diff options
author | Micah Anderson <micah@riseup.net> | 2013-04-30 17:17:54 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2013-04-30 17:17:54 -0400 |
commit | 8e5716518b361aceac5c2cc5433148edf8785d89 (patch) | |
tree | 3e3bc234a421512eb2fade72cef4518383566481 /puppet/modules/site_shorewall/manifests | |
parent | 334e4242a55f36c8ba3bbaa8b5e1c44664402450 (diff) |
setup a site_config::params class that can be used to set some common variables that are used in different places
to start with we setup the $interface variable, based on logic as defined in #2213
change the various places that were looking up this value to use site_config::params::interface instead
Diffstat (limited to 'puppet/modules/site_shorewall/manifests')
-rw-r--r-- | puppet/modules/site_shorewall/manifests/defaults.pp | 14 | ||||
-rw-r--r-- | puppet/modules/site_shorewall/manifests/eip.pp | 7 |
2 files changed, 5 insertions, 16 deletions
diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp index d5639a90..c62c9307 100644 --- a/puppet/modules/site_shorewall/manifests/defaults.pp +++ b/puppet/modules/site_shorewall/manifests/defaults.pp @@ -1,17 +1,10 @@ class site_shorewall::defaults { include shorewall + include site_config::params # be safe for development #if ( $::virtual == 'virtualbox') { $shorewall_startup='0' } - $ip_address = hiera('ip_address') - # a special case for vagrant interfaces - $interface = $::virtual ? { - virtualbox => [ 'eth0', 'eth1' ], - default => getvar("interface_${ip_address}") - } - - # If you want logging: shorewall::params { 'LOG': value => 'debug'; @@ -19,14 +12,13 @@ class site_shorewall::defaults { shorewall::zone {'net': type => 'ipv4'; } - # define interfaces - shorewall::interface { $interface: + shorewall::interface { $site_config::params::interface: zone => 'net', options => 'tcpflags,blacklist,nosmurfs'; } - shorewall::routestopped { $interface: } + shorewall::routestopped { $site_config::params::interface: } shorewall::policy { 'fw-to-all': diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp index 95c3920e..2f84d45c 100644 --- a/puppet/modules/site_shorewall/manifests/eip.pp +++ b/puppet/modules/site_shorewall/manifests/eip.pp @@ -1,6 +1,7 @@ class site_shorewall::eip { include site_shorewall::defaults + include site_config::params include site_shorewall::ip_forward # define macro for incoming services @@ -32,11 +33,7 @@ PARAM - - udp 1194 type => 'ipv4'; } - if $::virtual == 'virtualbox' { - $interface = 'eth0' - } else { - $interface = $site_shorewall::defaults::interface - } + $interface = $site_config::params::interface shorewall::masq { "${interface}_unlimited_tcp": |