Commit 220d7af4 authored by mh's avatar mh

make service restart more failsafe

parent 353492ea
......@@ -8,14 +8,14 @@ class shorewall::base {
# This file has to be managed in place, so shorewall can find it
file {
'/etc/shorewall/shorewall.conf':
require => Package[shorewall],
notify => Service[shorewall],
require => Package['shorewall'],
notify => Exec['shorewall_check'],
owner => 'root',
group => 'root',
mode => '0644';
'/etc/shorewall/puppet':
ensure => directory,
require => Package[shorewall],
require => Package['shorewall'],
owner => 'root',
group => 'root',
mode => '0644';
......@@ -33,11 +33,16 @@ class shorewall::base {
changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'',
lens => 'Shellvars.lns',
incl => '/etc/shorewall/shorewall.conf',
notify => Service['shorewall'],
notify => Exec['shorewall_check'],
require => Package['shorewall'];
}
}
exec{'shorewall_check':
command => 'shorewall check',
refreshonly => true,
notify => Service['shorewall'],
}
service{'shorewall':
ensure => running,
enable => true,
......
......@@ -7,7 +7,7 @@ class shorewall::centos inherits shorewall::base {
lens => 'Shellvars.lns',
incl => '/etc/sysconfig/shorewall',
require => Package['shorewall'],
notify => Service['shorewall'],
notify => Exec['shorewall_check'],
}
}
}
......@@ -2,8 +2,8 @@ class shorewall::debian inherits shorewall::base {
file{'/etc/default/shorewall':
content => template("shorewall/debian_default.erb"),
require => Package['shorewall'],
notify => Service['shorewall'],
owner => 'root', group => 'root', mode => '0644';
notify => Exec['shorewall_check'],
owner => 'root', group => 'root', mode => '0644';
}
Service['shorewall']{
status => '/sbin/shorewall status'
......
......@@ -4,7 +4,7 @@ define shorewall::extension_script($script = '') {
'init', 'initdone', 'start', 'started', 'stop', 'stopped', 'clear', 'refresh', 'continue', 'maclog': {
file { "/etc/shorewall/puppet/${name}":
content => "${script}\n",
notify => Service[shorewall];
notify => Exec['shorewall_check'];
}
}
'', default: {
......
define shorewall::managed_file () {
# manage a certain file
define shorewall::managed_file() {
concat{ "/etc/shorewall/puppet/${name}":
notify => Service['shorewall'],
notify => Exec['shorewall_check'],
require => File['/etc/shorewall/puppet'],
owner => 'root', group => 'root', mode => '0600';
owner => 'root',
group => 'root',
mode => '0600';
}
concat::fragment {
"${name}-header":
source => "puppet:///modules/shorewall/boilerplate/${name}.header",
target => "/etc/shorewall/puppet/${name}",
order => '000';
order => '000';
"${name}-footer":
source => "puppet:///modules/shorewall/boilerplate/${name}.footer",
target => "/etc/shorewall/puppet/${name}",
order => '999';
order => '999';
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment