Allow to set the user that run Arpwatch

This commit is contained in:
Jeremy Gardais 2018-04-23 11:55:25 +02:00
parent a823b97c04
commit 58d981bea7
Signed by: jegardai
GPG Key ID: E759BAA22501AF32
5 changed files with 35 additions and 0 deletions

View File

@ -4,3 +4,4 @@
### Features
* Install Arpwatch.
* Ensure the service is in the desired state.
* Allow to set the user that run Arpwatch.

View File

@ -19,6 +19,7 @@ Manage Arpwatch installation and configuration.
* **arpwatch__service_manage**: If the arpwatch service should be managed [default: `True`].
* **arpwatch__service_name**: The service name to manage [default: `arpwatch`].
* **arpwatch__conf_src**: Template used to provide configuration file [default: `../templates/etc/arpwatch.conf.j2`].
* **arpwatch__conf_username**: Username that should run Arpwatch [default: `arpwatch`].
## Example Playbook
@ -35,6 +36,7 @@ Manage Arpwatch installation and configuration.
This role will:
* Install needed packages to provide `arpwatch` service.
* Manage `arpwatch` configuration (/etc/arpwatch.conf).
* Allow to set the user that run Arpwatch.
* Ensure `arpwatch` service is enabled and started.
* Ensure to restart `arpwatch` service if configuration changed.

View File

@ -54,5 +54,14 @@ arpwatch__service_manage: True
arpwatch__conf_src: '../templates/etc/arpwatch.conf.j2'
# ]]]
# .. envvar:: arpwatch__conf_username [[[.
# Username that should run Arpwatch.
#
# The value should be a string with an existing username.
# ``arpwatch``
# Default. Created during installation.
arpwatch__conf_username: 'arpwatch'
# ]]]
# ]]]

View File

@ -14,6 +14,7 @@
when: arpwatch__enabled|bool
# Manage configuration file [[[1
## Manage Arpwatch configuration [[[
- name: Create Arpwatch configuration
template:
src: '{{ arpwatch__conf_src }}'
@ -23,6 +24,19 @@
mode: '0644'
when: arpwatch__enabled|bool
notify: ['restart arpwatch service']
# ]]]
## Manage service default [[[
- name: Manage service default
template:
src: '../templates/etc/default/arpwatch.j2'
dest: "/etc/default/arpwatch"
owner: root
group: root
mode: '0644'
when: '{{ ((arpwatch__enabled | bool) and
(arpwatch__service_manage | bool)) }}'
notify: ['restart arpwatch service']
# ]]]
# Manage service [[[1
- name: Manage arpwatch service

View File

@ -0,0 +1,9 @@
## {{ ansible_managed }}
# Global options for arpwatch(8).
# Debian: don't report bogons, don't use PROMISC.
ARGS="-N -p"
# Debian: run as `{{ arpwatch__conf_username }}' user. Empty this to run as root.
RUNAS="{{ arpwatch__conf_username }}"