summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-05add rule for openvpno
2015-12-05manage new and legacy ports of managesievemh
2015-12-05add rules for pyzormh
2015-12-05make it easier to override behaviour of the dns rulesmh
2015-12-05The augeas module is not needed, but the concat module isSylvain Veyrié
2015-12-05fix definemh
2015-12-05migrate ipsec rules to a define so we can specify multiple zonesmh
2015-12-05only manage the config_path if we do not manage the config filemh
2015-12-05use the centos class on centos based systemsmh
2015-12-05with the latest updates on EL6 this is neededmh
2015-11-28Merge branch 'master' into 'master' ng
Remove 'require augeas' (#4396) Because the puppet 'require' keyword actually instantiates a class, having 'require augeas' in base.pp means that you cannot instantiate the augeas class anywhere else in your manifests, for example with some optional parameters to the class. If you do, you will get a duplicate definition error. The README already says that the augeas module is required. It seems better that this is managed outside of the module, allowing for class parameter flexibility. See merge request !3
2015-10-09Merge branch 'feature/mangle-support-multiple-rules-with-same-action' into ↵Micah
'master' Feature/mangle support multiple rules with same action This allows one to support multiple networks in libvirt. See merge request !4
2015-07-16shorewall::rules::libvirt::host: adjust to changes in shorewall::mangle.intrigeri
That is, make the resource's title more unique by including the destination interface in it, and accordingly pass the desired action via the new, dedicated parameter.
2015-07-16shorewall::mangle: allow specifying the ACTION explicitly.intrigeri
Previously, it was using $name, which prevented adding multiple mangle rules that share a common ACTION, with different parameters.
2015-07-08fixed code indentation, added gitlab shared remotevarac
2015-07-08moved README to README.md so it hopefully renders as markdown in gitlab nowvarac
2015-05-19provide a class ordering hint for augeas setupMicah Anderson
2015-05-19Remove 'require augeas' (#4396)Micah Anderson
Because the puppet 'require' keyword actually instantiates a class, having 'require augeas' in base.pp means that you cannot instantiate the augeas class anywhere else in your manifests, for example with some optional parameters to the class. If you do, you will get a duplicate definition error. The README already says that the augeas module is required. It seems better that this is managed outside of the module, allowing for class parameter flexibility.
2015-05-08Make sure MUNINCOLLECTOR join() gets an array in munin ruleJerome Charaoui
2015-04-17Merge pull request #9 from chihoko/masterduritong
Tunnel file incorrectly named
2015-04-17Add GPLv3 licenseMicah Anderson
2015-04-17Change tunnel managed fileNick
2015-04-17Fix tunnels filenameNick
2015-03-02Merge branch 'bugfix/Fix_DHCP_for_libvirt' into 'master'Jerome Charaoui
Fix dhcp for libvirt This branch uses the mangle table support added by the feature/Add_support_for_mangle_table branch to fix the libvirt DHCP when broken by recent kernel. It fills the checksum of this kind of packets on the libvirt interface. This patch shouldn't break older setup, and is implemented so that it can be disabled. See merge request !2
2015-03-02Merge branch 'feature/Add_support_for_mangle_table' into 'master'Jerome Charaoui
Add support for mangle table. When using the kernel from Debian Wheezy-backports (3.16.0-0.bpo.4-amd64), we encoutered a bug where shorewall was breaking the libvirt DHCP if restarted after it. It seems that one has to add a rule in the POSTROUTING chain of the mangle table to --checksum-fill the DHCP packets for them to be properly catch by the VMs DHCP clients. So we had to add support of the mangle table to the shared puppet module to fix that. This patch does just that, and is meant to be used by the other branch I'll propose after. See merge request !1
2015-02-27Fix DHCP from $vmz.bertagaz
On newer kernel (tested on 3.16), the libvirt and shorewall iptables rules have conflicts that need to be fixed by enabling back --checksum-fill on $vmz, otherwise the VMs can't get a DHCP lease.
2015-02-27Add support for the mangle table.bertagaz
2015-02-10Merge remote-tracking branch 'github/master'mh
Conflicts: manifests/base.pp
2015-02-09we also support later versionsduritong
2014-10-17make it possible to create resources from hieramh
2014-10-17update a few headersmh
2014-09-19Merge pull request #6 from key-consulting/masterduritong
Several compatibility changes for recent and upcoming Puppet versions
2014-09-16DeprecatedSylvain Veyrié
2014-09-16Non string mode is now deprecatedSylvain Veyrié
2014-08-24lintingmh
2014-07-11fix the missing includemh
2014-07-09get rid off lsb factsmh
2014-06-13indentationmh
2014-06-13there might be people who don't have a stun servermh
2014-06-13lintingmh
2014-06-13a cleaner namingmh
2014-06-11add rule for stuno
2014-03-18* Fix typoLebedev Vadim
2014-03-18* Add exampleLebedev Vadim
2014-03-17* Add shorewall-blrules supportLebedev Vadim
2013-12-28reduce dependency on lsb modules, rather use the builtin factsmh
2013-12-19add rule for openvpno
2013-09-28manage new and legacy ports of managesievemh
2013-09-22add rules for pyzormh
2013-08-25make it easier to override behaviour of the dns rulesmh