summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>2008-02-17 17:34:18 +0000
committermh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>2008-02-17 17:34:18 +0000
commit8c16d3cf95e74977287dbb2b5f28b308aa320451 (patch)
tree78231e7a4761cb13fdbf9f9d1ae42878246235f1
parentd5e8304276808d5c89b337b66765133079eba952 (diff)
downloadpuppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.gz
puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.bz2
moved some for better overview
git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@817 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
-rw-r--r--files/shorewall.conf.Default (renamed from files/shorewall.conf.Gentoo.)0
-rw-r--r--manifests/init.pp36
2 files changed, 27 insertions, 9 deletions
diff --git a/files/shorewall.conf.Gentoo. b/files/shorewall.conf.Default
index 411d7dd..411d7dd 100644
--- a/files/shorewall.conf.Gentoo.
+++ b/files/shorewall.conf.Default
diff --git a/manifests/init.pp b/manifests/init.pp
index a766b23..0ec363b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -29,13 +29,29 @@ class shorewall {
}
- service { shorewall: ensure => running, enable => true, }
+ service { shorewall:
+ ensure => running,
+ enable => true,
+ subscribe => [
+ Exec[concat_zones],
+ Exec[concat_interfaces],
+ Exec[concat_hosts],
+ Exec[concat_policy],
+ Exec[concat_rules],
+ Exec[concat_masq],
+ Exec[concat_proxyarp],
+ Exec[concat_nat],
+ Exec[concat_blacklist],
+ Exec[concat_rfc1918],
+ Exec[concat_routestopped],
+ ],
+ }
file {
"/var/lib/puppet/modules/shorewall":
ensure => directory,
force => true,
- mode => 0755, owner => root, group => root;
+ mode => 0755, owner => root, group => 0;
}
# private
@@ -46,7 +62,7 @@ class shorewall {
"${dir}":
ensure => directory,
force => true,
- mode => 0755, owner => root, group => root;
+ mode => 0755, owner => root, group => 0;
}
@@ -57,11 +73,11 @@ class shorewall {
file {
"${dir}/000-header":
source => "puppet://$servername/shorewall/boilerplate/${name}.header",
- mode => 0600, owner => root, group => root,
+ mode => 0600, owner => root, group => 0,
notify => Exec["concat_${dir}"];
"${dir}/999-footer":
source => "puppet://$servername/shorewall/boilerplate/${name}.footer",
- mode => 0600, owner => root, group => root,
+ mode => 0600, owner => root, group => 0,
notify => Exec["concat_${dir}"];
}
}
@@ -72,19 +88,21 @@ class shorewall {
$dir = dirname($target)
file { $target:
content => "${line}\n",
- mode => 0600, owner => root, group => root,
+ mode => 0600, owner => root, group => 0,
notify => Exec["concat_${dir}"],
}
}
# This file has to be managed in place, so shorewall can find it
file { "/etc/shorewall/shorewall.conf":
- # use OS specific defaults, but use gentoo if no other is found
+ # use OS specific defaults, but use Default if no other is found
source => [
"puppet://$servername/shorewall/shorewall.conf.$operatingsystem.$lsbdistcodename",
"puppet://$servername/shorewall/shorewall.conf.$operatingsystem",
- "puppet://$servername/shorewall/shorewall.conf.Gentoo." ],
- mode => 0644, owner => root, group => root,
+ "puppet://$servername/shorewall/shorewall.conf.Default",
+ ],
+ mode => 0644, owner => root, group => 0,
+ notify => Service[shorewall],
}
# See http://www.shorewall.net/3.0/Documentation.htm#Zones