# Reference

<!-- DO NOT EDIT: This document was generated by Puppet Strings -->

## Table of Contents

### Classes

* [`server_patching`](#server_patching): A class to deploy patching-related tools
* [`server_patching::validate`](#server_patchingvalidate): Validate the server state based on predefined checks.

## Classes

### <a name="server_patching"></a>`server_patching`

At the moment only includes the class `server_patching::validate`.

#### Examples

##### 

```puppet
include server_patching
```

### <a name="server_patchingvalidate"></a>`server_patching::validate`

The class generates or removes the validation script for the
state of the server. The resulting script can be automatically
invoked by AWS SSM after unattended patching.

A hiera example:

```yaml
server_patching::validate::ensure: present
server_patching::validate::services:
  - name: open-vm-tools.service
    active: true
  - name: openipmi.service
    active: false
server_patching::validate::processes:
  - name: falcond
    running: true
server_patching::validate::urls:
  - url: https://netdb.stanford.edu/status-3654hkfjd7fhbd
    status: 200
  - url: https://netdb.stanford.edu
    status: 302
server_patching::validate::ports:
  - port: 22
    proto: tcp
    ip_ver: ipv4
    listening: true
  - port: 23
    proto: tcp
    ip_ver: ipv4
    listening: false
server_patching::validate::mounts:
  - /home
  - /mnt/data
server_patching::validate::exports:
  - /share/raw_data
  - /share/processed_data
server_patching::validate::zfs_pools:
  - pool1
  - pool2
```

#### Examples

##### 

```puppet
include server_patching::validate
```

#### Parameters

The following parameters are available in the `server_patching::validate` class:

* [`ensure`](#ensure)
* [`validation_script`](#validation_script)
* [`use_remctl`](#use_remctl)
* [`services`](#services)
* [`processes`](#processes)
* [`urls`](#urls)
* [`ports`](#ports)
* [`mounts`](#mounts)
* [`exports`](#exports)
* [`zfs_pools`](#zfs_pools)

##### <a name="ensure"></a>`ensure`

Data type: `Enum['absent','present']`

Deploy or remove the validation script.

Default value: `'present'`

##### <a name="validation_script"></a>`validation_script`

Data type: `Stdlib::Unixpath`

Location of the validation script on the system.

Default value: `'/usr/local/bin/validate.sh'`

##### <a name="use_remctl"></a>`use_remctl`

Whether to create a remctl for validation script or not.

##### <a name="services"></a>`services`

Data type: `Array[Struct[{
    'name'       => String,
    'active'     => Optional[Boolean]}]]`

Array of hashes, where each hash is describing a service and
its desired state.

Options:

* **:name** `String`: The name of the service to check.
* **:active** `Boolean`: Desired state of the service: `true` if the service should be running or
`false` if the service should be stopped, disabled, masked or really failed.
Defaults to `true`.

Default value: `[]`

##### <a name="processes"></a>`processes`

Data type: `Array[Struct[{
    'name'       => String,
    'command'    => Optional[String],
    'running'    => Optional[Boolean]}]]`

Array of hashes, where each hash describes the name of a process
and whether it is supposed to be running.

Options:

* **:name** `String`: The name of the process to check.
* **:running** `Boolean`: The desired state of the process, `true` if the process should be running
or `false` if it is not supposed to. Defaults to `true`.
* **:command** `Boolean`: Search string for a command line arguments of a process.

Default value: `[]`

##### <a name="urls"></a>`urls`

Data type: `Array[Struct[{
    'url'        => Stdlib::HTTPUrl,
    'resolve_to' => Optional[Stdlib::IP::Address],
    'status'     => Optional[Integer[100,510]]}]]`

Array of hashes, where each hash describes the web URL
and the HTTP status code it is supposed to return

Options:

* **:url** `Stdlib::HTTPUrl`: The HTTP URL to check.
* **:status** `Integer`: The HTTP status code :url is expected to return. Defaults to `200`.
* **:resolve_to** `Integer`: Force the domain specified in a URL to resolve to this IP address.

Default value: `[]`

##### <a name="ports"></a>`ports`

Data type: `Array[Struct[{
    'port'       => Stdlib::Port,
    'proto'      => Optional[Enum['tcp','udp']],
    'ip_ver'     => Optional[Enum['ipv4','ipv6']],
    'listening'  => Optional[Boolean]}]]`

Array of hashes, where each hash contains a port number, protocol,
IP protocol version (IPv4/IPv6) and whether anything is expected
to be listening on it.

Options:

* **:port** `Stdlib::Port`: Port number to check.
* **:proto** `Enum['tcp','udp']`: Protocol TCP or UDP which is to be used for the check. Defaults to `tcp`.
* **:ip_ver** `Enum['ipv4','ipv6']`: Version of IP protocol to use for the check, IPv4 or IPv6. Defaults to `ipv4`.
* **:listenting** `Boolean`: `true`, if something is expected to listed on this port or `false` if
the port is not supposed to respond. Defaults to `true`.

Default value: `[]`

##### <a name="mounts"></a>`mounts`

Data type: `Array[Stdlib::Unixpath]`

Array of mounts to be checked for presence.

Default value: `[]`

##### <a name="exports"></a>`exports`

Data type: `Array[Stdlib::Unixpath]`

Array of NFS exports to be checked for presence. Only local exports are checked.

Default value: `[]`

##### <a name="zfs_pools"></a>`zfs_pools`

Data type: `Array[String]`

Array of ZFS pools to be checked for presence.

Default value: `[]`