supports :status => true, :restart => true, :reload => true
end
-servers = search(:node, "recipes:munin\\:\\:server")
+servers = search(:node, "recipes:munin\\:\\:server").collect do |server|
+ server.ipaddresses(:role => :external)
+end.flatten
-servers.each do |server|
- server.interfaces(:role => :external) do |interface|
- firewall_rule "accept-munin-#{server}" do
- action :accept
- family interface[:family]
- source "#{interface[:zone]}:#{interface[:address]}"
- dest "fw"
- proto "tcp:syn"
- dest_ports "munin"
- source_ports "1024:"
- end
- end
+firewall_rule "accept-munin" do
+ action :accept
+ context :incoming
+ protocol :tcp
+ source servers
+ dest_ports "munin"
+ source_ports "1024-65535"
+ not_if { servers.empty? }
end
template "/etc/munin/munin-node.conf" do
source "munin-node.conf.erb"
owner "root"
group "root"
- mode 0o644
+ mode "644"
variables :servers => servers
notifies :restart, "service[munin-node]"
end