CHANGELOG.md

@@ -4,6 +4,21 @@ All notable changes to this project will be documented in this file.
 Each new release typically also includes the latest modulesync defaults.
 These should not affect the functionality of the module.
 
+## [v3.6.0](https://github.com/voxpupuli/puppet-systemd/tree/v3.6.0) (2022-02-15)
+
+[Full Changelog](https://github.com/voxpupuli/puppet-systemd/compare/v3.5.2...v3.6.0)
+
+**Implemented enhancements:**
+
+- unit\_file: Implement selinux\_ignore\_defaults [\#248](https://github.com/voxpupuli/puppet-systemd/pull/248) ([bastelfreak](https://github.com/bastelfreak))
+- unit\_file: Implement hasrestart/hasstatus [\#247](https://github.com/voxpupuli/puppet-systemd/pull/247) ([bastelfreak](https://github.com/bastelfreak))
+- Install systemd-resolved on CentOS 8 and 9 [\#246](https://github.com/voxpupuli/puppet-systemd/pull/246) ([traylenator](https://github.com/traylenator))
+- Manage entries in modules-load.d directory [\#244](https://github.com/voxpupuli/puppet-systemd/pull/244) ([traylenator](https://github.com/traylenator))
+
+**Fixed bugs:**
+
+- systemd::escape: Also escape - \(dash\) [\#245](https://github.com/voxpupuli/puppet-systemd/pull/245) ([weaselp](https://github.com/weaselp))
+
 ## [v3.5.2](https://github.com/voxpupuli/puppet-systemd/tree/v3.5.2) (2022-01-12)
 
 [Full Changelog](https://github.com/voxpupuli/puppet-systemd/compare/v3.5.1...v3.5.2)

README.md

@@ -105,6 +105,17 @@ systemd::dropin_files:
     source: puppet:///modules/${module_name}/foo.conf
 ```
 
+### modules-load.d
+
+Create a file entry for modules-loads directory and start
+`systemd-modules-load.service`
+
+```puppet
+systemd::modules_load{'impi.conf':
+  content => "ipmi\n",
+}
+```
+
 ### tmpfiles
 
 Let this module handle file creation and systemd reloading
@@ -281,6 +292,9 @@ class{'systemd':
 }
 ```
 
+when `manage_systemd` is true any required sub package, e.g. `systemd-resolved` on CentOS 8, will be installed. However configuration of
+systemd-resolved will only occur on second puppet run after that installation.
+
 This requires [puppetlabs-inifile](https://forge.puppet.com/puppetlabs/inifile), which is only a soft dependency in this module (you need to explicitly install it). Both parameters accept a string or an array.
 
 ### Resource Accounting

REFERENCE.md

@@ -13,8 +13,10 @@
 
 #### Private Classes
 
+* `systemd::install`: Install any systemd sub packages
 * `systemd::journald`: This class manages and configures journald.
 * `systemd::logind`: This class manages systemd's login manager configuration.
+* `systemd::modules_loads`: Activate the modules contained in modules-loads.d
 * `systemd::networkd`: This class provides an abstract way to trigger systemd-networkd
 * `systemd::resolved`: This class provides an abstract way to trigger resolved.
 * `systemd::system`: This class provides a solution to enable accounting
@@ -24,6 +26,7 @@
 ### Defined types
 
 * [`systemd::dropin_file`](#systemddropin_file): Creates a drop-in file for a systemd unit
+* [`systemd::modules_load`](#systemdmodules_load): Creates a modules-load.d drop file
 * [`systemd::network`](#systemdnetwork): Creates network config for systemd-networkd
 * [`systemd::service_limits`](#systemdservice_limits): Adds a set of custom limits to the service
 * [`systemd::timer`](#systemdtimer): Create a timer and optionally a service unit to execute with the timer unit
@@ -66,6 +69,7 @@ The following parameters are available in the `systemd` class:
 * [`unit_files`](#unit_files)
 * [`manage_resolved`](#manage_resolved)
 * [`resolved_ensure`](#resolved_ensure)
+* [`resolved_package`](#resolved_package)
 * [`dns`](#dns)
 * [`fallback_dns`](#fallback_dns)
 * [`domains`](#domains)
@@ -159,6 +163,14 @@ The state that the ``resolved`` service should be in
 
