introduce a way to manage allowed hosts

2 files changed, 22 insertions, 6 deletions

diff --git a/manifests/allowed_host.pp b/manifests/allowed_host.pp
new file mode 100644
index 0000000..1c29fbb
--- /dev/null
+++ b/manifests/allowed_host.pp
@@ -0,0 +1,13 @@
+define denyhosts::allowed_host(
+  $ipaddress = $ip,
+  $ensure = 'present'
+){
+  include ::denyhosts
+  line{"denyhosts_allowed_host_${name}":
+    file => '/var/lib/denyhosts/allowed-hosts',
+    line => $ip,
+    ensure => $ensure,
+    require => File['/var/lib/denyhosts/allowed-hosts'],
+    notify => Service['denyhosts'],
+  }
+}
diff --git a/manifests/base.pp b/manifests/base.pp
index 22dcf6f..af74656 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -8,8 +8,8 @@ class denyhosts::base  {
     service { denyhosts:
         enable => true,
         ensure => running,
-        require => [ Package[denyhosts], 
-            File["/etc/denyhosts.conf"], 
+        require => [ Package[denyhosts],
+            File["/etc/denyhosts.conf"],
             File["/var/lib/denyhosts/allowed-hosts"] ],
     }
 
@@ -23,12 +23,15 @@ class denyhosts::base  {
             mode => 0600, owner => root, group => 0;
         '/var/lib/denyhosts':
             ensure => directory,
-            owner => root, group => 0, mode => 0700; 
+            before => Package[denyhosts],
+            owner => root, group => 0, mode => 0700;
         '/var/lib/denyhosts/allowed-hosts':
-            source => [ "puppet:///modules/site-denyhosts/${fqdn}/allowed-hosts", 
-                        "puppet:///modules/site-denyhosts/allowed-hosts",
-                        "puppet:///modules/denyhosts/allowed-hosts" ],
+            source => "puppet:///modules/denyhosts/allowed-hosts",
+            replace => false,
+            before => Package[denyhosts],
             notify => Service[denyhosts],
             mode => 0600, owner => root, group => 0;
     }
+
+    Denyhosts::Allowed_host <<||>>
 }