]> git.donarmstrong.com Git - dsa-puppet.git/blob - modules/ferm/manifests/init.pp
projects / dsa-puppet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
massive style guide fixups
[dsa-puppet.git] / modules / ferm / manifests / init.pp
1 class ferm {
2         # realize (i.e. enable) all @ferm::rule virtual resources
3         Ferm::Rule <| |>
4
5         File { mode => '0400' }
6
7         package { 'ferm':
8                 ensure => installed
9         }
10         package { 'ulogd':
11                 ensure => installed
12         }
13
14         service { 'ferm':
15                 hasstatus   => false,
16                 status      => '/bin/true',
17                 refreshonly => true,
18         }
19
20         $munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
21
22         munin::check { $munin_ips: script => 'ip_', }
23
24         if $v6ips {
25                 $munin6_ips = split(regsubst($v6ips, '([^,]+)', 'ip_\1', 'G'), ',')
26                 munin::check { $munin6_ips: script => 'ip_', }
27         }
28
29         # get rid of old stuff
30         $munin6_ip6s = split(regsubst($v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
31         munin::check { $munin6_ip6s: ensure => absent }
32
33         file { '/etc/ferm':
34                 ensure  => directory,
35                 notify  => Service['ferm'],
36                 require => Package['ferm'],
37                 mode    => '0755'
38         }
39         file { '/etc/ferm/dsa.d':
40                 ensure => directory,
41                 purge   => true,
42                 force   => true,
43                 recurse => true,
44                 source  => 'puppet:///files/empty/',
45         }
46         file { '/etc/ferm/conf.d':
47                 ensure => directory,
48         }
49         file { '/etc/default/ferm':
50                 source  => 'puppet:///modules/ferm/ferm.default',
51                 require => Package['ferm'],
52                 notify  => Service['ferm'],
53         }
54         file { '/etc/ferm/ferm.conf':
55                 source  => 'puppet:///modules/ferm/ferm.conf',
56         }
57         file { '/etc/ferm/conf.d/me.conf':
58                 content => template('ferm/me.conf.erb'),
59         }
60         file { '/etc/ferm/conf.d/defs.conf':
61                 content => template('ferm/defs.conf.erb'),
62         }
63         file { '/etc/ferm/conf.d/interfaces.conf':
64                 content => template('ferm/interfaces.conf.erb'),
65         }
66         file { '/etc/logrotate.d/ulogd':
67                 source => 'puppet:///modules/ferm/logrotate-ulogd',
68                 require => Package['debian.org'],
69         }
70
71         if getfromhash($site::nodeinfo, 'buildd') {
72                 file { '/etc/ferm/conf.d/load_ftp_conntrack.conf':
73                         source => 'puppet:///modules/ferm/conntrack_ftp.conf',
74                 }
75         }
76
77 }
Unnamed repository; edit this file 'description' to name the repository.