From: Stephen Gran <steve@lobefin.net>
Date: Sun, 7 Mar 2010 09:39:57 +0000 (+0000)
Subject: some more ferm fixups
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=decbf68aa45f1398cdc1ad8882048296f1e8935c;p=dsa-puppet.git

some more ferm fixups

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/manifests/site.pp b/manifests/site.pp
index 2fecb32c..52e1e0d7 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -74,10 +74,10 @@ node default {
     }
 
     case extractnodeinfo($nodeinfo, 'buildd') {
-         true:  {
+         'true':  {
              include buildd
              case $kernel {
-                 'Linux': {
+                 Linux: {
                      include ferm
                  }
              }
diff --git a/modules/ferm/files/ferm.default b/modules/ferm/files/ferm.default
new file mode 100644
index 00000000..7864a2ec
--- /dev/null
+++ b/modules/ferm/files/ferm.default
@@ -0,0 +1,14 @@
+# configuration for /etc/init.d/ferm
+
+# use iptables-restore for fast firewall initialization?
+FAST=yes
+
+# cache the output of ferm --lines in /var/cache/ferm?
+CACHE=yes
+
+# additional paramaters for ferm (like --def '$foo=bar')
+OPTIONS=
+
+# Enable ferm on bootup?
+ENABLED=yes
+
diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index ff57e914..5f63ea7c 100644
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -26,6 +26,10 @@ class ferm {
                 "/etc/ferm/conf.d":
                         ensure => directory,
                         require => Package["ferm"];
+                "/etc/default/ferm":
+                        source  => "puppet:///ferm/ferm.default",
+                        require => Package["ferm"],
+                        notify  => Exec["ferm restart"];
                 "/etc/ferm/ferm.conf":
                         source  => "puppet:///ferm/ferm.conf",
                         require => Package["ferm"],