 Default value: `'running'`
 
+##### <a name="resolved_package"></a>`resolved_package`
+
+Data type: `Optional[Enum['systemd-resolved']]`
+
+The name of a systemd sub package needed for systemd-resolved if one needs to be installed.
+
+Default value: ``undef``
+
 ##### <a name="dns"></a>`dns`
 
 Data type: `Optional[Variant[Array[String],String]]`
@@ -605,6 +617,85 @@ Notify a service for the unit, if it exists
 
 Default value: ``false``
 
+### <a name="systemdmodules_load"></a>`systemd::modules_load`
+
+Creates a modules-load.d drop file
+
+* **See also**
+  * modules-load.d(5)
+
+#### Examples
+
+##### load a module
+
+```puppet
+systemd::modules_load{'impi.conf':
+   content => "ipmi\n",
+}
+```
+
+##### override /lib/modules-load.d/myservice.conf in /etc/modules-load.d/myservice.conf
+
+```puppet
+systemd::modules_load{'myservice.conf':
+   content => "# Cancel system version of the file\n",
+}
+```
+
+#### Parameters
+
+The following parameters are available in the `systemd::modules_load` defined type:
+
+* [`filename`](#filename)
+* [`ensure`](#ensure)
+* [`path`](#path)
+* [`content`](#content)
+* [`source`](#source)
+
+##### <a name="filename"></a>`filename`
+
+Data type: `Systemd::Dropin`
+
+The name of the modules-load.d file to create
+
+Default value: `$name`
+
+##### <a name="ensure"></a>`ensure`
+
+Data type: `Enum['present', 'absent', 'file']`
+
+Whether to drop a file or remove it
+
+Default value: `'file'`
+
+##### <a name="path"></a>`path`
+
+Data type: `Stdlib::Absolutepath`
+
+The path to the main systemd modules-load.d directory
+
+Default value: `'/etc/modules-load.d'`
+
+##### <a name="content"></a>`content`
+
+Data type: `Optional[String[1]]`
+
+The literal content to write to the file
+
+* Mutually exclusive with ``$source``
+
+Default value: ``undef``
+
+##### <a name="source"></a>`source`
+
+Data type: `Optional[String[1]]`
+
+A ``File`` resource compatible ``source``
+
+* Mutually exclusive with ``$content``
+
+Default value: ``undef``
+
 ### <a name="systemdnetwork"></a>`systemd::network`
 
 Creates network config for systemd-networkd
@@ -1077,6 +1168,9 @@ The following parameters are available in the `systemd::unit_file` defined type:
 * [`enable`](#enable)
 * [`active`](#active)
 * [`restart`](#restart)
+* [`hasrestart`](#hasrestart)
+* [`hasstatus`](#hasstatus)
+* [`selinux_ignore_defaults`](#selinux_ignore_defaults)
 
 ##### <a name="name"></a>`name`
 
@@ -1186,6 +1280,30 @@ Specify a restart command manually. If left unspecified, a standard Puppet servi
 
 Default value: ``undef``
 
+##### <a name="hasrestart"></a>`hasrestart`
+
+Data type: `Optional[Boolean]`
+
+maps to the same param on the service resource. Optional in the module because it's optional in the service resource type
+
+Default value: ``undef``
+
+##### <a name="hasstatus"></a>`hasstatus`
+
+Data type: `Boolean`
+
+maps to the same param on the service resource. true in the module because it's true in the service resource type
+
+Default value: ``true``
+
+##### <a name="selinux_ignore_defaults"></a>`selinux_ignore_defaults`
+
+Data type: `Boolean`
+
+maps to the same param on the file resource for the unit. false in the module because it's false in the file resource type
+
+Default value: ``false``
+
 ## Resource types
 
 ### <a name="loginctl_user"></a>`loginctl_user`

data/RedHat-8.yaml

@@ -1,4 +1,6 @@
 ---
+systemd::resolved_package: 'systemd-resolved'
+
 systemd::accounting:
   DefaultCPUAccounting: 'yes'
   DefaultBlockIOAccounting: 'yes'

data/RedHat-9.yaml

@@ -1,4 +1,6 @@
 ---
+systemd::resolved_package: 'systemd-resolved'
+
 systemd::accounting:
   DefaultCPUAccounting: 'yes'
   DefaultBlockIOAccounting: 'yes'

