aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-12-31Updates debian default configdevelopSilvio Rhatto
2016-03-23Merge remote-tracking branch 'shared/master' into developHEADmasterSilvio Rhatto
Conflicts: manifests/tunnel.pp
2015-12-09Merge branch 'immerda_changes' into 'master' sharedMicah
Immerda changes See merge request !5
2015-12-05linting for future parsermh
2015-12-05check shorewall daily on problems to alert if a rule won't compilemh
2015-12-05lintingmh
2015-12-05make service restart more failsafemh
2015-12-05add razor rulesmh
2015-12-05make it possible to create resources from hieramh
2015-12-05update a few headersmh
2015-12-05DeprecatedSylvain Veyrié
2015-12-05Non string mode is now deprecatedSylvain Veyrié
2015-12-05fix the missing includemh
2015-12-05get rid off lsb factsmh
2015-12-05indentationmh
2015-12-05there might be people who don't have a stun servermh
2015-12-05lintingmh
2015-12-05a cleaner namingmh
2015-12-05add rule for stuno
2015-12-05add rule for openvpno
2015-12-05manage new and legacy ports of managesievemh
2015-12-05add rules for pyzormh
2015-12-05make it easier to override behaviour of the dns rulesmh
2015-12-05The augeas module is not needed, but the concat module isSylvain Veyrié
2015-12-05fix definemh
2015-12-05migrate ipsec rules to a define so we can specify multiple zonesmh
2015-12-05only manage the config_path if we do not manage the config filemh
2015-12-05use the centos class on centos based systemsmh
2015-12-05with the latest updates on EL6 this is neededmh
2015-11-28Merge branch 'master' into 'master' ng
Remove 'require augeas' (#4396) Because the puppet 'require' keyword actually instantiates a class, having 'require augeas' in base.pp means that you cannot instantiate the augeas class anywhere else in your manifests, for example with some optional parameters to the class. If you do, you will get a duplicate definition error. The README already says that the augeas module is required. It seems better that this is managed outside of the module, allowing for class parameter flexibility. See merge request !3
2015-10-09Merge branch 'feature/mangle-support-multiple-rules-with-same-action' into ↵Micah
'master' Feature/mangle support multiple rules with same action This allows one to support multiple networks in libvirt. See merge request !4
2015-07-16shorewall::rules::libvirt::host: adjust to changes in shorewall::mangle.intrigeri
That is, make the resource's title more unique by including the destination interface in it, and accordingly pass the desired action via the new, dedicated parameter.
2015-07-16shorewall::mangle: allow specifying the ACTION explicitly.intrigeri
Previously, it was using $name, which prevented adding multiple mangle rules that share a common ACTION, with different parameters.
2015-07-08fixed code indentation, added gitlab shared remotevarac
2015-07-08moved README to README.md so it hopefully renders as markdown in gitlab nowvarac
2015-05-19provide a class ordering hint for augeas setupMicah Anderson
2015-05-19Remove 'require augeas' (#4396)Micah Anderson
Because the puppet 'require' keyword actually instantiates a class, having 'require augeas' in base.pp means that you cannot instantiate the augeas class anywhere else in your manifests, for example with some optional parameters to the class. If you do, you will get a duplicate definition error. The README already says that the augeas module is required. It seems better that this is managed outside of the module, allowing for class parameter flexibility.
2015-05-08Make sure MUNINCOLLECTOR join() gets an array in munin ruleJerome Charaoui
2015-04-17Add GPLv3 licenseMicah Anderson
2015-03-02Merge branch 'bugfix/Fix_DHCP_for_libvirt' into 'master'Jerome Charaoui
Fix dhcp for libvirt This branch uses the mangle table support added by the feature/Add_support_for_mangle_table branch to fix the libvirt DHCP when broken by recent kernel. It fills the checksum of this kind of packets on the libvirt interface. This patch shouldn't break older setup, and is implemented so that it can be disabled. See merge request !2
2015-03-02Merge branch 'feature/Add_support_for_mangle_table' into 'master'Jerome Charaoui
Add support for mangle table. When using the kernel from Debian Wheezy-backports (3.16.0-0.bpo.4-amd64), we encoutered a bug where shorewall was breaking the libvirt DHCP if restarted after it. It seems that one has to add a rule in the POSTROUTING chain of the mangle table to --checksum-fill the DHCP packets for them to be properly catch by the VMs DHCP clients. So we had to add support of the mangle table to the shared puppet module to fix that. This patch does just that, and is meant to be used by the other branch I'll propose after. See merge request !1
2015-02-27Fix DHCP from $vmz.bertagaz
On newer kernel (tested on 3.16), the libvirt and shorewall iptables rules have conflicts that need to be fixed by enabling back --checksum-fill on $vmz, otherwise the VMs can't get a DHCP lease.
2015-02-27Add support for the mangle table.bertagaz
2013-06-14Merge remote-tracking branch 'intrigeri/feature/libvirt-host'Micah Anderson
2013-03-30Fix shorewall::rules::rsync source/destinationSilvio Rhatto
2013-03-23lintingmh
2013-03-23only manage the config_path if we do not manage the config filemh
2013-03-23linting the init.ppmh
2013-03-23use the centos class on centos based systemsmh
2013-03-23with the latest updates on EL6 this is neededmh