diff options
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | manifests/init.pp | 51 | ||||
-rw-r--r-- | templates/rng-tools.erb | 19 |
3 files changed, 71 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1377554 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.swp diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..e6494e9 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,51 @@ +# This module is distributed under the GNU Affero General Public License: +# +# rng-tools module for puppet +# Copyright (C) 2009 Sarava Group +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +class rng_tools { + + # Warning: do not set device do /dev/urandom, see + # http://bugs.gentoo.org/292239 + case $rng_tools_device { + '': { $rng_tools_device = '/dev/hwrng' } + } + + case $rng_tools_options { + '': { $rng_tools_options = '' } + } + + # The needed packages + package { [ "rng-tools", "israndom" ]: + ensure => installed, + } + + file { "/etc/default/rng-tools": + ensure => present, + owner => root, + group => root, + mode => 0644, + notify => Service["rng-tools"], + content => template('rng_tools/default/rng-tools.erb'), + } + + service { "rng-tools": + enable => true, + ensure => running, + hasrestart => true, + require => [ File["/etc/default/rng-tools"], Package["rng-tools"] ], + } +} diff --git a/templates/rng-tools.erb b/templates/rng-tools.erb new file mode 100644 index 0000000..fa0a8d7 --- /dev/null +++ b/templates/rng-tools.erb @@ -0,0 +1,19 @@ +# Configuration for the rng-tools initscript +# $Id: rng-tools.default,v 1.1.2.5 2008-06-10 19:51:37 hmh Exp $ + +# This is a POSIX shell fragment + +# Set to the input source for random data, leave undefined +# for the initscript to attempt auto-detection. Set to /dev/null +# for the viapadlock driver. +#HRNGDEVICE=/dev/hwrng +#HRNGDEVICE=/dev/null +HRNGDEVICE=<%= rng_tools_device %> + +# Additional options to send to rngd. See the rngd(8) manpage for +# more information. Do not specify -r/--rng-device here, use +# HRNGDEVICE for that instead. +#RNGDOPTIONS="--hrng=intelfwh --fill-watermark=90% --feed-interval=1" +#RNGDOPTIONS="--hrng=viakernel --fill-watermark=90% --feed-interval=1" +#RNGDOPTIONS="--hrng=viapadlock --fill-watermark=90% --feed-interval=1" +RNGDOPTIONS="<%= rng_tools_options %>" |