-
Notifications
You must be signed in to change notification settings - Fork 2
/
service.pp
60 lines (55 loc) · 2.08 KB
/
service.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#
# @summary Manage the SentinelOne Agent service
#
class sentinelone_agent::service {
require ::logrotate
# Token is just a base64-encoded string of JSON
$token_pieces = parsejson(base64('decode', $sentinelone_agent::token))
$site_key = $token_pieces['site_key']
$url = $token_pieces['url']
if $sentinelone_agent::manage_service {
service { 'sentinelone_agent_service':
ensure => $sentinelone_agent::service_ensure,
enable => $sentinelone_agent::service_enable,
name => $sentinelone_agent::service_name,
require => $sentinelone_agent::install::pkg_req,
}
$svc_req = Service['sentinelone_agent_service']
} else {
$svc_req = undef
}
# Require package installation first if the module controls the package
# Don't execute if the sitekey is already correct on the system
exec {'sentinelone_agent_token':
command => "/usr/bin/sentinelctl management token set ${sentinelone_agent::token}",
notify => $svc_req,
require => $sentinelone_agent::install::pkg_req,
unless => "/usr/bin/sentinelctl management status | /usr/bin/grep -E 'Site\\-Key\\s+${site_key}'",
user => 'root',
}
if $sentinelone_agent::proxy_url {
# Use Augeas to get around password prompts on proxy URL change
augeas { 'sentinelone_agent_proxy':
changes => "set dict/entry[.= 'mgmt_proxy_url']/string '${sentinelone_agent::proxy_url}'",
context => '/files/opt/sentinelone/configuration/basic.conf',
incl => '/opt/sentinelone/configuration/basic.conf',
lens => 'Json.lns',
onlyif => "get dict/entry[.= 'mgmt_proxy_url']/string != '${sentinelone_agent::proxy_url}'",
notify => Service['sentinelone_agent_service'],
}
}
if $sentinelone_agent::manage_logrotate {
logrotate::rule { 'sentinelone_agent':
ensure => $sentinelone_agent::logrotate_ensure,
compress => true,
dateext => true,
ifempty => false,
maxsize => '100M',
missingok => true,
path => [
'/var/log/sentinelagent/*.log',
'/var/log/sentinelagent/ui/*.log',
],
}
}
}