Remove any lsb facts usage

README.md

@@ -49,40 +49,27 @@ operating systems and distributions.
 
 ### Beginning with fail2ban
 
-Install fail2ban with the default parameters ***(No configuration files will be changed)***.
+Install and configure `fail2ban`:
 
 ```puppet
     class { 'fail2ban': }
 ```
 
-Install fail2ban with the recommended parameters.
-
-```puppet
-    class { 'fail2ban':
-      config_file_template => "fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.conf.epp",
-    }
-```
-
 ### Config file template
 
-You'll find an example on examples folder for each operating system. Previous
-example show how to enable config for every supported operating system, using
-${::lsbdistcodename} fact.
-
-You can also manually specify a different configuration template. To do it,
-instead of the one using ${::lsbdistcodename} fact, use your desired
-configuration template:
+You can also manually specify a different configuration template. To do it, use
+your desired configuration template (e.g. if your template is in your local profile):
 
 ```puppet
   class { 'fail2ban':
-    config_file_template => "fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.conf.epp"
+    config_file_template => "profile/fail2ban/etc/fail2ban/jail.conf.epp"
   }
 ```
 
 Or using Hiera:
 
 ```hiera
-fail2ban::config_file_template: "fail2ban/%{::lsbdistcodename}/etc/fail2ban/jail.conf.epp"
+fail2ban::config_file_template: "profile/fail2ban/etc/fail2ban/jail.conf.epp"
 ```
 
 ## Usage
@@ -115,7 +102,7 @@ Deploy the configuration files from source directory.
 
 ```puppet
     class { 'fail2ban':
-      config_dir_source => "puppet:///modules/fail2ban/${::lsbdistcodename}/etc/fail2ban",
+      config_dir_source => "puppet:///modules/profile/fail2ban/etc/fail2ban",
     }
 ```
 
@@ -125,15 +112,15 @@ files will be removed)***.
 ```puppet
     class { 'fail2ban':
       config_dir_purge  => true,
-      config_dir_source => "puppet:///modules/fail2ban/${::lsbdistcodename}/etc/fail2ban",
+      config_dir_source => "puppet:///modules/profile/fail2ban/etc/fail2ban",
     }
 ```
 
 Deploy the configuration file from source.
 
 ```puppet
     class { 'fail2ban':
-      config_file_source => "puppet:///modules/fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.conf",
+      config_file_source => "puppet:///modules/profile/fail2ban/etc/fail2ban/jail.conf",
     }
 ```
 
@@ -149,7 +136,7 @@ Deploy the configuration file from template.
 
 ```puppet
     class { 'fail2ban':
-      config_file_template => "fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.conf.epp",
+      config_file_template => "profile/fail2ban/etc/fail2ban/jail.conf.epp",
     }
 ```
 
