diff options
| author | mh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> | 2008-02-17 17:34:18 +0000 |
|---|---|---|
| committer | mh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> | 2008-02-17 17:34:18 +0000 |
| commit | 8c16d3cf95e74977287dbb2b5f28b308aa320451 (patch) | |
| tree | 78231e7a4761cb13fdbf9f9d1ae42878246235f1 /manifests/init.pp | |
| parent | d5e8304276808d5c89b337b66765133079eba952 (diff) | |
| download | puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.gz puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.bz2 | |
moved some for better overview
git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@817 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
Diffstat (limited to 'manifests/init.pp')
| -rw-r--r-- | manifests/init.pp | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index a766b23..0ec363b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -29,13 +29,29 @@ class shorewall { } - service { shorewall: ensure => running, enable => true, } + service { shorewall: + ensure => running, + enable => true, + subscribe => [ + Exec[concat_zones], + Exec[concat_interfaces], + Exec[concat_hosts], + Exec[concat_policy], + Exec[concat_rules], + Exec[concat_masq], + Exec[concat_proxyarp], + Exec[concat_nat], + Exec[concat_blacklist], + Exec[concat_rfc1918], + Exec[concat_routestopped], + ], + } file { "/var/lib/puppet/modules/shorewall": ensure => directory, force => true, - mode => 0755, owner => root, group => root; + mode => 0755, owner => root, group => 0; } # private @@ -46,7 +62,7 @@ class shorewall { "${dir}": ensure => directory, force => true, - mode => 0755, owner => root, group => root; + mode => 0755, owner => root, group => 0; } @@ -57,11 +73,11 @@ class shorewall { file { "${dir}/000-header": source => "puppet://$servername/shorewall/boilerplate/${name}.header", - mode => 0600, owner => root, group => root, + mode => 0600, owner => root, group => 0, notify => Exec["concat_${dir}"]; "${dir}/999-footer": source => "puppet://$servername/shorewall/boilerplate/${name}.footer", - mode => 0600, owner => root, group => root, + mode => 0600, owner => root, group => 0, notify => Exec["concat_${dir}"]; } } @@ -72,19 +88,21 @@ class shorewall { $dir = dirname($target) file { $target: content => "${line}\n", - mode => 0600, owner => root, group => root, + mode => 0600, owner => root, group => 0, notify => Exec["concat_${dir}"], } } # This file has to be managed in place, so shorewall can find it file { "/etc/shorewall/shorewall.conf": - # use OS specific defaults, but use gentoo if no other is found + # use OS specific defaults, but use Default if no other is found source => [ "puppet://$servername/shorewall/shorewall.conf.$operatingsystem.$lsbdistcodename", "puppet://$servername/shorewall/shorewall.conf.$operatingsystem", - "puppet://$servername/shorewall/shorewall.conf.Gentoo." ], - mode => 0644, owner => root, group => root, + "puppet://$servername/shorewall/shorewall.conf.Default", + ], + mode => 0644, owner => root, group => 0, + notify => Service[shorewall], } # See http://www.shorewall.net/3.0/Documentation.htm#Zones |