modules/nfs-server/manifests/init.pp

   1 class nfs-server {
   2
   3         package { [
   4                         'nfs-common',
   5                         'nfs-kernel-server'
   6                 ]:
   7                 ensure => installed
   8         }
   9
  10         service { 'nfs-common':
  11                 hasstatus   => false,
  12                 status      => '/bin/true',
  13         }
  14         service { 'nfs-kernel-server':
  15                 hasstatus   => false,
  16                 status      => '/bin/true',
  17         }
  18
  19         @ferm::rule { 'dsa-portmap':
  20                 domain      => '(ip ip6)',
  21                 description => 'Allow portmap access',
  22                 rule        => '&TCP_UDP_SERVICE(111)'
  23         }
  24         @ferm::rule { 'dsa-nfs':
  25                 domain      => '(ip ip6)',
  26                 description => 'Allow nfsd access',
  27                 rule        => '&TCP_UDP_SERVICE(2049)'
  28         }
  29         @ferm::rule { 'dsa-status':
  30                 domain      => '(ip ip6)',
  31                 description => 'Allow statd access',
  32                 rule        => '&TCP_UDP_SERVICE(10000)'
  33         }
  34         @ferm::rule { 'dsa-mountd':
  35                 domain      => '(ip ip6)',
  36                 description => 'Allow mountd access',
  37                 rule        => '&TCP_UDP_SERVICE(10002)'
  38         }
  39         @ferm::rule { 'dsa-lockd':
  40                 domain      => '(ip ip6)',
  41                 description => 'Allow lockd access',
  42                 rule        => '&TCP_UDP_SERVICE(10003)'
  43         }
  44
  45         file { '/etc/default/nfs-common':
  46                 source  => 'puppet:///modules/nfs-server/nfs-common.default',
  47                 before  => Package['nfs-common'],
  48                 notify  => Service['nfs-common'],
  49         }
  50         file { '/etc/default/nfs-kernel-server':
  51                 source  => 'puppet:///modules/nfs-server/nfs-kernel-server.default',
  52                 before  => Package['nfs-kernel-server'],
  53                 notify  => Service['nfs-kernel-server'],
  54         }
  55         file { '/etc/modprobe.d/lockd.local':
  56                 source => 'puppet:///modules/nfs-server/lockd.local.modprobe',
  57                 before => Package['nfs-common'],
  58                 notify => Service['nfs-common'],
  59         }
  60 }