From: Tom Hughes Date: Mon, 22 Jun 2020 19:55:09 +0000 (+0100) Subject: Update SNMP configuration for lyonix X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/22e87649580d1a4329958eff41a83f3f86886156 Update SNMP configuration for lyonix --- diff --git a/cookbooks/snmpd/recipes/default.rb b/cookbooks/snmpd/recipes/default.rb index ccafc831c..10353914c 100644 --- a/cookbooks/snmpd/recipes/default.rb +++ b/cookbooks/snmpd/recipes/default.rb @@ -60,3 +60,27 @@ else source_ports "1024:" end end + +if node[:snmpd][:clients6] + node[:snmpd][:clients6].each do |address| + firewall_rule "accept-snmp" do + action :accept + family "inet6" + source "net:#{address}" + dest "fw" + proto "udp" + dest_ports "snmp" + source_ports "1024:" + end + end +else + firewall_rule "accept-snmp" do + action :accept + family "inet6" + source "net" + dest "fw" + proto "udp" + dest_ports "snmp" + source_ports "1024:" + end +end diff --git a/cookbooks/snmpd/templates/default/snmpd.conf.erb b/cookbooks/snmpd/templates/default/snmpd.conf.erb index 9239fbd30..e47f2e03f 100644 --- a/cookbooks/snmpd/templates/default/snmpd.conf.erb +++ b/cookbooks/snmpd/templates/default/snmpd.conf.erb @@ -1,6 +1,9 @@ # DO NOT EDIT - This file is being maintained by Chef -rocommunity <%= @communities[node[:snmpd][:community]] %> +<% @communities[node[:snmpd][:community]].each do |community| -%> +rocommunity <%= community %> +rocommunity6 <%= community %> +<% end -%> syslocation <%= node[:snmpd][:location] %> <% if node[:snmpd][:contact] -%> syscontact <%= node[:snmpd][:contact] %> diff --git a/roles/lyonix.rb b/roles/lyonix.rb index faf838dac..715f6a848 100644 --- a/roles/lyonix.rb +++ b/roles/lyonix.rb @@ -8,7 +8,8 @@ default_attributes( :nameservers => ["77.95.64.205", "77.95.64.206", "8.8.8.8", "8.8.4.4"] }, :snmpd => { - :clients => ["77.95.64.0/24", "77.95.70.0/24"], + :clients => ["77.95.64.0/21"], + :clients6 => ["2a03:9180::/32", "2001:7f8:47::/48"], :community => "lyonix", :location => "LYON", :contact => "noc@lyonix.net"