diff --git a/.fixtures.yml b/.fixtures.yml index 3affff3..269630c 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,3 +1,5 @@ fixtures: + repositories: + "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib" symlinks: "xinetd": "#{source_dir}" diff --git a/Modulefile b/Modulefile index f9ad266..c0d52d3 100644 --- a/Modulefile +++ b/Modulefile @@ -6,3 +6,4 @@ license 'Apache License 2.0' summary 'Puppet Labs Xinetd Module' description 'Puppet module to configure xinetd services' project_page 'https://github.com/puppetlabs/puppetlabs-xinetd' +dependency 'puppetlabs/stdlib', '>= 2.2.1' diff --git a/manifests/init.pp b/manifests/init.pp index 16589eb..5ea9f30 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -9,19 +9,44 @@ # server_args => '--daemon --config /etc/rsync.conf', # } # -class xinetd { +class xinetd ( + $confdir = $xinetd::params::confdir, + $conffile = $xinetd::params::conffile, + $package_name = $xinetd::params::package_name, + $service_name = $xinetd::params::service_name +) inherits xinetd::params { - package { 'xinetd': } + File { + owner => 'root', + group => '0', + notify => Service[$service_name], + require => Package[$package_name], + } + + file { $confdir: + ensure => directory, + mode => '0755', + } - file { '/etc/xinetd.conf': - source => 'puppet:///modules/xinetd/xinetd.conf', + # Template uses: + # $confdir + file { $conffile: + ensure => file, + mode => '0644', + content => template('xinetd/xinetd.conf.erb'), } - service { 'xinetd': - ensure => running, - enable => true, - restart => '/etc/init.d/xinetd reload', - require => [ Package['xinetd'], - File['/etc/xinetd.conf'] ], + package { $package_name: + ensure => installed, + before => Service[$service_name], } + + service { $service_name: + ensure => running, + enable => true, + hasrestart => false, + hasstatus => true, + require => File[$conffile], + } + } diff --git a/manifests/params.pp b/manifests/params.pp new file mode 100644 index 0000000..2a440a5 --- /dev/null +++ b/manifests/params.pp @@ -0,0 +1,34 @@ +class xinetd::params { + + case $::osfamily { + 'Debian': { + $confdir = '/etc/xinetd.d' + $conffile = '/etc/xinetd.conf' + $package_name = 'xinetd' + $service_name = 'xinetd' + } + 'FreeBSD': { + $confdir = '/usr/local/etc/xinetd.d' + $conffile = '/usr/local/etc/xinetd.conf' + $package_name = 'security/xinetd' + $service_name = 'xinetd' + } + 'Suse': { + $confdir = '/etc/xinetd.d' + $conffile = '/etc/xinetd.conf' + $package_name = 'xinetd' + $service_name = 'xinetd' + } + 'RedHat': { + $confdir = '/etc/xinetd.d' + $conffile = '/etc/xinetd.conf' + $package_name = 'xinetd' + $service_name = 'xinetd' + } + default: { + fail("xinetd: module does not support osfamily ${::osfamily}") + } + } + +} + diff --git a/manifests/service.pp b/manifests/service.pp index c499cda..d544402 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -4,27 +4,32 @@ # all parameters match up with xinetd.conf(5) man page # # Parameters: -# $port - required - determines the service port -# $server - required - determines the executable for this service # $ensure - optional - defaults to 'present' -# $cps - optional -# $flags - optional -# $per_source - optional -# $server_args - optional # $log_on_failure - optional - may contain any combination of # 'HOST', 'USERID', 'ATTEMPT' -# $disable - optional - defaults to 'no' -# $socket_type - optional - defaults to 'stream' -# $protocol - optional - defaults to 'tcp' -# $user - optional - defaults to 'root' -# $group - optional - defaults to 'root' -# $instances - optional - defaults to 'UNLIMITED' -# $wait - optional - based on $protocol -# will default to 'yes' for udp and 'no' for tcp -# $bind - optional - defaults to '0.0.0.0' # $service_type - optional - type setting in xinetd # may contain any combinarion of 'RPC', 'INTERNAL', # 'TCPMUX/TCPMUXPLUS', 'UNLISTED' +# $cps - optional +# $flags - optional +# $per_source - optional +# $port - required - determines the service port +# $server - required - determines the program to execute for this service +# $server_args - optional +# $disable - optional - defaults to "no" +# $socket_type - optional - defaults to "stream" +# $protocol - optional - defaults to "tcp" +# $user - optional - defaults to "root" +# $group - optional - defaults to "root" +# $groups - optional - defaults to "yes" +# $instances - optional - defaults to "UNLIMITED" +# $only_from - optional +# $wait - optional - based on $protocol will default to "yes" for udp and "no" for tcp +# $xtype - optional - determines the "type" of service, see