Mercurial > repos > other > Puppet
view modules/firewall/manifests/linux/archlinux.pp @ 398:66c406eec60d
Update and fix firewall for Ubuntu
* Use later version of module (not latest because our Puppet
isn't supported)
* Change how we define "ensure" because Ubuntu doesn't use
IPv6 methods
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Wed, 20 Apr 2022 19:04:13 +0100 |
parents | d9352a684e62 |
children | adf6fe9bbc17 |
line wrap: on
line source
# @summary # Manages `iptables` and `ip6tables` services, and creates files used for persistence, on Arch Linux systems. # # @param ensure # Ensure parameter passed onto Service[] resources. Valid options: 'running' or 'stopped'. Defaults to 'running'. # # @param enable # Enable parameter passed onto Service[] resources. Defaults to 'true'. # # @param service_name # Specify the name of the IPv4 iptables service. Defaults defined in firewall::params. # # @param package_name # Specify the platform-specific package(s) to install. Defaults defined in firewall::params. # # @param package_ensure # Controls the state of the iptables package on your system. Valid options: 'present' or 'latest'. Defaults to 'latest'. # # @api private # class firewall::linux::archlinux ( $ensure = 'running', $enable = true, $service_name = $firewall::params::service_name, $package_name = $firewall::params::package_name, $package_ensure = $firewall::params::package_ensure, ) inherits ::firewall::params { if $package_name { package { $package_name: ensure => $package_ensure, } } service { $service_name: ensure => $ensure, enable => $enable, hasstatus => true, } file { '/etc/iptables/iptables.rules': ensure => file, before => Service[$service_name], } file { '/etc/iptables/ip6tables.rules': ensure => file, before => Service[$service_name], } }