opuppet/module-tinc
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

linting

Browse source
This commit is contained in:
mh 2014-04-18 11:40:43 +02:00
parent b1db2cacbe
commit d053d7241d
1 changed files with 84 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
manifests/vpn_net.pp
View file

@ -1,3 +1,4 @@
# create a tinc vpn_net
define tinc::vpn_net( define tinc::vpn_net(
$ensure = present, $ensure = present,
$hosts_path = 'absent', $hosts_path = 'absent',
@ -18,22 +19,26 @@ define tinc::vpn_net(
} }
# needed in template tinc.conf.erb # needed in template tinc.conf.erb
$fqdn_tinc = regsubst("${::fqdn}",'[._-]+','','G') $fqdn_tinc = regsubst($::fqdn,'[._-]+','','G')
file{"/etc/tinc/${name}": file{"/etc/tinc/${name}":
require => Package['tinc'], require => Package['tinc'],
notify => Service['tinc'], notify => Service['tinc'],
owner => root, group => 0, mode => 0600; owner => root,
group => 0,
mode => '0600';
} }
file_line{"tinc_boot_net_${name}": $line_ensure = $ensure ? {
ensure => $ensure ? {
'present' => $connect_on_boot ? { 'present' => $connect_on_boot ? {
true => 'present', true => 'present',
default => 'absent' default => 'absent'
}, },
default => 'absent' default => 'absent'
}, }
file_line{"tinc_boot_net_${name}":
ensure => $line_ensure,
line => $name, line => $name,
path => '/etc/tinc/nets.boot', path => '/etc/tinc/nets.boot',
require => File['/etc/tinc/nets.boot'], require => File['/etc/tinc/nets.boot'],
@ -49,7 +54,9 @@ define tinc::vpn_net(
ensure => $ensure, ensure => $ensure,
notify => Service[tinc], notify => Service[tinc],
tag => "tinc_host_${name}", tag => "tinc_host_${name}",
owner => root, group => 0, mode => 0600; owner => root,
group => 0,
mode => '0600';
} }
@@file_line{"${fqdn_tinc}_for_${name}": @@file_line{"${fqdn_tinc}_for_${name}":
@ -71,7 +78,9 @@ define tinc::vpn_net(
force => true, force => true,
require => Package['tinc'], require => Package['tinc'],
notify => Service['tinc'], notify => Service['tinc'],
owner => root, group => 0, mode => 0600; owner => root,
group => 0,
mode => '0600';
} }
$tinc_hosts_list = tfile($real_hosts_path) $tinc_hosts_list = tfile($real_hosts_path)
@ -81,22 +90,28 @@ define tinc::vpn_net(
file { "/etc/tinc/${name}/tinc.conf": file { "/etc/tinc/${name}/tinc.conf":
content => template('tinc/tinc.conf.erb'), content => template('tinc/tinc.conf.erb'),
notify => Service[tinc], notify => Service[tinc],
owner => root, group => 0, mode => 0600; owner => root,
group => 0,
mode => '0600';
} }
if $key_source_path == 'absent' { if $key_source_path == 'absent' {
fail("You need to set \$key_source_prefix for $name to generate keys on the master!") fail("You need to set \$key_source_prefix for ${name} to generate keys on the master!")
} }
$tinc_keys = tinc_keygen($name,"${key_source_path}/${name}/${::fqdn}") $tinc_keys = tinc_keygen($name,"${key_source_path}/${name}/${::fqdn}")
file{"/etc/tinc/${name}/rsa_key.priv": file{"/etc/tinc/${name}/rsa_key.priv":
content => $tinc_keys[0], content => $tinc_keys[0],
notify => Service[tinc], notify => Service[tinc],
owner => root, group => 0, mode => 0600; owner => root,
group => 0,
mode => '0600';
} }
file{"/etc/tinc/${name}/rsa_key.pub": file{"/etc/tinc/${name}/rsa_key.pub":
content => $tinc_keys[1], content => $tinc_keys[1],
notify => Service[tinc], notify => Service[tinc],
owner => root, group => 0, mode => 0600; owner => root,
group => 0,
mode => '0600';
} }
$real_tinc_bridge_interface = $tinc_bridge_interface ? { $real_tinc_bridge_interface = $tinc_bridge_interface ? {
@ -106,11 +121,11 @@ define tinc::vpn_net(
if $tinc_internal_ip == 'absent' { if $tinc_internal_ip == 'absent' {
$tinc_br_ifaddr = "::ipaddress_${real_tinc_bridge_interface}" $tinc_br_ifaddr = "::ipaddress_${real_tinc_bridge_interface}"
$tinc_br_ip = inline_template("<%= scope.lookupvar(tinc_br_ifaddr) %>") $tinc_br_ip = inline_template('<%= scope.lookupvar(@tinc_br_ifaddr) %>')
case $tinc_br_ip { case $tinc_br_ip {
'',undef: { '',undef: {
$tinc_orig_ifaddr = "::ipaddress_${tinc_internal_interface}" $tinc_orig_ifaddr = "::ipaddress_${tinc_internal_interface}"
$real_tinc_internal_ip = inline_template("<%= scope.lookupvar(tinc_orig_ifaddr) %>") $real_tinc_internal_ip = inline_template('<%= scope.lookupvar(@tinc_orig_ifaddr) %>')
} }
default: { $real_tinc_internal_ip = $tinc_br_ip } default: { $real_tinc_internal_ip = $tinc_br_ip }
} }
@ -121,12 +136,16 @@ define tinc::vpn_net(
file { "/etc/tinc/${name}/tinc-up": file { "/etc/tinc/${name}/tinc-up":
content => template('tinc/tinc-up.erb'), content => template('tinc/tinc-up.erb'),
notify => Service['tinc'], notify => Service['tinc'],
owner => root, group => 0, mode => 0700; owner => root,
group => 0,
mode => '0700';
} }
file { "/etc/tinc/${name}/tinc-down": file { "/etc/tinc/${name}/tinc-down":
content => template('tinc/tinc-down.erb'), content => template('tinc/tinc-down.erb'),
notify => Service['tinc'], notify => Service['tinc'],
owner => root, group => 0, mode => 0700; owner => root,
group => 0,
mode => '0700';
} }
File["/etc/tinc/${name}/hosts/${fqdn_tinc}"]{ File["/etc/tinc/${name}/hosts/${fqdn_tinc}"]{
content => template('tinc/host.erb'), content => template('tinc/host.erb'),
@ -135,11 +154,12 @@ define tinc::vpn_net(
if $manage_shorewall { if $manage_shorewall {
shorewall::interface { $real_tinc_bridge_interface: $zone = $shorewall_zone ? {
zone => $shorewall_zone ? {
'absent' => 'loc', 'absent' => 'loc',
default => $shorewall_zone default => $shorewall_zone
}, }
shorewall::interface { $real_tinc_bridge_interface:
zone => $zone,
rfc1918 => true, rfc1918 => true,
options => 'routeback,logmartians'; options => 'routeback,logmartians';
} }