Puppet Class: ufw::service
- Defined in:
- manifests/service.pp
Summary
Manages ufw serviceOverview
Manages ufw service.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'manifests/service.pp', line 16
class ufw::service(
Boolean $manage_service = $ufw::manage_service,
Stdlib::Ensure::Service $service_ensure = $ufw::service_ensure,
String[1] $service_name = $ufw::service_name,
) {
if $manage_service {
if $service_ensure == 'stopped' {
$action = 'disable'
$unless_status = 'inactive'
} else {
$action = 'enable'
$unless_status = 'active'
}
service { $service_name:
ensure => $service_ensure,
}
# According to the official docs (https://git.launchpad.net/ufw/tree/README),
# to load configuration framework files changes, the user should run `ufw disable` followed by `ufw enable`.
# This resource should only apply when this class is notified on configuration
# file change and never when disabling/enabling the service.
-> exec { 'Disable ufw to force config reload':
command => 'ufw --force disable',
path => '/usr/sbin:/bin',
environment => ['DEBIAN_FRONTEND=noninteractive'],
unless => "ufw status | grep 'Status: inactive'",
refreshonly => true,
}
#TODO investigate the reasons behind https://github.com/attachmentgenie/attachmentgenie-ufw/blob/master/manifests/service.pp#L17-L22
-> exec { "ufw --force ${action}":
path => '/usr/sbin:/bin',
environment => ['DEBIAN_FRONTEND=noninteractive'],
unless => "ufw status | grep 'Status: ${unless_status}'",
}
}
}
|