/manifests/config.pp - Annoter - puppet nftables - Koumbit's Redmine

Télécharger au format

root / manifests / config.pp @ b46c9ce9

Historique | Voir | Annoter | Télécharger (1,3 ko)

1	0ba57c66	mh	# manage a config snippet
2	11bf7237	Steve Traylen	define nftables::config (
3	31b17627	Steve Traylen	Optional[String] $content = undef,
4			Optional[Variant[String,Array[String,1]]] $source = undef,
5	11bf7237	Steve Traylen	) {
6	e4c32222	Nacho Barrientos	$concat_name = "nftables-${name}"
7
8	11bf7237	Steve Traylen	Package['nftables'] -> concat {
9	e4c32222	Nacho Barrientos	$concat_name:
10	30462da1	Steve Traylen	path => "/etc/nftables/puppet-preflight/${name}.nft",
11	e4c32222	Nacho Barrientos	ensure_newline => true,
12			owner => root,
13			group => root,
14			mode => '0640',
15	11bf7237	Steve Traylen	} ~> Exec['nft validate'] -> file {
16	30462da1	Steve Traylen	"/etc/nftables/puppet/${name}.nft":
17	11bf7237	Steve Traylen	ensure => file,
18			source => "/etc/nftables/puppet-preflight/${name}.nft",
19			owner => root,
20			group => root,
21			mode => '0640',
22	0ba57c66	mh	} ~> Service['nftables']
23
24	e4c32222	Nacho Barrientos	$data = split($name, '-')
25
26			concat::fragment {
27			"${concat_name}-header":
28			target => $concat_name,
29			order => '00',
30			content => "table ${data[0]} ${data[1]} {",
31			}
32
33	0ba57c66	mh	if $source {
34	e4c32222	Nacho Barrientos	concat::fragment {
35			"${concat_name}-body":
36			target => $concat_name,
37			order => 98,
38			source => $source,
39	0ba57c66	mh	}
40			} else {
41	e4c32222	Nacho Barrientos	concat::fragment {
42			"${concat_name}-body":
43			target => $concat_name,
44			order => '98',
45			content => $content,
46	0ba57c66	mh	}
47			}
48	e4c32222	Nacho Barrientos
49			concat::fragment {
50			"${concat_name}-footer":
51			target => $concat_name,
52			order => '99',
53			content => '}',
54			}
55	0ba57c66	mh	}

Projet

Général

Profil

puppet nftables

root / manifests / config.pp @ b46c9ce9