Enable parameter_documentation lint
The linter checks that every parameter has been documented.
While corrections have been made to great many classes some morecomplicated examples have been left for now. Should be updatedas the files get touched.
https://github.com/domcleal/puppet-lint-param-docs
Merge pull request #53 from cernops/allrules_check
Check that all the predefined rules are declared in the all rules acceptance test
Use a separate job file
Check that all rules are declared in the all rules acceptance test
Merge pull request #59 from cernops/issue58
Align simplerule and rule rulename requirements
Pull up rule regexp to type aliases
[blacksmith] Bump version to 1.0.1-rc0
Release 1.0.0 (#49)
Co-authored-by: duritong <peter.meier+github@immerda.ch>
Merge pull request #56 from traylenator/ports
Use Stdlib::Port everywhere in place of Integer
Use Stdlib::Port in place of Integer for ports
Fixes #37
Merge pull request #55 from traylenator/moredocs
Docs for nftables::set
Update manifests/set.pp
Merge pull request #42 from duritong/terminology
switch not the server naming
switch naming to puppetserver
Merge pull request #47 from cernops/issue45
Prefix custom tables with custom- so they're loaded
Merge pull request #48 from cernops/config_template
Several fixes for nftables::config
Merge pull request #50 from traylenator/moretests
Correct nfs3 invalid udp /tcp matching rule and more tests
Correct NFS udp and tcp port matching
There was a missing `th` from rule which from the examples in the manpage is meant to be there.
Cannot find the docs for what `th` does.
test that all classes can be included
test that bad configuration leaves service running
Merge pull request #52 from cernops/simplerule_reference
Remove a blank separating the doc string and the code
Otherwise the generator of the docs does not do the job :/
Merge pull request #51 from bastelfreak/puppet7
Enable Puppet 7 support
Merge pull request #33 from cernops/simplerule
Add nftables::simplerule
Validate table spec
Fix context name (removes dup)
Implement intended failure
Auto fill simple table configuration
Refresh REFERENCE
Relax type validation in template
It comes already validated from the calling class.
Align template parameters
Encapsulate addr-related exprs in Nftables::Addr
Encapsulate port-related exprs in Nftables::Port
Sort template parameters alphabetically
Implement nftables::simplerule::saddr
Mention nftables::simplerule in the README
Allow some other types of verdicts
Document nftables::simplerule's parameters
Recommend using nftables::rule
Implement nftables::simplerule::sport
Remove double spacing
Handle dport internally always as an array
Lint fixes
Remove optional modifier on $table
It does not really make sense to pass undef to nftables::rule
Correct error message
Re-document and add example
Implement nftables:;simplerule::counter
Implement nftables:;simplerule::daddr
Test passing a port without protocol
Allow IPv4 and IPv6 only rules
Richer dport
s/setname/rulename
Merge pull request #34 from traylenator/dedupe_flush
Remove duplicate flush on reload
Merge pull request #44 from traylenator/formatting
Correct layout of ignore table example
Correct layout of ignore chain example
When nftables was reloaded a flush was being done both in the systemdreload call and in the nft script itself.
Merge pull request #41 from traylenator/rubocop
rubocop corrections
Merge pull request #43 from cernops/doc_typos
Fix typos and formatting in the README
Add a hint about changing default output configuration
Fix typo in class name
Add a separation between the header and the content
Add remark about the global chain
Fix grammatical error
Add full stop
rubocop:auto_correct fixes
Enable rubocop check
Will submit centrally if all well.
Disable Disable TrailingCommaInArguments early
Can be reverted oncehttps://github.com/voxpupuli/voxpupuli-test/pull/36is released
Comment why firewalld_enable parameter is required (#40)
Add basic configuration validation acceptance test (#38)
It is not possible to start the nftables service within docker sothe service is altered to only validate the serviceconfiguration resulting from concat constructed files and nft inclusions.
Merge pull request #36 from traylenator/modulesync
modulesync 4.0.0 and general alignment to voxpupuli.
Correct author, add tags and issues to metadata
Correctly remove puppet4 support
Use single line for each parameter definition
Mock with mocha
Adapt metadata to voxpupuli name space
lint_fix results
modulesync 4.0.0
Drop duritong .sync.yml
Merge pull request #29 from keachi/fwd_conntrack
Enable conntrack in FORWARD
Merge pull request #32 from dvanders/ceph_nfs
Add Ceph and NFS rules
Test NFS rules
Signed-off-by: Dan van der Ster <daniel.vanderster@cern.ch>
Test ceph rules
Merge pull request #31 from traylenator/selective
New parameter noflush_tables to selectivly skip flush
Add NFS-related rules
Add ceph related rules
Introduces a new structured fact nftables
```yamlnftables: tables: - inet-filter - ip-nat - ip6-nat - inet-f2b-table```
By default the nft script will continue to contain `nft flush ruleset`...
Merge pull request #30 from traylenator/slc
Scientific Linux 8 will never exist
As per
https://listserv.fnal.gov/scripts/wa.exe?A2=ind1904&L=SCIENTIFIC-LINUX-ANNOUNCE&P=78
Merge pull request #28 from traylenator/simplify
Do not test nftables::rules repeatadly
Merge pull request #22 from cernops/log_limit
Set a customisable rate limit to the logging rules
Merge pull request #26 from cernops/hiera_sets
Allow sourcing sets from Hiera
Merge pull request #27 from traylenator/reference
Rather than testing the contents of nftable::rules just testthat nftables::rules instance is correct.
The existing test for the define nftables::rules is enough.
Motivation here is to make changes to nftables::rules easier to handle...
