Révision a86c6409
Convert puppet_nft systemd drop-in unit file to template
| files/systemd/puppet_nft.Debian.conf | ||
|---|---|---|
| 1 |
# Puppet Deployed |
|
| 2 |
[Service] |
|
| 3 |
ExecStart= |
|
| 4 |
ExecStart=/sbin/nft -I /etc/nftables/puppet -f /etc/nftables.conf |
|
| 5 |
ExecReload= |
|
| 6 |
ExecReload=/sbin/nft -I /etc/nftables/puppet -f /etc/nftables.conf |
|
| 7 |
|
|
| files/systemd/puppet_nft.conf | ||
|---|---|---|
| 1 |
# Puppet Deployed |
|
| 2 |
[Service] |
|
| 3 |
ExecStart= |
|
| 4 |
ExecStart=/sbin/nft -I /etc/nftables/puppet -f /etc/sysconfig/nftables.conf |
|
| 5 |
ExecReload= |
|
| 6 |
ExecReload=/sbin/nft -I /etc/nftables/puppet -f /etc/sysconfig/nftables.conf |
|
| 7 |
|
|
| manifests/init.pp | ||
|---|---|---|
| 153 | 153 |
restart => '/usr/bin/systemctl reload nftables', |
| 154 | 154 |
} |
| 155 | 155 |
|
| 156 |
$puppet_nft_vars = {
|
|
| 157 |
'nftables_configuration_path' => $nftables_configuration_path, |
|
| 158 |
} |
|
| 156 | 159 |
systemd::dropin_file { 'puppet_nft.conf':
|
| 157 | 160 |
ensure => present, |
| 158 | 161 |
unit => 'nftables.service', |
| 159 |
content => file( |
|
| 160 |
"nftables/systemd/puppet_nft.${facts['os']['family']}.conf",
|
|
| 161 |
'nftables/systemd/puppet_nft.conf' |
|
| 162 |
), |
|
| 162 |
content => epp('nftables/systemd/puppet_nft.conf.epp', $puppet_nft_vars),
|
|
| 163 | 163 |
notify => Service['nftables'], |
| 164 | 164 |
} |
| 165 | 165 |
|
| templates/systemd/puppet_nft.conf.epp | ||
|---|---|---|
| 1 |
# Puppet Deployed |
|
| 2 |
[Service] |
|
| 3 |
ExecStart= |
|
| 4 |
ExecStart=/sbin/nft -I /etc/nftables/puppet -f <%= $nftables_configuration_path %> |
|
| 5 |
ExecReload= |
|
| 6 |
ExecReload=/sbin/nft -I /etc/nftables/puppet -f <%= $nftables_configuration_path %> |
|
| 7 |
|
|
Formats disponibles : Unified diff