@@ -158,7 +145,7 @@ be defined)***.
 
 ```puppet
     class { 'fail2ban':
-      config_file_template     => "fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.conf.epp",
+      config_file_template     => "profile/fail2ban/etc/fail2ban/jail.conf.epp",
       config_file_options_hash => {
         'key' => 'value',
       },
@@ -172,15 +159,15 @@ Deploy additional configuration files from source, string or template.
       config_file_hash => {
         'jail.2nd.conf' => {
           config_file_path   => '/etc/fail2ban/jail.2nd.conf',
-          config_file_source => "puppet:///modules/fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.2nd.conf",
+          config_file_source => "puppet:///modules/profile/fail2ban/etc/fail2ban/jail.2nd.conf",
         },
         'jail.3rd.conf' => {
           config_file_path   => '/etc/fail2ban/jail.3rd.conf',
           config_file_string => '# THIS FILE IS MANAGED BY PUPPET',
         },
         'jail.4th.conf' => {
           config_file_path     => '/etc/fail2ban/jail.4th.conf',
-          config_file_template => "fail2ban/${::lsbdistcodename}/etc/fail2ban/jail.4th.conf.epp",
+          config_file_template => "profile/fail2ban/etc/fail2ban/jail.4th.conf.epp",
         },
       },
     }

data/Debian.yaml

@@ -0,0 +1,2 @@
+---
+fail2ban::config_file_before: 'paths-debian.conf'

data/RedHat.yaml

@@ -0,0 +1,2 @@
+---
+fail2ban::config_file_before: 'paths-fedora.conf'

data/common.yaml

@@ -0,0 +1,2 @@
+---
+fail2ban::config_file_template: "fail2ban/%{facts.os.name}/%{facts.os.release.major}/etc/fail2ban/jail.conf.epp"

examples/fail2ban-Debian.yaml

@@ -1,5 +1,4 @@
 ---
-fail2ban::config_file_template: "fail2ban/%{::lsbdistcodename}/etc/fail2ban/jail.conf.epp"
 fail2ban::action: 'action_mb'
 fail2ban::bantime: 600
 fail2ban::email: "admin@%{::domain}"

examples/fail2ban-RedHat.yaml

@@ -1,5 +1,4 @@
 ---
-fail2ban::config_file_template: "fail2ban/%{::lsbdistcodename}/etc/fail2ban/jail.conf.epp"
 fail2ban::action: 'action_mb'
 fail2ban::bantime: 600
 fail2ban::email: "admin@%{::domain}"

hiera.yaml

@@ -0,0 +1,11 @@
+---
+version: 5
+defaults:
+  datadir: 'data'
+  data_hash: 'yaml_data'
+hierarchy:
+  - name: 'Operating System Family'
+    path: '%{facts.os.family}.yaml'
+
+  - name: 'common'
+    path: 'common.yaml'

manifests/init.pp

@@ -1,33 +1,34 @@
 # == Class: fail2ban
 #
 class fail2ban (
+  String[1] $config_file_before,
+
   Enum['absent', 'latest', 'present', 'purged'] $package_ensure = 'present',
-  String[1] $package_name = $fail2ban::params::package_name,
-  Optional[Array[String]] $package_list = $fail2ban::params::package_list,
+  String[1] $package_name = 'fail2ban',
+  Optional[Array[String]] $package_list = undef,
 
-  Stdlib::Absolutepath $config_dir_path = $fail2ban::params::config_dir_path,
-  Stdlib::Absolutepath $config_dir_filter_path = $fail2ban::params::config_dir_filter_path,
+  Stdlib::Absolutepath $config_dir_path = '/etc/fail2ban',
+  Stdlib::Absolutepath $config_dir_filter_path = '/etc/fail2ban/filter.d',
   Boolean $config_dir_purge = false,
   Boolean $config_dir_recurse = true,
   Optional[String] $config_dir_source = undef,
 
-  Stdlib::Absolutepath $config_file_path = $fail2ban::params::config_file_path,
-  String[1] $config_file_owner = $fail2ban::params::config_file_owner,
-  String[1] $config_file_group = $fail2ban::params::config_file_group,
-  String[1] $config_file_mode = $fail2ban::params::config_file_mode,
-  String[1] $config_file_before = $fail2ban::params::before_file,
+  Stdlib::Absolutepath $config_file_path = '/etc/fail2ban/jail.conf',
+  String[1] $config_file_owner = 'root',
+  String[1] $config_file_group = 'root',
+  String[1] $config_file_mode = '0644',
   Optional[String[1]] $config_file_source = undef,
   Optional[String[1]] $config_file_string = undef,
   Optional[String[1]] $config_file_template = undef,
 
-  String[1] $config_file_notify = $fail2ban::params::config_file_notify,
-  String[1] $config_file_require = $fail2ban::params::config_file_require,
+  String[1] $config_file_notify = 'Service[fail2ban]',
+  String[1] $config_file_require = 'Package[fail2ban]',
 
   Hash[String[1], Any] $config_file_hash = {},
   Hash $config_file_options_hash = {},
 
   Enum['running', 'stopped'] $service_ensure = 'running',
-  String[1] $service_name = $fail2ban::params::service_name,
+  String[1] $service_name = 'fail2ban',
   Boolean $service_enable = true,
 
   String[1] $action = 'action_mb',
@@ -40,7 +41,7 @@
   Array $whitelist = ['127.0.0.1/8', '192.168.56.0/24'],
   Hash[String, Hash] $custom_jails = {},
   String[1] $banaction = 'iptables-multiport',
