From 8dde08a3acbf2815e0cacdc4121f4f8fa2f6c0e5 Mon Sep 17 00:00:00 2001
From: Marcel Haerry <haerry@puzzle.ch>
Date: Thu, 4 Aug 2011 13:39:27 +0200
Subject: refactor things to use the concat module

---
 manifests/base.pp         | 26 ++++++++------------------
 manifests/blacklist.pp    |  2 +-
 manifests/entry.pp        | 15 +++++++--------
 manifests/host.pp         |  2 +-
 manifests/init.pp         |  9 ---------
 manifests/interface.pp    |  2 +-
 manifests/managed_file.pp | 28 +++++++++++++---------------
 manifests/masq.pp         |  2 +-
 manifests/nat.pp          |  2 +-
 manifests/params.pp       |  2 +-
 manifests/policy.pp       |  2 +-
 manifests/providers.pp    |  2 +-
 manifests/proxyarp.pp     |  2 +-
 manifests/rfc1918.pp      |  2 +-
 manifests/routestopped.pp |  2 +-
 manifests/rule.pp         |  8 ++++----
 manifests/rule_section.pp |  2 +-
 manifests/zone.pp         |  2 +-
 18 files changed, 45 insertions(+), 67 deletions(-)

(limited to 'manifests')

diff --git a/manifests/base.pp b/manifests/base.pp
index c5ad790..c9fa660 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -4,9 +4,10 @@ class shorewall::base {
     }
 
     # This file has to be managed in place, so shorewall can find it
-    file { "/etc/shorewall/shorewall.conf":
-      # use OS specific defaults, but use Default if no other is found
-      source => [
+    file {
+      '/etc/shorewall/shorewall.conf':
+        # use OS specific defaults, but use Default if no other is found
+        source => [
             "puppet:///modules/site-shorewall/${fqdn}/shorewall.conf.$operatingsystem",
             "puppet:///modules/site-shorewall/${fqdn}/shorewall.conf",
             "puppet:///modules/site-shorewall/shorewall.conf.$operatingsystem.$lsbdistcodename",
@@ -19,6 +20,10 @@ class shorewall::base {
         require => Package[shorewall],
         notify => Service[shorewall],
         owner => root, group => 0, mode => 0644;
+      '/etc/shorewall/puppet':
+        ensure => directory,
+        require => Package[shorewall],
+        owner => root, group => 0, mode => 0644;
     }
 
     service{shorewall:
@@ -26,21 +31,6 @@ class shorewall::base {
         enable  => true,
         hasstatus => true,
         hasrestart => true,
-        subscribe => [
-            File["/var/lib/puppet/modules/shorewall/zones"],
-            File["/var/lib/puppet/modules/shorewall/interfaces"],
-            File["/var/lib/puppet/modules/shorewall/hosts"],
-            File["/var/lib/puppet/modules/shorewall/policy"],
-            File["/var/lib/puppet/modules/shorewall/rules"],
-            File["/var/lib/puppet/modules/shorewall/masq"],
-            File["/var/lib/puppet/modules/shorewall/proxyarp"],
-            File["/var/lib/puppet/modules/shorewall/nat"],
-            File["/var/lib/puppet/modules/shorewall/blacklist"],
-            File["/var/lib/puppet/modules/shorewall/rfc1918"],
-            File["/var/lib/puppet/modules/shorewall/routestopped"],
-            File["/var/lib/puppet/modules/shorewall/params"],
-            File["/var/lib/puppet/modules/shorewall/providers"],
-        ],
         require => Package[shorewall],
     }
 }
diff --git a/manifests/blacklist.pp b/manifests/blacklist.pp
index 3700ace..afbe216 100644
--- a/manifests/blacklist.pp
+++ b/manifests/blacklist.pp
@@ -3,7 +3,7 @@ define shorewall::blacklist(
     $port = '-',
     $order='100'
 ){
-    shorewall::entry{"blacklist.d/${order}-${name}":
+    shorewall::entry{"blacklist-${order}-${name}":
         line => "${name} ${proto} ${port}",
     }           
 }
diff --git a/manifests/entry.pp b/manifests/entry.pp
index 4e639bc..c8fffc7 100644
--- a/manifests/entry.pp
+++ b/manifests/entry.pp
@@ -2,12 +2,11 @@ define shorewall::entry(
     $ensure = present,
     $line
 ){
-   $target = "/var/lib/puppet/modules/shorewall/${name}"
-   $dir = dirname($target)
-   file { $target:
-        ensure => $ensure,
-        content => "${line}\n",
-        mode => 0600, owner => root, group => 0,
-        notify => Exec["concat_${dir}"],
-    }
+  $parts = split($name,'-')
+  concat::fragment{$name:
+    ensure => $ensure,
+    content => "${line}\n",
+    order => $parts[1],
+    target => "/etc/shorewall/puppet/${parts[0]}",
+  }
 }
diff --git a/manifests/host.pp b/manifests/host.pp
index b431efe..f400223 100644
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -3,7 +3,7 @@ define shorewall::host(
     $options = 'tcpflags,blacklist,norfc1918',
     $order='100'
 ){
-    shorewall::entry{"hosts.d/${order}-${name}":
+    shorewall::entry{"hosts-${order}-${name}":
         line => "${zone} ${name} ${options}"
     }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index a5ed0af..2e68089 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,8 +1,5 @@
 class shorewall { 
 
