Skip to content

Commit

Permalink
Merge pull request #101 from eputnam/feature-optional-server-param
Browse files Browse the repository at this point in the history 
Make server parameter optional and allow service definition without explicit group
  • Loading branch information
@HAIL9000
HAIL9000 committed Oct 3, 2017
2 parents e079989 + d9993ed commit 1b9efad
Show file tree
Hide file tree
Showing 4 changed files with 102 additions and 39 deletions.
18 changes: 16 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,8 @@ page.

### Parameters:

* `server` - required - determines the program to execute for this service
* `server` - optional - determines the program to execute for this service (either this or `redirect` is required)
* `redirect` - optional - ip or hostname and port of the target service (either this or `server` is required)
* `port` - optional - determines the service port (required if service is not listed in `/etc/services`)
* `cps` - optional
* `flags` - optional
Expand All @@ -68,11 +69,13 @@ page.
* `protocol` - optional - defaults to "tcp"
* `user` - optional - defaults to "root"
* `group` - optional - defaults to "root"
* `use_default_group` - optional - set to "false" to prevent using the OS specific default group for the service, defaults to "true"
* `instances` - optional - defaults to "UNLIMITED"
* `wait` - optional - based on $protocol will default to "yes" for udp and "no" for tcp
* `service_type` - optional - type setting in xinetd
* `nice` - optional - integer between -20 and 19, inclusive.
* `redirect` - optional - ip or hostname and port of the target service

Either the `server` or the `redirect` parameter must be set.

