Added support for RHEL and did some syntax cleaning

Assume that "RedHat" also works where "CentOS" does.
2012-09-05 16:42:02 +03:00 · 2012-09-05 16:42:02 +03:00 · 24ecb51f6f
commit 24ecb51f6f
parent e9aae1dcf6
63 changed files with 544 additions and 497 deletions
--- a/firewall/manifests/init.pp
+++ b/firewall/manifests/init.pp
@ -26,15 +26,15 @@ class firewall {
        $firewall_rules = []
    }

-    case $operatingsystem {
-        centos,debian,fedora,ubuntu: {
+    case $::operatingsystem {
+        "centos","redhat","debian","fedora","ubuntu": {
            include firewall::iptables
        }
-        openbsd: {
+        "openbsd": {
            include firewall::pf
        }
        default: {
-            fail("Firewall module not supported in ${operatingsystem}")
+            fail("Firewall module not supported in ${::operatingsystem}")
        }
    }

@ -53,15 +53,15 @@ class firewall {
 #
 class firewall::custom {

-    case $operatingsystem {
-        centos,debian,fedora,ubuntu: {
+    case $::operatingsystem {
+        "centos","redhat","debian","fedora","ubuntu": {
            include firewall::custom::iptables
        }
        openbsd: {
            include firewall::custom::pf
        }
        default: {
-            fail("Firewall module not supported in ${operatingsystem}")
+            fail("Firewall module not supported in ${::operatingsystem}")
        }
    }

@ -73,10 +73,11 @@ class firewall::custom {
 class firewall::common::iptables {

    package { "iptables":
-        name   => $operatingsystem ? {
+        name   => $::operatingsystem ? {
            centos => [ "iptables", "iptables-ipv6" ],
+            redhat => [ "iptables", "iptables-ipv6" ],
            debian => [ "iptables", "iptables-persistent" ],
-            fedora => $operatingsystemrelease ? {
+            fedora => $::operatingsystemrelease ? {
                /^1[0-5]/ => [ "iptables", "iptables-ipv6" ],
                default   => "iptables",
            },
@ -85,7 +86,7 @@ class firewall::common::iptables {
    }

    file { "/etc/sysconfig/iptables":
-        name    => $operatingsystem ? {
+        name    => $::operatingsystem ? {
            debian  => "/etc/iptables/rules",
            ubuntu  => "/etc/iptables/rules",
            default => "/etc/sysconfig/iptables",
@ -98,8 +99,8 @@ class firewall::common::iptables {
        notify  => Service["iptables"],
    }

-    case $operatingsystem {
-        centos,fedora: {
+    case $::operatingsystem {
+        "centos","redhat","fedora": {
            $ip6states = versioncmp($kernelversion, "2.6.20")
            file { "/etc/sysconfig/ip6tables":
                ensure  => present,
@ -120,15 +121,16 @@ class firewall::common::iptables {
    }

    service { "iptables":
-        name       => $operatingsystem ? {
+        name       => $::operatingsystem ? {
            debian  => "iptables-persistent",
            ubuntu  => "iptables-persistent",
            default => "iptables",
        },
        ensure     => running,
        enable     => true,
-        hasrestart => $operatingsystem ? {
+        hasrestart => $::operatingsystem ? {
            centos => true,
+            redhat => true,
            debian => false,
            fedora => true,
            ubuntu => false,
@ -148,8 +150,8 @@ class firewall::iptables inherits firewall::common::iptables {
        content => template("firewall/iptables.erb"),
    }

-    case $operatingsystem {
-        centos,fedora: {
+    case $::operatingsystem {
+        "centos","redhat","fedora": {
            File["/etc/sysconfig/ip6tables"] {
                content => template("firewall/ip6tables.erb"),
            }