diff options
| author | mh <mh@immerda.ch> | 2016-06-26 13:39:04 +0200 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2016-06-26 13:39:27 +0200 |
| commit | 4a0cfbb26e072d12bcb14a31ef8b6f69e190d42e (patch) | |
| tree | 89ec6a3c92b6e31691e33f677a49e111f238a138 /manifests | |
| parent | 543ae812999f35008a835db19b22874d5f6e923c (diff) | |
modernize so we don't need to deploy a full config file anymore
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/base.pp | 22 | ||||
| -rw-r--r-- | manifests/config_setting.pp | 18 | ||||
| -rw-r--r-- | manifests/config_settings.pp | 10 | ||||
| -rw-r--r-- | manifests/init.pp | 4 |
4 files changed, 46 insertions, 8 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 0cf3dc6..cf8811b 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -27,14 +27,20 @@ class shorewall::base { } } else { - Class['augeas'] -> Class['shorewall::base'] - - augeas { 'shorewall_module_config_path': - changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'', - lens => 'Shellvars.lns', - incl => '/etc/shorewall/shorewall.conf', - notify => Exec['shorewall_check'], - require => Package['shorewall']; + if str2bool($shorewall::startup) { + $startup_str = 'Yes' + } else { + $startup_str = 'No' + } + shorewall::config_setting{ + 'CONFIG_PATH': + value => "\"\${CONFDIR}/shorewall/puppet:\${CONFDIR}/shorewall:\${SHAREDIR}/shorewall\""; + 'STARTUP_ENABLED': + value => $startup_str; + } + shorewall::config_settings{ + keys($shorewall::settings): + settings => $shorewall::settings; } } diff --git a/manifests/config_setting.pp b/manifests/config_setting.pp new file mode 100644 index 0000000..5eecf42 --- /dev/null +++ b/manifests/config_setting.pp @@ -0,0 +1,18 @@ +# set a particular config option +# +# e.g. +# shorewall::config_setting{ +# 'CONFIG_PATH': +# value => '"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"' +# } +define shorewall::config_setting( + $value, +){ + augeas { "shorewall_module_${name}": + changes => "set /files/etc/shorewall/shorewall.conf/${name} ${value}", + lens => 'Shellvars.lns', + incl => '/etc/shorewall/shorewall.conf', + notify => Exec['shorewall_check'], + require => Package['shorewall']; + } +} diff --git a/manifests/config_settings.pp b/manifests/config_settings.pp new file mode 100644 index 0000000..69eb380 --- /dev/null +++ b/manifests/config_settings.pp @@ -0,0 +1,10 @@ +# a nice wrapper to make hiera config +# a bit easier +define shorewall::config_settings( + $settings, +){ + shorewall::config_setting{ + $name: + value => $settings[$name], + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 84ba76a..ede0be2 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -2,6 +2,10 @@ class shorewall( $startup = true, $conf_source = false, + $settings = { + 'LOG_MARTIANS' => 'No', + 'DISABLE_IPV6' => 'Yes', + }, $ensure_version = 'present', $tor_transparent_proxy_host = '127.0.0.1', $tor_transparent_proxy_port = '9040', |