Mercurial > repos > other > Puppet

annotate modules/my_fw/manifests/init.pp @ 279:e36b7f4f85f2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Start to support IPv6 servers * Assumed only one or the other, not dual stack * Removed old VPS setup * Removed "secondary IP", added IPv4-to-6 forwarding * Updated firewall rules * Moved HTTP firewall rules to website module so it can do the right thing based on IP address families
author IBBoard <dev@ibboard.co.uk>
date Sat, 15 Feb 2020 13:52:30 +0000
parents
children 66c406eec60d
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
279
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
1 class my_fw ($ip_version) {
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
2 Firewall <| |> {
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
3 provider => $ip_version == "IPv6" ? { true => 'ip6tables', default => 'iptables'},
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
4 }
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
5 class { ['my_fw::pre', 'my_fw::post']: }
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
6 class { 'firewall':
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
7 ensure => $ip_version == "IPv6" ? { true => 'stopped', default => 'running'},
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
8 ensure_v6 => $ip_version == "IPv6" ? { true => 'running', default => 'stopped'},
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
9 }
e36b7f4f85f2 Start to support IPv6 servers
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
10 }