refactor things to use the concat module

8dde08a3 · Marcel Haerry · 777f77d3 · 8dde08a3 · 8dde08a3 · 8dde08a3
Commit 8dde08a3 authored Aug 04, 2011 by Marcel Haerry
23 changed files
--- a/files/shorewall.conf
+++ b/files/shorewall.conf
@@ -78,7 +78,7 @@ SUBSYSLOCK=/var/lock/subsys/shorewall
 MODULESDIR=
-CONFIG_PATH=/var/lib/puppet/modules/shorewall:/etc/shorewall:/usr/share/shorewall
+CONFIG_PATH=/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall
 RESTOREFILE=

--- a/files/shorewall.conf.Debian
+++ b/files/shorewall.conf.Debian
@@ -79,7 +79,7 @@ SUBSYSLOCK=""
 MODULESDIR=
 # add puppet delivered files in front
-CONFIG_PATH=/var/lib/puppet/modules/shorewall:/etc/shorewall:/usr/share/shorewall
+CONFIG_PATH=/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall
 RESTOREFILE=

--- a/files/shorewall.conf.Debian.etch
+++ b/files/shorewall.conf.Debian.etch
@@ -77,7 +77,7 @@ SUBSYSLOCK=""
 MODULESDIR=
 # add puppet delivered files in front
-CONFIG_PATH=/var/lib/puppet/modules/shorewall:/etc/shorewall:/usr/share/shorewall
+CONFIG_PATH=/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall
 RESTOREFILE=

--- a/files/shorewall.conf.Gentoo
+++ b/files/shorewall.conf.Gentoo
@@ -77,7 +77,7 @@ SUBSYSLOCK="/var/lock/subsys/shorewall"
 MODULESDIR=
 # add puppet delivered files in front
-CONFIG_PATH=/var/lib/puppet/modules/shorewall:/etc/shorewall:/usr/share/shorewall
+CONFIG_PATH=/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall
 RESTOREFILE=

--- a/files/shorewall.conf.Ubuntu.karmic
+++ b/files/shorewall.conf.Ubuntu.karmic
@@ -79,7 +79,7 @@ SUBSYSLOCK=""
 MODULESDIR=
 # add puppet delivered files in front
-CONFIG_PATH=/var/lib/puppet/modules/shorewall:/etc/shorewall:/usr/share/shorewall
+CONFIG_PATH=/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall
 RESTOREFILE=

--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -4,9 +4,10 @@ class shorewall::base {
    }
    # This file has to be managed in place, so shorewall can find it
-    file { "/etc/shorewall/shorewall.conf":
+    file {
-      # use OS specific defaults, but use Default if no other is found
+      '/etc/shorewall/shorewall.conf':
-      source => [
+        # use OS specific defaults, but use Default if no other is found
+        source => [
            "puppet:///modules/site-shorewall/${fqdn}/shorewall.conf.$operatingsystem",
            "puppet:///modules/site-shorewall/${fqdn}/shorewall.conf",
            "puppet:///modules/site-shorewall/shorewall.conf.$operatingsystem.$lsbdistcodename",
@@ -19,6 +20,10 @@ class shorewall::base {
        require => Package[shorewall],
        notify => Service[shorewall],
        owner => root, group => 0, mode => 0644;
+      '/etc/shorewall/puppet':
+        ensure => directory,
+        require => Package[shorewall],
+        owner => root, group => 0, mode => 0644;
    }
    service{shorewall:
@@ -26,21 +31,6 @@ class shorewall::base {
        enable  => true,
        hasstatus => true,
        hasrestart => true,
-        subscribe => [
-            File["/var/lib/puppet/modules/shorewall/zones"],
-            File["/var/lib/puppet/modules/shorewall/interfaces"],
-            File["/var/lib/puppet/modules/shorewall/hosts"],
-            File["/var/lib/puppet/modules/shorewall/policy"],
-            File["/var/lib/puppet/modules/shorewall/rules"],
-            File["/var/lib/puppet/modules/shorewall/masq"],
-            File["/var/lib/puppet/modules/shorewall/proxyarp"],
-            File["/var/lib/puppet/modules/shorewall/nat"],
-            File["/var/lib/puppet/modules/shorewall/blacklist"],
-            File["/var/lib/puppet/modules/shorewall/rfc1918"],
-            File["/var/lib/puppet/modules/shorewall/routestopped"],
-            File["/var/lib/puppet/modules/shorewall/params"],
-            File["/var/lib/puppet/modules/shorewall/providers"],
-        ],
        require => Package[shorewall],
    }
 }
--- a/manifests/blacklist.pp
+++ b/manifests/blacklist.pp
@@ -3,7 +3,7 @@ define shorewall::blacklist(
    $port = '-',
    $order='100'
 ){
-    shorewall::entry{"blacklist.d/${order}-${name}":
+    shorewall::entry{"blacklist-${order}-${name}":
        line => "${name} ${proto} ${port}",
    }           
 }
--- a/manifests/entry.pp
+++ b/manifests/entry.pp
@@ -2,12 +2,11 @@ define shorewall::entry(
    $ensure = present,
    $line
 ){
-   $target = "/var/lib/puppet/modules/shorewall/${name}"
+  $parts = split($name,'-')
-   $dir = dirname($target)
+  concat::fragment{$name:
-   file { $target:
+    ensure => $ensure,
-        ensure => $ensure,
+    content => "${line}\n",
-        content => "${line}\n",
+    order => $parts[1],
-        mode => 0600, owner => root, group => 0,
+    target => "/etc/shorewall/puppet/${parts[0]}",
-        notify => Exec["concat_${dir}"],
+  }
-    }
 }
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -3,7 +3,7 @@ define shorewall::host(
    $options = 'tcpflags,blacklist,norfc1918',
    $order='100'
 ){
-    shorewall::entry{"hosts.d/${order}-${name}":
+    shorewall::entry{"hosts-${order}-${name}":
        line => "${zone} ${name} ${options}"
    }
 }

