Projet

Général

Profil

Révision 0c9bc308

ID0c9bc3084e3f6ee8dbbd9e2c8d3564fb150ee61d
Parent d8b8b3f4
Enfant c3145917

Ajouté par hashworks il y a environ 3 ans

Add support for Arch Linux

Arch Linux stores the configuration in a different path and does not
provide firewalld without explicit installation.

This basically the same as #66 – I've reused their code since it hasn't
been merged in a while.

Voir les différences:

spec/classes/nftables_spec.rb
14 14 
      it { is_expected.to contain_package('nftables') }
15 15 

  		




  16
  16
  
    
      it {


  		




  
  17
  
    
        is_expected.to contain_file('/etc/nftables').with(


  		




  
  18
  
    
          ensure: 'directory',


  		




  
  19
  
    
          owner: 'root',


  		




  
  20
  
    
          group: 'root',


  		




  
  21
  
    
          mode: '0750'


  		




  
  22
  
    
        )


  		




  
  23
  
    
      }


  		




  
  24
  
    

  		




  
  25
  
    
      it {


  		




  17
  26
  
    
        expect(subject).to contain_file('/etc/nftables/puppet.nft').with(


  		




  18
  27
  
    
          ensure: 'file',


  		




  19
  28
  
    
          owner: 'root',


  		




  ......




  73
  82
  
    
        )


  		




  74
  83
  
    
      }


  		




  75
  84
  
    

  		




  76
  
  
    
      it {


  		




  77
  
  
    
        expect(subject).to contain_systemd__dropin_file('puppet_nft.conf').with(


  		




  78
  
  
    
          content: %r{^ExecReload=/sbin/nft -I /etc/nftables/puppet -f /etc/sysconfig/nftables.conf$}


  		




  79
  
  
    
        )


  		




  80
  
  
    
      }


  		




  
  85
  
    
      if os_facts[:os]['family'] == 'Archlinux'


  		




  
  86
  
    
        it {


  		




  
  87
  
    
          expect(subject).to contain_systemd__dropin_file('puppet_nft.conf').with(


  		




  
  88
  
    
            content: %r{^ExecReload=/sbin/nft -I /etc/nftables/puppet -f /etc/nftables.conf$}


  		




  
  89
  
    
          )


  		




  
  90
  
    
        }


  		




  81
  91
  
    

  		




  82
  
  
    
      it {


  		




  83
  
  
    
        expect(subject).to contain_service('firewalld').with(


  		




  84
  
  
    
          ensure: 'stopped',


  		




  85
  
  
    
          enable: 'mask'


  		




  86
  
  
    
        )


  		




  87
  
  
    
      }


  		




  
  92
  
    
        it {


  		




  
  93
  
    
          expect(subject).to contain_service('firewalld').with(


  		




  
  94
  
    
            ensure: 'stopped',


  		




  
  95
  
    
            enable: false


  		




  
  96
  
    
          )


  		




  
  97
  
    
        }


  		




  
  98
  
    
      else


  		




  
  99
  
    
        it {


  		




  
  100
  
    
          expect(subject).to contain_systemd__dropin_file('puppet_nft.conf').with(


  		




  
  101
  
    
            content: %r{^ExecReload=/sbin/nft -I /etc/nftables/puppet -f /etc/sysconfig/nftables.conf$}


  		




  
  102
  
    
          )


  		




  
  103
  
    
        }


  		




  
  104
  
    

  		




  
  105
  
    
        it {


  		




  
  106
  
    
          expect(subject).to contain_service('firewalld').with(


  		




  
  107
  
    
            ensure: 'stopped',


  		




  
  108
  
    
            enable: 'mask'


  		




  
  109
  
    
          )


  		




  
  110
  
    
        }


  		




  
  111
  
    
      end


  		




  88
  112
  
    

  		




  89
  113
  
    
      it { is_expected.to contain_class('nftables::inet_filter') }


  		




  90
  114
  
    
      it { is_expected.to contain_class('nftables::ip_nat') }


  		












Formats disponibles :  Unified diff