunnel-${name}"],
    }

  }

}