--- a/manifests/init.pp
+++ b/manifests/init.pp
 class shorewall { 
-  include common::moduledir
-  module_dir { "shorewall": }
  case $operatingsystem {
    gentoo: { include shorewall::gentoo }
    debian: { include shorewall::debian }
@@ -19,12 +16,6 @@ class shorewall {
    }
  }
-  file {"/var/lib/puppet/modules/shorewall":
-    ensure => directory,
-    force => true,
-    owner => root, group => 0, mode => 0755; 
-  }
  # See http://www.shorewall.net/3.0/Documentation.htm#Zones
  shorewall::managed_file{ zones: }
  # See http://www.shorewall.net/3.0/Documentation.htm#Interfaces

--- a/manifests/interface.pp
+++ b/manifests/interface.pp
@@ -20,7 +20,7 @@ define shorewall::interface(
        }
    }
-    shorewall::entry { "interfaces.d/${order}-${name}":
+    shorewall::entry { "interfaces-${order}-${name}":
        line => "${zone} ${name} ${broadcast} ${options_real}",
    }
 }

--- a/manifests/managed_file.pp
+++ b/manifests/managed_file.pp
 define shorewall::managed_file () {
-    $dir = "/var/lib/puppet/modules/shorewall/${name}.d"
+  concat{ "/etc/shorewall/puppet/$name":
-    concatenated_file { "/var/lib/puppet/modules/shorewall/$name":
+    notify => Service['shorewall'],
-        dir => $dir,
+    require => File['/etc/shorewall/puppet'],
-        mode => 0600,
+    owner => root, group => 0, mode => 0600;
-    }       
+  }       
-    file {
+  concat::fragment {
-        "${dir}/000-header":
+    "${name}-header":
-            source => "puppet:///modules/shorewall/boilerplate/${name}.header",
+      source => "puppet:///modules/shorewall/boilerplate/${name}.header",
-            mode => 0600, owner => root, group => 0,
+      order => '000';
-            notify => Exec["concat_${dir}"];
+    "${name}-footer":
-        "${dir}/999-footer":
+      source => "puppet:///modules/shorewall/boilerplate/${name}.footer",
-            source => "puppet:///modules/shorewall/boilerplate/${name}.footer",
+      order => '999';
-            mode => 0600, owner => root, group => 0,
+  }       
-            notify => Exec["concat_${dir}"];
-    }       
 } 
--- a/manifests/masq.pp
+++ b/manifests/masq.pp
@@ -10,7 +10,7 @@ define shorewall::masq(
    $mark = '',
    $order='100'
 ){
-    shorewall::entry{"masq.d/${order}-${name}":
+    shorewall::entry{"masq-${order}-${name}":
        line => "# ${name}\n${interface} ${source} ${address} ${proto} ${port} ${ipsec} ${mark}"
    }
 }

