CFEngine and IPv6

From Kyle's Wiki
Jump to: navigation, search

Cfengine can work over IPv6, here are some example configurations.

cfservd.conf

control:
  domain = ( xkyle.com )
  TrustKeysFrom = ( 2001:470:1f04:6ca::2 10.0.2.0/24 2001:55c:4434:2c27 )
  AllowUsers = ( root )
  AllowConnectionsFrom = ( 2001:470:1f04:6ca::2 10.0.2.0/24 2001:55c:4434:2c27 )
  AllowMultipleConnectionsFrom = ( 2001:470:1f04:6ca::2 10.0.2.0/24 2001:55c:4434:2c27 )

any::

  IfElapsed = ( 0 )
  ExpireAfter = ( 15 )
  MaxConnections = ( 50 )
  MultipleConnections = ( true )


grant:
   /var/lib/cfengine2/masterfiles/inputs   *.xkyle.com
   /var/lib/cfengine2/masterfiles/inputs   *.lan
   /var/lib/cfengine2/masterfiles/files   *.xkyle.com
   /var/lib/cfengine2/masterfiles/files   *.lan

/etc/gai.conf

For reasons I have yet to understand, cfservd would not bind on ipv6 until I added this line in to /etc/gai.conf on my Ubuntu server.

label ::/0          1
Personal tools
Namespaces

Variants
Actions
Efforts
Toolbox
Meta