aboutsummaryrefslogtreecommitdiff
path: root/manifests/role/router.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/role/router.pp')
-rw-r--r--manifests/role/router.pp25
1 files changed, 25 insertions, 0 deletions
diff --git a/manifests/role/router.pp b/manifests/role/router.pp
new file mode 100644
index 0000000..068837d
--- /dev/null
+++ b/manifests/role/router.pp
@@ -0,0 +1,25 @@
+class nodo::role::router inherits nodo::appliance {
+ # We use monitor class on the router as the DNS server might by
+ # inside a vserver and thus cannot access the network devices directly
+ include nodo::utils::dns
+
+ # Network auditing
+ include nodo::utils::network::analyzer
+
+ # Enable IP forwarding
+ augeas { 'enable_ip_forwarding':
+ changes => 'set /files/etc/shorewall/shorewall.conf/IP_FORWARDING On',
+ lens => 'Shellvars.lns',
+ incl => '/etc/shorewall/shorewall.conf',
+ notify => Service[shorewall];
+ }
+
+ # Make sure shorewall is reloaded after dhcp renew
+ file { '/etc/dhcp/dhclient-exit-hooks.d/shorewall':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ source => 'puppet:///modules/site_nodo/dhclient-exit-hooks.d/shorewall'
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 15:47:47 +0000