From a8fce0ab83d64b963f5a0f9848c9a0a255038f96 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Dec 2012 15:31:19 -0500 Subject: changed shorewall submodule location, this requires you do a git submodule sync --- .gitmodules | 5 ++++- puppet/modules/augeas | 1 + puppet/modules/shorewall | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 160000 puppet/modules/augeas diff --git a/.gitmodules b/.gitmodules index 417457e8..6597612b 100644 --- a/.gitmodules +++ b/.gitmodules @@ -24,7 +24,7 @@ url = git://labs.riseup.net/shared-common [submodule "puppet/modules/shorewall"] path = puppet/modules/shorewall - url = git://labs.riseup.net/shared-shorewall + url = git://code.leap.se/puppet_shorewall [submodule "puppet/modules/resolvconf"] path = puppet/modules/resolvconf url = git://git.puppet.immerda.ch/module-resolvconf.git @@ -52,3 +52,6 @@ [submodule "puppet/modules/passenger"] path = puppet/modules/passenger url = git://code.leap.se/puppet_passenger +[submodule "puppet/modules/augeas"] + path = puppet/modules/augeas + url = git://code.leap.se/puppet_augeas diff --git a/puppet/modules/augeas b/puppet/modules/augeas new file mode 160000 index 00000000..c1e385f5 --- /dev/null +++ b/puppet/modules/augeas @@ -0,0 +1 @@ +Subproject commit c1e385f55f11c81772e243ebb9a7277769d40f92 diff --git a/puppet/modules/shorewall b/puppet/modules/shorewall index 911cc18e..cf0f8bb5 160000 --- a/puppet/modules/shorewall +++ b/puppet/modules/shorewall @@ -1 +1 @@ -Subproject commit 911cc18e594bb5a3ab642ebb24615a0447050c32 +Subproject commit cf0f8bb58178df4b7ce54abab3684a2240c43855 -- cgit v1.2.3 From 22e658810e6e47a7d10d06a28610a634a38877b8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Dec 2012 15:49:12 -0500 Subject: update shorewall module to latest revision, fixing a bug on the shorewall.conf sources --- puppet/modules/shorewall | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/puppet/modules/shorewall b/puppet/modules/shorewall index cf0f8bb5..29e80fe6 160000 --- a/puppet/modules/shorewall +++ b/puppet/modules/shorewall @@ -1 +1 @@ -Subproject commit cf0f8bb58178df4b7ce54abab3684a2240c43855 +Subproject commit 29e80fe61983821dc50ea54a05013c351206d5bd -- cgit v1.2.3 From 3bc680557ca4a70887c99ab9d53cd446730ec00d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Dec 2012 15:50:08 -0500 Subject: set ip_forwarding using augeas --- puppet/modules/site_shorewall/manifests/defaults.pp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp index 88981e5f..0ee20744 100644 --- a/puppet/modules/site_shorewall/manifests/defaults.pp +++ b/puppet/modules/site_shorewall/manifests/defaults.pp @@ -10,4 +10,13 @@ class site_shorewall::defaults { shorewall::rule_section { 'NEW': order => 10; } + include augeas + + augeas { 'enable_ip_forwarding': + changes => 'set /files/etc/shorewall/shorewall.conf/IP_FORWARDING Yes', + lens => 'Shellvars.lns', + incl => '/etc/shorewall/shorewall.conf', + notify => Service[shorewall]; + } + } -- cgit v1.2.3 From 7391fac4a03a9db9655ca992dfed91a51f080f25 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 11 Dec 2012 13:17:06 -0500 Subject: update augeas submodule to try and resolve unreferenced commit --- puppet/modules/augeas | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/puppet/modules/augeas b/puppet/modules/augeas index c1e385f5..44e84a98 160000 --- a/puppet/modules/augeas +++ b/puppet/modules/augeas @@ -1 +1 @@ -Subproject commit c1e385f55f11c81772e243ebb9a7277769d40f92 +Subproject commit 44e84a988b859622e7b3583ac27331cf816017ed -- cgit v1.2.3 From 70e4ca82f79e64a59e85c849092ad217d07fc1d5 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 11 Dec 2012 18:51:57 -0500 Subject: update shorewall submodule to fix the shorewall.conf problem --- puppet/modules/shorewall | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/puppet/modules/shorewall b/puppet/modules/shorewall index 29e80fe6..e511291a 160000 --- a/puppet/modules/shorewall +++ b/puppet/modules/shorewall @@ -1 +1 @@ -Subproject commit 29e80fe61983821dc50ea54a05013c351206d5bd +Subproject commit e511291a111db7a7d88a8820c5423aa5b92304e0 -- cgit v1.2.3 From 221976d2814009710b1a392a451fc4684004c971 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 14 Dec 2012 13:14:49 +0100 Subject: no need for sections in shorewall rules from the shorewall-rules manpage: "If no Section Headers appear in the file then all rules are assumed to be in the NEW section." --- puppet/modules/site_shorewall/manifests/defaults.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp index 0ee20744..d348bf00 100644 --- a/puppet/modules/site_shorewall/manifests/defaults.pp +++ b/puppet/modules/site_shorewall/manifests/defaults.pp @@ -8,8 +8,6 @@ class site_shorewall::defaults { shorewall::zone {'net': type => 'ipv4'; } - shorewall::rule_section { 'NEW': order => 10; } - include augeas augeas { 'enable_ip_forwarding': -- cgit v1.2.3