Install Arpwatch and manage service

CHANGELOG.md

@@ -0,0 +1,6 @@
+
+## v1.0
+
+### Features
+* Install Arpwatch.
+* Ensure the service is in the desired state.

defaults/main.yml

@@ -0,0 +1,58 @@
+---
+# .. vim: foldmarker=[[[,]]]:foldmethod=marker
+#
+# ipr-cnrs.arpwatch default variables [[[
+# ======================================
+
+# Packages and installation [[[
+# -----------------------------
+
+# .. envvar:: arpwatch__base_packages [[[
+#
+# List of base packages to install.
+arpwatch__base_packages:
+  - 'arpwatch'
+
+                                                                   # ]]]
+# .. envvar:: arpwatch__enabled [[[
+#
+# Enable or disable support for Arpwatch on a given host. Disabling this
+# option does not remove existing installation and configuration.
+#
+arpwatch__enabled: True
+
+                                                                   # ]]]
+# .. envvar:: arpwatch__service_name [[[
+#
+# The service name to manage.
+arpwatch__service_name: 'arpwatch'
+
+                                                                   # ]]]
+# .. envvar:: arpwatch__service_manage [[[
+#
+# If the arpwatch service should be managed? Possible options:
+#
+# ``True``
+#   Default. The service is started and enabled.
+#
+# ``False``
+#   The service is stopped and disabled from startup.
+arpwatch__service_manage: True
+
+                                                                   # ]]]
+
+                                                                   # ]]]
+
+# Configuration [[[
+# -----------------------------
+
+# .. envvar:: arpwatch__conf_src [[[.
+# Template used to provide configuration file.
+#
+# Must be a relative path from default/ directory of this role or to your
+# ansible inventory directory.
+arpwatch__conf_src: '../templates/etc/arpwatch.conf.j2'
+
+                                                                   # ]]]
+
+                                                                   # ]]]

handlers/main.yml

@@ -0,0 +1,10 @@
+---
+# handlers file for arpwatch
+- name: restart arpwatch service
+  service:
+    name: '{{ arpwatch__service_name }}'
+    state: '{{ "restarted" if (arpwatch__enabled | d(True) | bool and
+                            (arpwatch__service_manage | d(True) | bool))
+          else "stopped" }}'
+    enabled: '{{ arpwatch__service_manage | d(True) | bool }}'
+

tasks/main.yml

@@ -0,0 +1,33 @@
+---
+# .. vim: foldmarker=[[[,]]]:foldmethod=marker
+#
+# tasks file for ipr-cnrs.arpwatch
+
+# Manage required system packages [[[1
+- name: Ensure required packages are in there desired state
+  package:
+    name: '{{ item }}'
+    state: 'present'
+    install_recommends: False
+  with_flattened:
+    - '{{ arpwatch__base_packages }}'
+  when: arpwatch__enabled|bool
+
+# Manage configuration file [[[1
+- name: Configure Arpwatch
+  template:
+    src: '{{ arpwatch__conf_src }}'
+    dest: "/etc/arpwatch.conf"
+  when: arpwatch__enabled|bool
+  notify: ['restart arpwatch service']
+
+# Manage service [[[1
+- name: Manage arpwatch service
+  service:
+    name: '{{ arpwatch__service_name }}'
+    state: '{{ "started" if ((arpwatch__enabled | d(True) | bool) and
+                             (arpwatch__service_manage | d(True) | bool))
+          else "stopped" }}'
+    enabled: '{{ ((arpwatch__enabled | d(True) | bool) and
+                  (arpwatch__service_manage | d(True) | bool)) }}'
+

templates/etc/arpwatch.conf.j2

@@ -0,0 +1,22 @@
+# /etc/arpwatch.conf: Debian-specific way to watch multiple interfaces.
+# Format of this configuration file is:
+#
+#<dev1>	<arpwatch options for dev1>
+#<dev2>	<arpwatch options for dev2>
+#...
+#<devN>	<arpwatch options for devN>
+#
+# You can set global options for all interfaces by editing
+# /etc/default/arpwatch
+
+# For example:
+
+#eth0	-m root
+#eth1	-m root
+#eth2	-m root
+
+# or, if you have an MTA configured for plussed addressing:
+#
+#eth0	-m root+eth0
+#eth1	-m root+eth1
+#eth2	-m root+eth2