functions/escape.pp

@@ -34,6 +34,7 @@ function systemd::escape(String[1] $input, Boolean $path = false) >> String {
       }
       '/': { $_escaped = '-' }
       ',': { $_escaped = '\x2c' }
+      '-': { $_escaped = '\x2d' }
       default: { $_escaped = $_token }
     }
     $_escaped

manifests/init.pp

@@ -24,6 +24,9 @@
 # @param resolved_ensure
 #   The state that the ``resolved`` service should be in
 #
+# @param resolved_package
+#   The name of a systemd sub package needed for systemd-resolved if one needs to be installed.
+#
 # @param dns
 #   A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers.
 #   DNS requests are sent to one of the listed DNS servers in parallel to suitable
@@ -148,6 +151,7 @@
   Hash[String[1],Hash[String[1], Any]]                $tmpfiles = {},
   Hash[String[1],Hash[String[1], Any]]                $unit_files = {},
   Boolean                                             $manage_resolved = false,
+  Optional[Enum['systemd-resolved']]                  $resolved_package = undef,
   Enum['stopped','running']                           $resolved_ensure = 'running',
   Optional[Variant[Array[String],String]]             $dns = undef,
   Optional[Variant[Array[String],String]]             $fallback_dns = undef,
@@ -184,6 +188,8 @@
   Hash                                                $dropin_files = {},
   Hash                                                $udev_rules = {},
 ) {
+  contain systemd::install
+
   $service_limits.each |$service_limit, $service_limit_data| {
     systemd::service_limits { $service_limit:
       * => $service_limit_data,
@@ -212,6 +218,7 @@
 
   if $manage_resolved and $facts['systemd_internal_services'] and $facts['systemd_internal_services']['systemd-resolved.service'] {
     contain systemd::resolved
+    Class['systemd::install'] -> Class['systemd::resolved']
   }
 
   if $manage_networkd and $facts['systemd_internal_services'] and $facts['systemd_internal_services']['systemd-networkd.service'] {

manifests/install.pp

@@ -0,0 +1,10 @@
+# @summary Install any systemd sub packages
+# @api private
+#
+class systemd::install {
+  if $systemd::manage_resolved and $systemd::resolved_package {
+    package { $systemd::resolved_package:
+      ensure => present,
+    }
+  }
+}

manifests/modules_load.pp

@@ -0,0 +1,59 @@
+# Creates a modules-load.d drop file
+#
+# @api public
+#
+# @see modules-load.d(5)
+#
+# @param filename
+#   The name of the modules-load.d file to create
+#
+# @param ensure
+#   Whether to drop a file or remove it
+#
+# @param path
+#   The path to the main systemd modules-load.d directory
+#
+# @param content
+#   The literal content to write to the file
+#
+#   * Mutually exclusive with ``$source``
+#
+# @param source
+#   A ``File`` resource compatible ``source``
+#
+#   * Mutually exclusive with ``$content``
+#
+# @example load a module
+#   systemd::modules_load{'impi.conf':
+#      content => "ipmi\n",
+#   }
+#
+# @example override /lib/modules-load.d/myservice.conf in /etc/modules-load.d/myservice.conf
+#   systemd::modules_load{'myservice.conf':
+#      content => "# Cancel system version of the file\n",
+#   }
+#
+define systemd::modules_load (
+  Enum['present', 'absent', 'file'] $ensure   = 'file',
+  Systemd::Dropin                   $filename = $name,
+  Stdlib::Absolutepath              $path     = '/etc/modules-load.d',
+  Optional[String[1]]               $content  = undef,
+  Optional[String[1]]               $source   = undef,
+) {
+  include systemd::modules_loads
+
+  $_tmp_file_ensure = $ensure ? {
+    'present' => 'file',
+    default   => $ensure,
+  }
+
+  file { "${path}/${filename}":
+    ensure  => $_tmp_file_ensure,
+    content => $content,
+    source  => $source,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0444',
+    notify  => Class['systemd::modules_loads'],
+  }
+}

manifests/modules_loads.pp

@@ -0,0 +1,13 @@
+# Activate the modules contained in modules-loads.d
+#
+# @api private
+#
+# @see systemd-modules-load.service(8)
+#
+class systemd::modules_loads {
+  exec { 'systemd-modules-load' :
+    command     => 'systemctl start systemd-modules-load.service',
+    refreshonly => true,
+    path        => $facts['path'],
+  }
+}