From cdb82d7bde4861434cea81d7f5770164f5fff76c Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 7 Apr 2017 17:46:01 +0200 Subject: make zones also for ipv6 --- manifests/entry.pp | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) (limited to 'manifests/entry.pp') diff --git a/manifests/entry.pp b/manifests/entry.pp index c8fffc7..a7321f8 100644 --- a/manifests/entry.pp +++ b/manifests/entry.pp @@ -1,12 +1,25 @@ +# a core wrapper for all kinds of entries define shorewall::entry( - $ensure = present, + $ensure = present, + $shorewall = true, + $shorewall6 = false, $line ){ $parts = split($name,'-') - concat::fragment{$name: - ensure => $ensure, - content => "${line}\n", - order => $parts[1], - target => "/etc/shorewall/puppet/${parts[0]}", + if $shorewall { + concat::fragment{$name: + ensure => $ensure, + content => "${line}\n", + order => $parts[1], + target => "/etc/shorewall/puppet/${parts[0]}", + } + } + if $shorewall6 and $shorewall::with_shorewall6 { + concat::fragment{"shorewall6_${name}": + ensure => $ensure, + content => "${line}\n", + order => $parts[1], + target => "/etc/shorewall6/puppet/${parts[0]}", + } } } -- cgit v1.2.3 From 93ce8e5ec63440dd7ec5586785f24a7609ae48ca Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 5 Jul 2017 14:03:24 +0200 Subject: make ensure a noop for concat::framet, as from puppetlabs-concat 4.0.1 on this is removed and concat purges non-managed fragments --- manifests/entry.pp | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) (limited to 'manifests/entry.pp') diff --git a/manifests/entry.pp b/manifests/entry.pp index a7321f8..ccd3305 100644 --- a/manifests/entry.pp +++ b/manifests/entry.pp @@ -5,21 +5,23 @@ define shorewall::entry( $shorewall6 = false, $line ){ - $parts = split($name,'-') - if $shorewall { - concat::fragment{$name: - ensure => $ensure, - content => "${line}\n", - order => $parts[1], - target => "/etc/shorewall/puppet/${parts[0]}", + if $ensure == 'present' { + $parts = split($name,'-') + if $shorewall { + concat::fragment{$name: + ensure => $ensure, + content => "${line}\n", + order => $parts[1], + target => "/etc/shorewall/puppet/${parts[0]}", + } } - } - if $shorewall6 and $shorewall::with_shorewall6 { - concat::fragment{"shorewall6_${name}": - ensure => $ensure, - content => "${line}\n", - order => $parts[1], - target => "/etc/shorewall6/puppet/${parts[0]}", + if $shorewall6 and $shorewall::with_shorewall6 { + concat::fragment{"shorewall6_${name}": + ensure => $ensure, + content => "${line}\n", + order => $parts[1], + target => "/etc/shorewall6/puppet/${parts[0]}", + } } } } -- cgit v1.2.3 From 06f09ecfbfbdd4c59e31bbcabcc356d2b7a50e9d Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 5 Jul 2017 14:04:01 +0200 Subject: linting --- manifests/entry.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'manifests/entry.pp') diff --git a/manifests/entry.pp b/manifests/entry.pp index ccd3305..b8768b0 100644 --- a/manifests/entry.pp +++ b/manifests/entry.pp @@ -1,9 +1,9 @@ # a core wrapper for all kinds of entries define shorewall::entry( - $ensure = present, - $shorewall = true, - $shorewall6 = false, - $line + $line, + $ensure = present, + $shorewall = true, + $shorewall6 = false, ){ if $ensure == 'present' { $parts = split($name,'-') -- cgit v1.2.3 From aa9d865f8d9a841cc7d4bef70aa5481816a9649e Mon Sep 17 00:00:00 2001 From: mh Date: Thu, 6 Jul 2017 08:07:08 +0200 Subject: to make the previous commit work, we should also remove the ensure from fragment --- manifests/entry.pp | 2 -- 1 file changed, 2 deletions(-) (limited to 'manifests/entry.pp') diff --git a/manifests/entry.pp b/manifests/entry.pp index b8768b0..b6ce702 100644 --- a/manifests/entry.pp +++ b/manifests/entry.pp @@ -9,7 +9,6 @@ define shorewall::entry( $parts = split($name,'-') if $shorewall { concat::fragment{$name: - ensure => $ensure, content => "${line}\n", order => $parts[1], target => "/etc/shorewall/puppet/${parts[0]}", @@ -17,7 +16,6 @@ define shorewall::entry( } if $shorewall6 and $shorewall::with_shorewall6 { concat::fragment{"shorewall6_${name}": - ensure => $ensure, content => "${line}\n", order => $parts[1], target => "/etc/shorewall6/puppet/${parts[0]}", -- cgit v1.2.3