def.cf

###############################################################################
#
# bundle common def
#  - common/global variables and classes here
#
###############################################################################

bundle common def

{

  vars:

    any::

      # Begin change # Your domain name, for use in access control

      "domain"  string => "example.com",
      comment => "Define a global domain for all hosts",
      handle => "common_def_vars_domain";

      # List here the IP masks that we grant access to on the server

      "acl"     slist => {

                           # Assume /16 LAN clients to start with
                           "$(sys.policy_hub)/16",

                           #  "2001:700:700:3.*",
                           #  "217.77.34.18",
                           #  "217.77.34.19",
      },
      comment => "Define an acl for the machines to be granted accesses",
      handle => "common_def_vars_acl";

      # End change #

      "dir_masterfiles" string => translatepath("$(sys.masterdir)"),
      comment => "Define masterfiles path",
      handle => "common_def_vars_dir_masterfiles";

      "dir_reports"     string => translatepath("$(sys.workdir)/reports"),
      comment => "Define reports path",
      handle => "common_def_vars_dir_reports";

      "dir_software"    string => translatepath("$(sys.workdir)/master_software_updates"),
      comment => "Define software path",
      handle => "common_def_vars_dir_software";

      "dir_bin"         string => translatepath("$(sys.bindir)"),
      comment => "Define binary path",
      handle => "common_def_vars_dir_bin";

      "dir_modules"     string => translatepath("$(sys.workdir)/modules"),
      comment => "Define modules path",
      handle => "common_def_vars_dir_modules";

      # CFEngine own log files
      "cfe_log_files"    slist => {
                                    "$(sys.workdir)/cf3.$(sys.host).runlog",
                                    "$(sys.workdir)/cf_notkept.log",
                                    "$(sys.workdir)/cf_repair.log",
                                    "$(sys.workdir)/httpd/logs/access_log",# Mission Portal
                                    "$(sys.workdir)/httpd/logs/error_log", # Mission Portal
                                    "$(sys.workdir)/promise_summary.log",
                                    "$(sys.workdir)/state/cf_value.log",
                                  };

      "cfe_log_dirs"     slist => {
                                    "$(sys.workdir)/outputs"
                                  };

  classes:

    ### Enable special features policies. Set to "any" to enable.

    # Internal CFEngine log files rotation
    "cfengine_internal_rotate_logs" expression => "!any";

    # Transfer policies and binaries with encryption
    "cfengine_internal_encrypt_transfers" expression => "!any";

    # Purge policies that don't exist on the server side.
    "cfengine_internal_purge_policies" expression => "!any";
}