xinetd.conf(5) +# $no_access - optional +# $access_times - optional +# $log_type - optional +# $bind - optional # # Actions: # setups up a xinetd service by creating a file in /etc/xinetd.d/ @@ -50,37 +55,71 @@ $port, $server, $ensure = present, + $log_on_failure = undef, + $service_type = undef, + $service_name = $title, $cps = undef, + $disable = 'no', $flags = undef, + $group = 'root', + $groups = 'yes', + $instances = 'UNLIMITED', $log_on_failure = undef, $per_source = undef, + $protocol = 'tcp', $server_args = undef, - $disable = 'no', $socket_type = 'stream', - $protocol = 'tcp', $user = 'root', - $group = 'root', - $instances = 'UNLIMITED', + $only_from = undef, $wait = undef, - $bind = '0.0.0.0', - $service_type = undef + $xtype = undef, + $no_access = undef, + $access_times = undef, + $log_type = undef, + $bind = undef, ) { include xinetd if $wait { - $mywait = $wait + $_wait = $wait } else { - $mywait = $protocol ? { + validate_re($protocol, '(tcp|udp)') + $_wait = $protocol ? { tcp => 'no', udp => 'yes' } } - file { "/etc/xinetd.d/${name}": + # Template uses: + # - $port + # - $disable + # - $socket_type + # - $protocol + # - $_wait + # - $user + # - $group + # - $groups + # - $server + # - $bind + # - $service_type + # - $server_args + # - $only_from + # - $per_source + # - $log_on_failure + # - $cps + # - $flags + # - $xtype + # - $no_access + # - $access_types + # - $log_type + file { "${xinetd::confdir}/${title}": ensure => $ensure, + owner => 'root', + mode => '0644', content => template('xinetd/service.erb'), - notify => Service['xinetd'], - require => Package['xinetd'], + notify => Service[$xinetd::service_name], + require => File[$xinetd::confdir], } + } diff --git a/spec/classes/xinetd_init_spec.rb b/spec/classes/xinetd_init_spec.rb index 167e753..b01cfad 100644 --- a/spec/classes/xinetd_init_spec.rb +++ b/spec/classes/xinetd_init_spec.rb @@ -1,9 +1,14 @@ require 'spec_helper' describe 'xinetd' do + + let :facts do + { :osfamily => 'Debian' } + end + it { should contain_package('xinetd') should contain_file('/etc/xinetd.conf') - should contain_service('xinetd').with_restart('/etc/init.d/xinetd reload') + should contain_service('xinetd') } end diff --git a/spec/defines/xinetd_service_spec.rb b/spec/defines/xinetd_service_spec.rb index 01901fb..b987cc1 100644 --- a/spec/defines/xinetd_service_spec.rb +++ b/spec/defines/xinetd_service_spec.rb @@ -1,6 +1,11 @@ require 'spec_helper' describe 'xinetd::service' do + + let :facts do + { :osfamily => 'Debian' } + end + let :default_params do { 'port' => '80', diff --git a/templates/service.erb b/templates/service.erb index 79802f3..bf2f740 100644 --- a/templates/service.erb +++ b/templates/service.erb @@ -1,21 +1,51 @@ # This file is being maintained by Puppet. # DO NOT EDIT -service <%= @name %> +service <%= @service_name %> { port = <%= @port %> disable = <%= @disable %> socket_type = <%= @socket_type %> protocol = <%= @protocol %> - wait = <%= @mywait %> + wait = <%= @_wait %> user = <%= @user %> group = <%= @group %> + groups = <%= @groups %> server = <%= @server %> +<% if @bind -%> bind = <%= @bind %> -<% if @server_args %> server_args = <%= @server_args %><% end %> -<% if @per_source %> per_source = <%= @per_source %><% end %> -<% if @log_on_failure %> log_on_failure += <%= @log_on_failure %><% end %> -<% if @cps %> cps = <%= @cps %><% end %> -<% if @flags %> flags = <%= @flags %><% end %> -<% if @service_type %> type = <%= @service_type %><% end %> +<% end -%> +<% if @service_type -%> + type = <%= @service_type %> +<% end -%> +<% if @server_args -%> + server_args = <%= @server_args %> +<% end -%> +<% if @only_from -%> + only_from = <%= @only_from %> +<% end -%> +<% if @per_source -%> + per_source = <%= @per_source %> +<% end -%> +<% if @log_on_failure -%> + log_on_failure += <%= @log_on_failure %> +<% end -%> +<% if @cps -%> + cps = <%= @cps %> +<% end -%> +<% if @flags -%> + flags = <%= @flags %> +<% end -%> +<% if @xtype -%> + type = <%= @xtype %> +<% end -%> +<% if @no_access -%> + no_access = <%= @no_access %> +<% end -%> +<% if @access_times -%> + access_times = <%= @access_times %> +<% end -%> +<% if @log_type -%> + log_type = <%= @log_type %> +<% end -%> } diff --git a/files/xinetd.conf b/templates/xinetd.conf.erb similarity index 97% rename from files/xinetd.conf rename to templates/xinetd.conf.erb index 3dfd4c9..3a08429 100644 --- a/files/xinetd.conf +++ b/templates/xinetd.conf.erb @@ -48,5 +48,4 @@ defaults # banner_success = } -includedir /etc/xinetd.d - +includedir <%= @confdir %>