-  include common::moduledir
-  module_dir { "shorewall": }
-
   case $operatingsystem {
     gentoo: { include shorewall::gentoo }
     debian: { include shorewall::debian }
@@ -19,12 +16,6 @@ class shorewall {
     }
   }
 
-  file {"/var/lib/puppet/modules/shorewall":
-    ensure => directory,
-    force => true,
-    owner => root, group => 0, mode => 0755; 
-  }
-
   # See http://www.shorewall.net/3.0/Documentation.htm#Zones
   shorewall::managed_file{ zones: }
   # See http://www.shorewall.net/3.0/Documentation.htm#Interfaces
diff --git a/manifests/interface.pp b/manifests/interface.pp
index 1cb5042..1716a7e 100644
--- a/manifests/interface.pp
+++ b/manifests/interface.pp
@@ -20,7 +20,7 @@ define shorewall::interface(
         }
     }
 
-    shorewall::entry { "interfaces.d/${order}-${name}":
+    shorewall::entry { "interfaces-${order}-${name}":
         line => "${zone} ${name} ${broadcast} ${options_real}",
     }
 }
diff --git a/manifests/managed_file.pp b/manifests/managed_file.pp
index 548d6f6..2f02c51 100644
--- a/manifests/managed_file.pp
+++ b/manifests/managed_file.pp
@@ -1,17 +1,15 @@
 define shorewall::managed_file () {
-    $dir = "/var/lib/puppet/modules/shorewall/${name}.d"
-    concatenated_file { "/var/lib/puppet/modules/shorewall/$name":
-        dir => $dir,
-        mode => 0600,
-    }       
-    file {
-        "${dir}/000-header":
-            source => "puppet:///modules/shorewall/boilerplate/${name}.header",
-            mode => 0600, owner => root, group => 0,
-            notify => Exec["concat_${dir}"];
-        "${dir}/999-footer":
-            source => "puppet:///modules/shorewall/boilerplate/${name}.footer",
-            mode => 0600, owner => root, group => 0,
-            notify => Exec["concat_${dir}"];
-    }       
+  concat{ "/etc/shorewall/puppet/$name":
+    notify => Service['shorewall'],
+    require => File['/etc/shorewall/puppet'],
+    owner => root, group => 0, mode => 0600;
+  }       
+  concat::fragment {
+    "${name}-header":
+      source => "puppet:///modules/shorewall/boilerplate/${name}.header",
+      order => '000';
+    "${name}-footer":
+      source => "puppet:///modules/shorewall/boilerplate/${name}.footer",
+      order => '999';
+  }       
 } 
diff --git a/manifests/masq.pp b/manifests/masq.pp
index a9c9840..fb097e5 100644
--- a/manifests/masq.pp
+++ b/manifests/masq.pp
@@ -10,7 +10,7 @@ define shorewall::masq(
     $mark = '',
     $order='100'
 ){
-    shorewall::entry{"masq.d/${order}-${name}":
+    shorewall::entry{"masq-${order}-${name}":
         line => "# ${name}\n${interface} ${source} ${address} ${proto} ${port} ${ipsec} ${mark}"
     }
 }
diff --git a/manifests/nat.pp b/manifests/nat.pp
index e69c1c0..e29b784 100644
--- a/manifests/nat.pp
+++ b/manifests/nat.pp
@@ -5,7 +5,7 @@ define shorewall::nat(
     $local = 'yes',
     $order='100'
 ){
-    shorewall::entry{"nat.d/${order}-${name}":
+    shorewall::entry{"nat-${order}-${name}":
         line => "${name} ${interface} ${internal} ${all} ${local}"
     }           
 }
diff --git a/manifests/params.pp b/manifests/params.pp
index 0a1ae11..3bc5663 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,5 +1,5 @@
 define shorewall::params($value, $order='100'){
-    shorewall::entry{"params.d/${order}-${name}":
+    shorewall::entry{"params-${order}-${name}":
         line => "${name}=${value}",
     }
 }
diff --git a/manifests/policy.pp b/manifests/policy.pp
index cdaab71..efee05b 100644
--- a/manifests/policy.pp
+++ b/manifests/policy.pp
