From 69012beea29fe140a58beefdd00fe060d4237d1e Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 24 Nov 2010 22:45:41 +0100 Subject: introduce a way to manage allowed hosts --- manifests/allowed_host.pp | 13 +++++++++++++ manifests/base.pp | 15 +++++++++------ 2 files changed, 22 insertions(+), 6 deletions(-) create mode 100644 manifests/allowed_host.pp diff --git a/manifests/allowed_host.pp b/manifests/allowed_host.pp new file mode 100644 index 0000000..1c29fbb --- /dev/null +++ b/manifests/allowed_host.pp @@ -0,0 +1,13 @@ +define denyhosts::allowed_host( + $ipaddress = $ip, + $ensure = 'present' +){ + include ::denyhosts + line{"denyhosts_allowed_host_${name}": + file => '/var/lib/denyhosts/allowed-hosts', + line => $ip, + ensure => $ensure, + require => File['/var/lib/denyhosts/allowed-hosts'], + notify => Service['denyhosts'], + } +} diff --git a/manifests/base.pp b/manifests/base.pp index 22dcf6f..af74656 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -8,8 +8,8 @@ class denyhosts::base { service { denyhosts: enable => true, ensure => running, - require => [ Package[denyhosts], - File["/etc/denyhosts.conf"], + require => [ Package[denyhosts], + File["/etc/denyhosts.conf"], File["/var/lib/denyhosts/allowed-hosts"] ], } @@ -23,12 +23,15 @@ class denyhosts::base { mode => 0600, owner => root, group => 0; '/var/lib/denyhosts': ensure => directory, - owner => root, group => 0, mode => 0700; + before => Package[denyhosts], + owner => root, group => 0, mode => 0700; '/var/lib/denyhosts/allowed-hosts': - source => [ "puppet:///modules/site-denyhosts/${fqdn}/allowed-hosts", - "puppet:///modules/site-denyhosts/allowed-hosts", - "puppet:///modules/denyhosts/allowed-hosts" ], + source => "puppet:///modules/denyhosts/allowed-hosts", + replace => false, + before => Package[denyhosts], notify => Service[denyhosts], mode => 0600, owner => root, group => 0; } + + Denyhosts::Allowed_host <<||>> } -- cgit v1.2.3