From: Tom Hughes <tom@compton.nu>
Date: Tue, 26 Feb 2019 00:07:32 +0000 (+0000)
Subject: Enable SNMP for HostedIn.NZ machines
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/f7e802a51133ff2331798a7b54c0f0670ec43ce1

Enable SNMP for HostedIn.NZ machines
---

diff --git a/cookbooks/snmpd/recipes/default.rb b/cookbooks/snmpd/recipes/default.rb
index fd852357f..b5bccce4b 100644
--- a/cookbooks/snmpd/recipes/default.rb
+++ b/cookbooks/snmpd/recipes/default.rb
@@ -37,11 +37,23 @@ template "/etc/snmp/snmpd.conf" do
   notifies :restart, "service[snmpd]"
 end
 
-node[:snmpd][:clients].each do |address|
+if node[:snmpd][:clients]
+  node[:snmpd][:clients].each do |address|
+    firewall_rule "accept-snmp" do
+      action :accept
+      family "inet"
+      source "net:#{address}"
+      dest "fw"
+      proto "udp"
+      dest_ports "snmp"
+      source_ports "1024:"
+    end
+  end
+else
   firewall_rule "accept-snmp" do
     action :accept
     family "inet"
-    source "net:#{address}"
+    source "net"
     dest "fw"
     proto "udp"
     dest_ports "snmp"
diff --git a/cookbooks/snmpd/templates/default/snmpd.conf.erb b/cookbooks/snmpd/templates/default/snmpd.conf.erb
index acddef736..9239fbd30 100644
--- a/cookbooks/snmpd/templates/default/snmpd.conf.erb
+++ b/cookbooks/snmpd/templates/default/snmpd.conf.erb
@@ -2,4 +2,6 @@
 
 rocommunity     <%= @communities[node[:snmpd][:community]] %>
 syslocation     <%= node[:snmpd][:location] %>
+<% if node[:snmpd][:contact] -%>
 syscontact      <%= node[:snmpd][:contact] %>
+<% end -%>
diff --git a/roles/hostedinnz.rb b/roles/hostedinnz.rb
index 86438e01f..40eaba9cc 100644
--- a/roles/hostedinnz.rb
+++ b/roles/hostedinnz.rb
@@ -11,6 +11,10 @@ default_attributes(
         :zone => "osm"
       }
     }
+  },
+  :snmpd => {
+    :community => "hostedinnz",
+    :location => "Wellington"
   }
 )
 
@@ -21,5 +25,6 @@ override_attributes(
 )
 
 run_list(
-  "role[nz]"
+  "role[nz]",
+  "recipe[snmpd]"
 )