### Sample Usage

Expand All @@ -89,6 +92,17 @@ xinetd::service { 'tftp':
}
```

```puppet
xinetd::service { 'ssh-tunnel-host.example.com':
port => '2222',
redirect => 'host.example.com 22',
flags => 'REUSE',
service_type => 'UNLISTED',
bind => "${::ipaddress_eth1}",
only_from => '10.130.50.174',
}
```

## Supported OSes

Supports Debian, FreeBSD, Suse, RedHat, and Amazon Linux OS Families.
Expand Down
74 changes: 39 additions & 35 deletions manifests/service.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,50 +4,49 @@
# all parameters match up with xinetd.conf(5) man page
#
# Parameters:
# $ensure - optional - defaults to 'present'
# $log_on_success - optional - may contain any combination of
# 'PID', 'HOST', 'USERID', 'EXIT', 'DURATION', 'TRAFFIC'
# $ensure - optional - defaults to 'present'
# $log_on_success - optional - may contain any combination of
# 'PID', 'HOST', 'USERID', 'EXIT', 'DURATION', 'TRAFFIC'
# $log_on_success_operator - optional - defaults to '+='. This is whether or
# not values specified will be add, set or remove
# from the default.
# $log_on_failure - optional - may contain any combination of
# 'HOST', 'USERID', 'ATTEMPT'
# $log_on_failure - optional - may contain any combination of
# 'HOST', 'USERID', 'ATTEMPT'
# $log_on_failure_operator - optional - defaults to '+='. This is whether or
# not values specified will be add, set or remove
# from the default.
# $service_type - optional - type setting in xinetd
# may contain any combinarion of 'RPC', 'INTERNAL',
# 'TCPMUX/TCPMUXPLUS', 'UNLISTED'
# $cps - optional
# $flags - optional
# $per_source - optional
# $port - optional - determines the service port (required if service is not listed in /etc/services)
# $server - required - determines the program to execute for this service
# $server_args - optional
# $disable - optional - defaults to "no"
# $socket_type - optional - defaults to "stream"
# $protocol - optional - defaults to "tcp"
# $user - optional - defaults to "root"
# $group - optional - defaults to "root"
# $groups - optional - defaults to "yes"
# $instances - optional - defaults to "UNLIMITED"
# $only_from - optional
# $wait - optional - based on $protocol will default to "yes" for udp and "no" for tcp
# $xtype - deprecated - use $service_type instead
# $no_access - optional
# $access_times - optional
# $log_type - optional
# $bind - optional
# $nice - optional - integer between -20 and 19, inclusive.
# $env - optional
# $passenv - optional
# $redirect - optional - ip or hostname and port of the target service
# $service_type - optional - type setting in xinetd
# may contain any combinarion of 'RPC', 'INTERNAL',
# 'TCPMUX/TCPMUXPLUS', 'UNLISTED'
# $cps - optional
# $flags - optional
# $per_source - optional
# $port - optional - determines the service port (required if service is not listed in /etc/services)
# $server - optional - determines the program to execute for this service
# $server_args - optional
# $disable - optional - defaults to "no"
# $socket_type - optional - defaults to "stream"
# $protocol - optional - defaults to "tcp"
# $user - optional - defaults to "root"
# $group - optional - defaults to "root"
# $use_default_group - optional - defaults to true
# $groups - optional - defaults to "yes"
# $instances - optional - defaults to "UNLIMITED"
# $only_from - optional
# $wait - optional - based on $protocol will default to "yes" for udp and "no" for tcp
# $xtype - deprecated - use $service_type instead
# $no_access - optional
# $access_times - optional
# $log_type - optional
# $bind - optional
# $nice - optional - integer between -20 and 19, inclusive.
# $redirect - optional - ip or hostname and port of the target service
#
# Actions:
# setups up a xinetd service by creating a file in /etc/xinetd.d/
#
# Requires:
# $server must be set
# $server or $redirect must be set
# $port must be set
#
# Sample Usage:
Expand All @@ -65,7 +64,7 @@
# } # xinetd::service
#
define xinetd::service (
$server,
$server = undef,
$port = undef,
$ensure = present,
$log_on_success = undef,
Expand All @@ -78,6 +77,7 @@
$disable = 'no',
$flags = undef,
$group = undef,
Boolean $use_default_group = true,
$groups = 'yes',
$instances = 'UNLIMITED',
$per_source = undef,
Expand All @@ -100,13 +100,17 @@

include ::xinetd

unless ($server or $redirect) {
fail('xinetd::service needs either of server or redirect')
}

if $user {
$_user = $user
} else {
$_user = $xinetd::params::default_user
}

if $group {
if $group or !$use_default_group {
$_group = $group
} else {
$_group = $xinetd::params::default_group
Expand Down
45 changes: 43 additions & 2 deletions spec/defines/xinetd_service_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,33 @@
}
end

describe 'with group' do
let :params do
default_params.merge({'group' => 'foo'})
end
it {
should contain_file('/etc/xinetd.d/httpd').with_content(/group\s*=\s*foo/)
}
end

describe 'with use_default_group true' do
let :params do
default_params.merge({'use_default_group' => true})
end
it {
should contain_file('/etc/xinetd.d/httpd').with_content(/group\s*=\s*root/)
}
end

describe 'with use_default_group false' do
let :params do
default_params.merge({'use_default_group' => false})
end
it {
should contain_file('/etc/xinetd.d/httpd').without_content(/group\s*=/)
}
end

describe 'without log_on_<success|failure>' do
let :params do
default_params
Expand Down Expand Up @@ -129,13 +156,27 @@

describe 'with redirect' do
let :params do
default_params.merge({
{
:port => '80',
:redirect => 'somehost.somewhere 65535',
})
}
end
it {
should contain_file('/etc/xinetd.d/httpd').with_content(
/redirect\s*\=\s*somehost.somewhere 65535/)
}
end

describe 'without redirect and server' do
let :params do
{
:port => '80',
}
end
it 'should fail' do
expect {
should contain_class('xinetd')
}.to raise_error(Puppet::Error)
end
end
end
4 changes: 4 additions & 0 deletions templates/service.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,13 @@ service <%= @service_name %>
protocol = <%= @protocol %>
wait = <%= @_wait %>
user = <%= @_user %>
<% if @_group -%>
group = <%= @_group %>
<% end -%>
groups = <%= @groups %>
<% if @server -%>
server = <%= @server %>
<% end -%>
<% if @bind -%>
bind = <%= @bind %>
<% end -%>
Expand Down

0 comments on commit 1b9efad

Please sign in to comment.