diff options
author | mh <mh@immerda.ch> | 2015-11-20 22:43:06 +0100 |
---|---|---|
committer | mh <mh@immerda.ch> | 2015-12-05 11:36:31 +0100 |
commit | 220d7af45dc4b1c334e2d3f50f2bc8ab54139093 (patch) | |
tree | 40dbd969522c93e4c1f55f0f1e7b3a6bc0f5b4fa | |
parent | 353492eaa1c9047547b17161df4aa58ea3bf0a87 (diff) | |
download | puppet-shorewall-220d7af45dc4b1c334e2d3f50f2bc8ab54139093.tar.gz puppet-shorewall-220d7af45dc4b1c334e2d3f50f2bc8ab54139093.tar.bz2 |
make service restart more failsafe
-rw-r--r-- | manifests/base.pp | 13 | ||||
-rw-r--r-- | manifests/centos.pp | 2 | ||||
-rw-r--r-- | manifests/debian.pp | 4 | ||||
-rw-r--r-- | manifests/extension_script.pp | 2 | ||||
-rw-r--r-- | manifests/managed_file.pp | 13 |
5 files changed, 21 insertions, 13 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index b5899fc..db6852a 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -8,14 +8,14 @@ class shorewall::base { # This file has to be managed in place, so shorewall can find it file { '/etc/shorewall/shorewall.conf': - require => Package[shorewall], - notify => Service[shorewall], + require => Package['shorewall'], + notify => Exec['shorewall_check'], owner => 'root', group => 'root', mode => '0644'; '/etc/shorewall/puppet': ensure => directory, - require => Package[shorewall], + require => Package['shorewall'], owner => 'root', group => 'root', mode => '0644'; @@ -33,11 +33,16 @@ class shorewall::base { changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'', lens => 'Shellvars.lns', incl => '/etc/shorewall/shorewall.conf', - notify => Service['shorewall'], + notify => Exec['shorewall_check'], require => Package['shorewall']; } } + exec{'shorewall_check': + command => 'shorewall check', + refreshonly => true, + notify => Service['shorewall'], + } service{'shorewall': ensure => running, enable => true, diff --git a/manifests/centos.pp b/manifests/centos.pp index 95b7759..1f8b37d 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -7,7 +7,7 @@ class shorewall::centos inherits shorewall::base { lens => 'Shellvars.lns', incl => '/etc/sysconfig/shorewall', require => Package['shorewall'], - notify => Service['shorewall'], + notify => Exec['shorewall_check'], } } } diff --git a/manifests/debian.pp b/manifests/debian.pp index 01d108f..326b42b 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -2,8 +2,8 @@ class shorewall::debian inherits shorewall::base { file{'/etc/default/shorewall': content => template("shorewall/debian_default.erb"), require => Package['shorewall'], - notify => Service['shorewall'], - owner => 'root', group => 'root', mode => '0644'; + notify => Exec['shorewall_check'], + owner => 'root', group => 'root', mode => '0644'; } Service['shorewall']{ status => '/sbin/shorewall status' diff --git a/manifests/extension_script.pp b/manifests/extension_script.pp index 569fcbf..4abc6b1 100644 --- a/manifests/extension_script.pp +++ b/manifests/extension_script.pp @@ -4,7 +4,7 @@ define shorewall::extension_script($script = '') { 'init', 'initdone', 'start', 'started', 'stop', 'stopped', 'clear', 'refresh', 'continue', 'maclog': { file { "/etc/shorewall/puppet/${name}": content => "${script}\n", - notify => Service[shorewall]; + notify => Exec['shorewall_check']; } } '', default: { diff --git a/manifests/managed_file.pp b/manifests/managed_file.pp index 7061721..b353814 100644 --- a/manifests/managed_file.pp +++ b/manifests/managed_file.pp @@ -1,17 +1,20 @@ -define shorewall::managed_file () { +# manage a certain file +define shorewall::managed_file() { concat{ "/etc/shorewall/puppet/${name}": - notify => Service['shorewall'], + notify => Exec['shorewall_check'], require => File['/etc/shorewall/puppet'], - owner => 'root', group => 'root', mode => '0600'; + owner => 'root', + group => 'root', + mode => '0600'; } concat::fragment { "${name}-header": source => "puppet:///modules/shorewall/boilerplate/${name}.header", target => "/etc/shorewall/puppet/${name}", - order => '000'; + order => '000'; "${name}-footer": source => "puppet:///modules/shorewall/boilerplate/${name}.footer", target => "/etc/shorewall/puppet/${name}", - order => '999'; + order => '999'; } } |