view modules/my_fw/manifests/init.pp @ 474:28d327443c45

Keep host on redir to HTTPS to fix HSTS Apparently it doesn't apply if you redirect from http with no-www to https with www (or vice versa)
author IBBoard <dev@ibboard.co.uk>
date Sun, 11 Aug 2024 11:16:05 +0100
parents 66c406eec60d
children 2c3e745be8d2
line wrap: on
line source

class my_fw ($ip_version) {
  $real_ensure_v4 = $ip_version == "IPv6" ? { true => 'stopped', default => 'running'}
  $real_ensure_v6 = $ip_version == "IPv6" ? { true => 'running', default => 'stopped'}
  case $::operatingsystem {
    'CentOS': {
      $ensure_v4 = $real_ensure_v4
      $ensure_v6 = $real_ensure_v6
    }
    # Ubuntu doesn't understand IPv4 vs IPv6
    'Ubuntu': {
      $ensure_v4 = ($real_ensure_v4 == 'running' or $real_ensure_v6 == 'running') ? { true => 'running', default => 'stopped' }
      $ensure_v6 = undef
    }
  }
  Firewall <| |> {
    provider => $ip_version == "IPv6" ? { true => 'ip6tables', default => 'iptables'},
  }
  class { ['my_fw::pre', 'my_fw::post']: }
  class { 'firewall':
    ensure => $ensure_v4,
    ensure_v6 => $ensure_v6,
  }
}