script:/var/cfengine/cf-server.cf

body server control {
    # Do not use DNS
    skipverify => { "10.0.52.*" };
    allowconnects => { "10.0.52.0/24" };
    allowallconnects => { "10.0.52.0/24" };
    maxconnections => "5";
    logallconnections => "true";
    trustkeysfrom => { "10.0.52.1" };
    bindtointerface => "10.0.52.1";
 
    cfruncommand =>
            "${g.workdir}/bin/cf-agent || /var/cfengine/failsafe/bin/cf-failsafe.sh";
    allowusers => { "root" };
 
}
 
# ensure server is running.
bundle agent server {
    processes:
 
         "cf-serverd"
           restart_class => "start_cfserverd";
 
    commands:
 
         start_cfserverd::
           "${g.workdir}/bin/cf-serverd";
}
 
bundle server access_rules {
    access:
         "${g.masterfiles}"
         admit => { "10\.0\.52\..*" };
 
         # All policy hosts to 'push'.
         "${g.workdir}/bin/cf-agent"
         admit => { "${g.phost}" };
}
 
body runagent control {
    hosts => {
         "10.0.52.1"
    };
}