-) inherits ::fail2ban::params {
+) {
   $config_file_content = extlib::default_content($config_file_string, $config_file_template)
 
   if $config_file_hash {

manifests/jail.pp

@@ -54,7 +54,7 @@
   # Jail creation
   file { "custom_jail_${name}":
     ensure  => file,
-    path    => "${fail2ban::params::config_dir_path}/jail.d/${name}.conf",
+    path    => "${fail2ban::config_dir_path}/jail.d/${name}.conf",
     content => epp('fail2ban/common/custom_jail.conf.epp',
       {
         name         => $name,

spec/acceptance/class_spec.rb

@@ -79,11 +79,10 @@ class { 'fail2ban':
         it { is_expected.to be_file }
       end
       describe service(service_name) do
-        if %w[stretch buster].include? fact('lsbdistcodename')
-          it { is_expected.not_to be_running }
-        else
-          it { is_expected.not_to be_enabled }
-        end
+        it { is_expected.not_to be_running }
+        # The docker images of Debian do not use systemd, the following test
+        # cannot be performed on these images.
+        it { is_expected.not_to be_enabled } if fact('osfamily') != 'Debian'
       end
     end
 
@@ -132,7 +131,7 @@ class { 'fail2ban': }
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('lsbdistcodename')}/#{config_file_path}.epp",
+            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
           }
         EOS
 
@@ -150,7 +149,7 @@ class { 'fail2ban':
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('lsbdistcodename')}/#{config_file_path}.epp",
+            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
             iptables_chain => 'TEST',
           }
         EOS
@@ -169,7 +168,7 @@ class { 'fail2ban':
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('lsbdistcodename')}/#{config_file_path}.epp",
+            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
             banaction            => 'iptables'
           }
         EOS
@@ -187,7 +186,7 @@ class { 'fail2ban':
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('lsbdistcodename')}/#{config_file_path}.epp",
+            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
             sender => 'custom-sender@example.com',
           }
         EOS

spec/classes/init_spec.rb

@@ -7,26 +7,11 @@
         facts
       end
 
-      begin
-        distname = facts[:os]['distro']['codename']
-      rescue
-        distname = case facts[:os]['family']
-                   when 'RedHat'
-                     case facts[:os]['release']['major']
-                     when '6'
-                       'Santiago'
-                     when '7'
-                       'Maipo'
-                     else
-                       'unsupported_RedHat'
-                     end
-                   else
-                     'unsupported'
-                   end
+      let(:config_file_template) do
+        "fail2ban/#{facts[:os]['name']}/#{facts[:os]['release']['major']}/etc/fail2ban/jail.conf.epp"
       end
 
       it { is_expected.to compile.with_all_deps }
-      it { is_expected.to contain_class('fail2ban::params') }
       it { is_expected.to contain_class('fail2ban::install').that_comes_before('Class[fail2ban::config]') }
       it { is_expected.to contain_class('fail2ban::config').that_notifies('Class[fail2ban::service]') }
       it { is_expected.to contain_class('fail2ban::service') }
@@ -202,7 +187,7 @@
         context 'when content template' do
           let(:params) do
             {
-              config_file_template: "fail2ban/#{distname}/etc/fail2ban/jail.conf.epp"
+              config_file_template: config_file_template
             }
           end
 
@@ -219,7 +204,7 @@
         context 'when content template (custom)' do
           let(:params) do
             {
-              config_file_template: "fail2ban/#{distname}/etc/fail2ban/jail.conf.epp",
+              config_file_template: config_file_template,
               config_file_options_hash: {
                 'key' => 'value'
               }
@@ -239,7 +224,7 @@
         context 'when iptables chain provided' do
           let(:params) do
             {
-              config_file_template: "fail2ban/#{distname}/etc/fail2ban/jail.conf.epp",
+              config_file_template: config_file_template,
               iptables_chain: 'TEST'
             }
           end
@@ -254,7 +239,7 @@
         context 'when custom banaction is provided' do
           let(:params) do
             {
-              config_file_template: "fail2ban/#{distname}/etc/fail2ban/jail.conf.epp",
+              config_file_template: config_file_template,
               banaction: 'iptables'
             }
           end