Commit v0.1.0

README.md

@@ -0,0 +1,98 @@
+# arpwatch
+
+#### Table of Contents
+
+1. [Description](#description)
+1. [Setup - The basics of getting started with arpwatch](#setup)
+    * [Beginning with arpwatch](#beginning-with-arpwatch)
+1. [Usage - Configuration options and additional functionality](#usage)
+1. [Reference - An under-the-hood peek at what the module is doing and how](#reference)
+1. [Limitations - OS compatibility, etc.](#limitations)
+1. [Development - Guide for contributing to the module](#development)
+1. [Release Notes](#release-notes)
+
+## Description
+
+Install and configure arpwatch
+
+## Setup
+
+### Beginning with arpwatch
+
+`include ::arpwatch` is enough to get you up and running.
+
+## Usage
+
+All interaction with the arpwatch module is done through the main arpwatch class. You can simply set the options in `::ntp` to have full functionality of the module.
+
+## Reference
+
+### Classes
+
+#### Public Classes
+
+* arpwatch: Main class, installs and configures arpwatch
+
+#### Private Classes
+
+* arpwatch::params: Determines and sets the defaults used by the main arpwatch class
+
+### Parameters
+
+The following parameters are available in the `::arpwatch` class:
+
+####`config_file`
+
+Specifies a file for arpwatch's configuration. Valid options: string containing an absolute path. Default value: '/etc/sysconfig/arpwatch'
+
+####`config_template`
+
+Specifies a file to act as a ERB template for the config file. Valid options: string containing a path (absolute, or relative to the module path). Example value: 'arpwatch/conf.rhel.erb'
+
+#### `dest_email`
+
+Specifies the email address to send arpwatch alerts to. Valid options: string. Default value: '-' (suppresses all email output from arpwatch)
+
+#### `interface`
+
+Specifies the interface to monitor for arp changes. Valid options: string containing an interface name. Default: eth0
+
+#### `package_ensure`
+
+Tells Puppet whether the arpwatch package should be installed, and what version. Valid options: 'present', 'latest', or a specific version number. Default value: 'present'
+
+#### `package_name`
+
+Tells Puppet what arpwatch package to manage. Valid options: string. Default value: 'arpwatch'
+
+#### `service_enable`
+
+Tells Puppet whether to enable the arpwatch service at boot. Valid options: true or false. Default value: true
+
+#### `service_ensure`
+
+Tells Puppet whether the arpwatch service should be running. Valid options: 'running' or 'stopped'. Default value: 'running'
+
+#### `service_name`
+
+Tells Puppet what arpwatch service to manage. Valid options: string. Default value: 'arpwatch'
+
+#### `service_user`
+
+Specifies which user account arpwatch should run under. Valid options: string. Default value: 'arpwatch' ('pcap' under RHEL5)
+
+#### `source_email`
+
+Specifies the source email address for arpwatch emails. Valid options: string. Default value: 'arpwatch@${::fqdn}'
+
+## Limitations
+
+arpwatch currently only supports RedHat based distributions. Pull requests are welcome to add support for other platforms.
+
+## Development
+
+Pull requests are welcome. Please make sure to properly document any additions or changes made to the module.
+
+## Release Notes
+
+v0.1.0 - Initial release of arpwatch module

Rakefile

@@ -0,0 +1,32 @@
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-lint/tasks/puppet-lint'
+require 'metadata-json-lint/rake_task'
+
+if RUBY_VERSION >= '1.9'
+  require 'rubocop/rake_task'
+  RuboCop::RakeTask.new
+end
+
+PuppetLint.configuration.send('disable_80chars')
+PuppetLint.configuration.relative = true
+PuppetLint.configuration.ignore_paths = ['spec/**/*.pp', 'pkg/**/*.pp']
+
+desc 'Validate manifests, templates, and ruby files'
+task :validate do
+  Dir['manifests/**/*.pp'].each do |manifest|
+    sh "puppet parser validate --noop #{manifest}"
+  end
+  Dir['spec/**/*.rb', 'lib/**/*.rb'].each do |ruby_file|
+    sh "ruby -c #{ruby_file}" unless ruby_file =~ %r{spec/fixtures}
+  end
+  Dir['templates/**/*.erb'].each do |template|
+    sh "erb -P -x -T '-' #{template} | ruby -c"
+  end
+end
+
+desc 'Run metadata_lint, lint, validate, and spec tests.'
+task :test do
+  [:metadata_lint, :lint, :validate, :spec].each do |test|
+    Rake::Task[test].invoke
+  end
+end