@@ -5,7 +5,7 @@ define shorewall::policy(
     $limitburst = '-',
     $order
 ){
-    shorewall::entry{"policy.d/${order}-${name}":
+    shorewall::entry{"policy-${order}-${name}":
         line => "# ${name}\n${sourcezone} ${destinationzone} ${policy} ${shloglevel} ${limitburst}",
     }
 }
diff --git a/manifests/providers.pp b/manifests/providers.pp
index 860363e..a02a494 100644
--- a/manifests/providers.pp
+++ b/manifests/providers.pp
@@ -9,7 +9,7 @@ define shorewall::providers(
     $copy = '',
     $order='100'
 ){
-    shorewall::entry{"providers.d/${order}-${name}":
+    shorewall::entry{"providers-${order}-${name}":
         line => "# ${name}\n${provider} ${number} ${mark} ${duplicate} ${interface} ${gateway} ${options} ${copy}"
     }
 }
diff --git a/manifests/proxyarp.pp b/manifests/proxyarp.pp
index 75c853b..1af554f 100644
--- a/manifests/proxyarp.pp
+++ b/manifests/proxyarp.pp
@@ -5,7 +5,7 @@ define shorewall::proxyarp(
     $persistent = no,
     $order='100'
     ){
-    shorewall::entry{"proxyarp.d/${order}-${name}":
+    shorewall::entry{"proxyarp-${order}-${name}":
         line => "# ${name}\n${name} ${interface} ${external} ${haveroute} ${persistent}"
     }
 }
diff --git a/manifests/rfc1918.pp b/manifests/rfc1918.pp
index 6c2719c..31dce5d 100644
--- a/manifests/rfc1918.pp
+++ b/manifests/rfc1918.pp
@@ -2,7 +2,7 @@ define shorewall::rfc1918(
     $action = 'logdrop',
     $order='100'
 ){
-    shorewall::entry{"rfc1918.d/${order}-${name}":
+    shorewall::entry{"rfc1918-${order}-${name}":
         line => "${name} ${action}"
     }   
 }
diff --git a/manifests/routestopped.pp b/manifests/routestopped.pp
index dab539c..0b53a1b 100644
--- a/manifests/routestopped.pp
+++ b/manifests/routestopped.pp
@@ -8,7 +8,7 @@ define shorewall::routestopped(
         '' => $name,
         default => $interface,
     }   
-    shorewall::entry{"routestopped.d/${order}-${name}":
+    shorewall::entry{"routestopped-${order}-${name}":
         line => "${real_interface} ${host} ${options}",
     }           
 }
diff --git a/manifests/rule.pp b/manifests/rule.pp
index 8394970..2fe91e2 100644
--- a/manifests/rule.pp
+++ b/manifests/rule.pp
@@ -13,8 +13,8 @@ define shorewall::rule(
     $mark = '',
     $order
 ){
-    shorewall::entry{"rules.d/${order}-${name}":
-        ensure => $ensure,
-        line => "# ${name}\n${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${originaldest} ${ratelimit} ${user} ${mark}",
-    }
+  shorewall::entry{"rules-${order}-${name}":
+    ensure => $ensure,
+    line => "# ${name}\n${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${originaldest} ${ratelimit} ${user} ${mark}",
+  }
 }
diff --git a/manifests/rule_section.pp b/manifests/rule_section.pp
index a885eae..82984ca 100644
--- a/manifests/rule_section.pp
+++ b/manifests/rule_section.pp
@@ -1,7 +1,7 @@
 define shorewall::rule_section(
     $order
 ){
-    shorewall::entry{"rules.d/${order}-${name}":
+    shorewall::entry{"rules-${order}-${name}":
         line => "SECTION ${name}",
     }       
 }
diff --git a/manifests/zone.pp b/manifests/zone.pp
index fa83b0b..81e5771 100644
--- a/manifests/zone.pp
+++ b/manifests/zone.pp
@@ -7,7 +7,7 @@ define shorewall::zone(
     $order = 100
 ){
     $real_name = $parent ? { '-' => $name, default => "${name}:${parent}" }
-    shorewall::entry { "zones.d/${order}-${name}":
+    shorewall::entry { "zones-${order}-${name}":
         line => "${real_name} ${type} ${options} ${in} ${out}"
     }
 }
-- 
cgit v1.2.3