--- a/manifests/nat.pp
+++ b/manifests/nat.pp
@@ -5,7 +5,7 @@ define shorewall::nat(
    $local = 'yes',
    $order='100'
 ){
-    shorewall::entry{"nat.d/${order}-${name}":
+    shorewall::entry{"nat-${order}-${name}":
        line => "${name} ${interface} ${internal} ${all} ${local}"
    }           
 }
--- a/manifests/params.pp
+++ b/manifests/params.pp
 define shorewall::params($value, $order='100'){
-    shorewall::entry{"params.d/${order}-${name}":
+    shorewall::entry{"params-${order}-${name}":
        line => "${name}=${value}",
    }
 }
--- a/manifests/policy.pp
+++ b/manifests/policy.pp
@@ -5,7 +5,7 @@ define shorewall::policy(
    $limitburst = '-',
    $order
 ){
-    shorewall::entry{"policy.d/${order}-${name}":
+    shorewall::entry{"policy-${order}-${name}":
        line => "# ${name}\n${sourcezone} ${destinationzone} ${policy} ${shloglevel} ${limitburst}",
    }
 }

--- a/manifests/providers.pp
+++ b/manifests/providers.pp
@@ -9,7 +9,7 @@ define shorewall::providers(
    $copy = '',
    $order='100'
 ){
-    shorewall::entry{"providers.d/${order}-${name}":
+    shorewall::entry{"providers-${order}-${name}":
        line => "# ${name}\n${provider} ${number} ${mark} ${duplicate} ${interface} ${gateway} ${options} ${copy}"
    }
 }

--- a/manifests/proxyarp.pp
+++ b/manifests/proxyarp.pp
@@ -5,7 +5,7 @@ define shorewall::proxyarp(
    $persistent = no,
    $order='100'
    ){
-    shorewall::entry{"proxyarp.d/${order}-${name}":
+    shorewall::entry{"proxyarp-${order}-${name}":
        line => "# ${name}\n${name} ${interface} ${external} ${haveroute} ${persistent}"
    }
 }
--- a/manifests/rfc1918.pp
+++ b/manifests/rfc1918.pp
@@ -2,7 +2,7 @@ define shorewall::rfc1918(
    $action = 'logdrop',
    $order='100'
 ){
-    shorewall::entry{"rfc1918.d/${order}-${name}":
+    shorewall::entry{"rfc1918-${order}-${name}":
        line => "${name} ${action}"
    }   
 }
--- a/manifests/routestopped.pp
+++ b/manifests/routestopped.pp
@@ -8,7 +8,7 @@ define shorewall::routestopped(
        '' => $name,
        default => $interface,
    }   
-    shorewall::entry{"routestopped.d/${order}-${name}":
+    shorewall::entry{"routestopped-${order}-${name}":
        line => "${real_interface} ${host} ${options}",
    }           
 }
--- a/manifests/rule.pp
+++ b/manifests/rule.pp
@@ -13,8 +13,8 @@ define shorewall::rule(
    $mark = '',
    $order
 ){
-    shorewall::entry{"rules.d/${order}-${name}":
+  shorewall::entry{"rules-${order}-${name}":
-        ensure => $ensure,
+    ensure => $ensure,
-        line => "# ${name}\n${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${originaldest} ${ratelimit} ${user} ${mark}",
+    line => "# ${name}\n${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${originaldest} ${ratelimit} ${user} ${mark}",
-    }
+  }
 }
--- a/manifests/rule_section.pp
+++ b/manifests/rule_section.pp
 define shorewall::rule_section(
    $order
 ){
-    shorewall::entry{"rules.d/${order}-${name}":
+    shorewall::entry{"rules-${order}-${name}":
        line => "SECTION ${name}",
    }       
 }
--- a/manifests/zone.pp
+++ b/manifests/zone.pp
@@ -7,7 +7,7 @@ define shorewall::zone(
    $order = 100
 ){
    $real_name = $parent ? { '-' => $name, default => "${name}:${parent}" }
-    shorewall::entry { "zones.d/${order}-${name}":
+    shorewall::entry { "zones-${order}-${name}":
        line => "${real_name} ${type} ${options} ${in} ${out}"
    }
 }