examples/init.pp

@@ -0,0 +1,12 @@
+# The baseline for module testing used by Puppet Labs is that each manifest
+# should have a corresponding test manifest that declares that class or defined
+# type.
+#
+# Tests are then run by using puppet apply --noop (to check for compilation
+# errors and view a log of events) or by fully applying the test in a virtual
+# environment (to compare the resulting system state to the desired state).
+#
+# Learn more about module testing here:
+# https://docs.puppet.com/guides/tests_smoke.html
+#
+include ::arpwatch

manifests/init.pp

@@ -0,0 +1,103 @@
+# Class: arpwatch
+# ===========================
+#
+# Install and configure arpwatch
+#
+# Parameters
+# ----------
+#
+# * `config_file`
+# The confiugration file on the server to manage.
+#
+# * `config_template`
+# The template to use when generating the config file.
+#
+# * `dest_email`
+# The email address to send arpwatch alerts to.
+#
+# * `interface`
+# Which interface to watch for arp traffic
+#
+# * `package_ensure`
+# Ensure value passed to the package resource
+#
+# * `package_name`
+# Name of the package to manage
+#
+# * `service_enable`
+# Enable value, passed to the service resource
+#
+# * `service_ensure`
+# Ensure value, passed to the service resource
+#
+# * `service_name`
+# Name of the service to manage
+#
+# * `service_user`
+# Defines the user account that arpwatch will run under
+#
+# * `source_email`
+# Define the source email address for arpwatch alerts
+#
+# Examples
+# --------
+#
+# @example
+#    class { 'arpwatch':
+#      dest_email => 'foo@bar.org',
+#      source_email => 'arpwatch@baz.com',
+#    }
+#
+# Authors
+# -------
+#
+# Ryan DeShone <rfdeshon@gmail.com>
+#
+# Copyright
+# ---------
+#
+# Copyright 2016 Ryan DeShone, unless otherwise noted.
+#
+class arpwatch (
+  $config_file = $arpwatch::params::config_file,
+  $config_template = $arpwatch::params::config_template,
+  $dest_email = '-',
+  $interface = $arpwatch::params::interface,
+  $package_ensure = 'installed',
+  $package_name = $arpwatch::params::package_name,
+  $service_enable = true,
+  $service_ensure = 'running',
+  $service_name = $arpwatch::params::service_name,
+  $service_user = $arpwatch::params::service_user,
+  $source_email = "arpwatch@${::fqdn}",
+  ) inherits arpwatch::params {
+    validate_string($dest_email)
+    validate_string($package_name)
+    validate_string($service_user)
+    validate_string($service_name)
+    validate_string($interface)
+    validate_absolute_path($config_file)
+    validate_string($package_ensure)
+    validate_string($source_email)
+    validate_bool($service_enable)
+    validate_string($service_ensure)
+
+    package {
+      $package_name:
+      ensure => $package_ensure,
+    }
+    file {
+      $config_file:
+      ensure  => 'file',
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0644',
+      content => template($config_template),
+    }
+    service {
+      $service_name:
+      ensure => $service_ensure,
+      enable => $service_enable,
+    }
+    Package[$package_name]->File[$config_file]~>Service[$service_name]
+}

manifests/params.pp

@@ -0,0 +1,20 @@
+# Class: arpwatch::params
+# ========================
+class arpwatch::params {
+  case $::osfamily {
+    'RedHat': {
+    $package_name = 'arpwatch'
+    $service_name = 'arpwatch'
+    $interface = 'eth0'
+    $config_file = '/etc/sysconfig/arpwatch'
+    $config_template = 'arpwatch/conf.rhel.erb'
+    $service_user = $::os_maj_version ? {
+        '5' => 'pcap',
+        default => 'arpwatch',
+      }
+    }
+    default: {
+      fail("The ${module_name} module is not supported on an ${::osfamily} distribution.")
+    }
+  }
+}

metadata.json

@@ -0,0 +1,14 @@
+{
+  "name": "ardichoke-arpwatch",
+  "version": "0.1.0",
+  "author": "ardichoke",
+  "summary": "Install and manage arpwatch",
+  "license": "Apache-2.0",
+  "source": "https://github.com/ardichoke/puppet-arpwatch",
+  "project_page": "https://github.com/ardichoke/puppet-arpwatch",
+  "issues_url": "https://github.com/ardichoke/puppet-arpwatch/issues",
+  "dependencies": [
+    {"name":"puppetlabs-stdlib","version_requirement":">= 1.0.0"}
+  ]
+}
+

templates/conf.rhel.erb

@@ -0,0 +1,3 @@
+# THIS FILE MANAGED BY PUPPET
+# CHANGES WILL BE OVERWRITTEN
+OPTIONS="-i <%= @interface -%> -u <%= @service_user -%> -e <%= @dest_email -%> -s <%= @source_email -%>"