Mercurial > repos > other > Puppet
diff modules/firewall/manifests/params.pp @ 478:adf6fe9bbc17
Update Puppet modules to latest versions
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Thu, 29 Aug 2024 18:47:29 +0100 |
| parents | 66c406eec60d |
| children |
line wrap: on
line diff
--- a/modules/firewall/manifests/params.pp Tue Aug 27 13:35:17 2024 +0100 +++ b/modules/firewall/manifests/params.pp Thu Aug 29 18:47:29 2024 +0100 @@ -1,56 +1,75 @@ -# @summary Provides defaults for the Apt module parameters. -# +# @summary Provides defaults for the Apt module parameters +# # @api private # class firewall::params { $package_ensure = 'present' - case $::osfamily { + case $facts['os']['family'] { 'RedHat': { - case $::operatingsystem { + case $facts['os']['name'] { 'Amazon': { $service_name = 'iptables' $service_name_v6 = 'ip6tables' $package_name = undef + $iptables_name = 'iptables' $sysconfig_manage = true + $firewalld_manage = true } 'Fedora': { $service_name = 'iptables' $service_name_v6 = 'ip6tables' - if versioncmp($::operatingsystemrelease, '15') >= 0 { + if versioncmp($facts['os']['release']['full'], '34') >= 0 { $package_name = 'iptables-services' + $iptables_name = 'iptables-compat' } else { + $iptables_name = 'iptables' $package_name = undef } $sysconfig_manage = true + $firewalld_manage = true } default: { - if versioncmp($::operatingsystemrelease, '8.0') >= 0 { + if versioncmp($facts['os']['release']['full'], '9') >= 0 { + $service_name = ['nftables','iptables'] + $service_name_v6 = 'ip6tables' + $package_name = ['iptables-services', 'nftables', 'iptables-nft-services'] + $iptables_name = 'iptables-nft' + $sysconfig_manage = false + $firewalld_manage = true + } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 { $service_name = ['iptables', 'nftables'] $service_name_v6 = 'ip6tables' $package_name = ['iptables-services', 'nftables'] + $iptables_name = 'iptables' $sysconfig_manage = false - } elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 { + $firewalld_manage = true + } elsif versioncmp($facts['os']['release']['full'], '7.0') >= 0 { $service_name = 'iptables' $service_name_v6 = 'ip6tables' $package_name = 'iptables-services' + $iptables_name = 'iptables' $sysconfig_manage = true + $firewalld_manage = true } else { $service_name = 'iptables' $service_name_v6 = 'ip6tables' $package_name = 'iptables-ipv6' + $iptables_name = 'iptables' $sysconfig_manage = true + $firewalld_manage = true } } } } 'Debian': { $service_name_v6 = undef - case $::operatingsystem { + $iptables_name = 'iptables' + case $facts['os']['name'] { 'Debian': { - if versioncmp($::operatingsystemrelease, 'unstable') >= 0 { + if versioncmp($facts['os']['release']['full'], 'unstable') >= 0 { $service_name = 'netfilter-persistent' $package_name = 'netfilter-persistent' - } elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 { + } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 { $service_name = 'netfilter-persistent' $package_name = 'iptables-persistent' } else { @@ -59,7 +78,7 @@ } } 'Ubuntu': { - if versioncmp($::operatingsystemrelease, '14.10') >= 0 { + if versioncmp($facts['os']['release']['full'], '14.10') >= 0 { $service_name = 'netfilter-persistent' $package_name = 'iptables-persistent' } else { @@ -79,8 +98,9 @@ $package_name = 'net-firewall/iptables' } default: { + $iptables_name = 'iptables' $service_name_v6 = undef - case $::operatingsystem { + case $facts['os']['name'] { 'Archlinux': { $service_name = ['iptables','ip6tables'] $package_name = undef