.fixtures.yml

@@ -3,3 +3,5 @@ fixtures:
   repositories:
     stdlib: https://github.com/puppetlabs/puppetlabs-stdlib
     inifile: https://github.com/puppetlabs/puppetlabs-inifile
+    augeasproviders_shellvar: https://github.com/voxpupuli/puppet-augeasproviders_shellvar
+    augeasproviders_core: https://github.com/voxpupuli/puppet-augeasproviders_core

.github/CONTRIBUTING.md

@@ -124,7 +124,7 @@ If you have Ruby 2.x or want a specific version of Puppet,
 you must set an environment variable such as:
 
 ```sh
-export PUPPET_GEM_VERSION="~> 5.5.6"
+export PUPPET_GEM_VERSION="~> 6.1.0"
 ```
 
 You can install all needed gems for spec tests into the modules directory by

.msync.yml

@@ -2,4 +2,4 @@
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 
-modulesync_config_version: '5.2.0'
+modulesync_config_version: '5.3.0'

CHANGELOG.md

@@ -4,6 +4,29 @@ All notable changes to this project will be documented in this file.
 Each new release typically also includes the latest modulesync defaults.
 These should not affect the functionality of the module.
 
+## [v3.9.0](https://github.com/voxpupuli/puppet-systemd/tree/v3.9.0) (2022-05-25)
+
+[Full Changelog](https://github.com/voxpupuli/puppet-systemd/compare/v3.8.0...v3.9.0)
+
+**Implemented enhancements:**
+
+- Add machine-info information management [\#272](https://github.com/voxpupuli/puppet-systemd/pull/272) ([jcpunk](https://github.com/jcpunk))
+- Add management of systemd-oomd [\#271](https://github.com/voxpupuli/puppet-systemd/pull/271) ([jcpunk](https://github.com/jcpunk))
+- Add parameter to manage default target [\#270](https://github.com/voxpupuli/puppet-systemd/pull/270) ([jcpunk](https://github.com/jcpunk))
+- Support Service Limits specified in Bytes [\#268](https://github.com/voxpupuli/puppet-systemd/pull/268) ([optiz0r](https://github.com/optiz0r))
+- Allows % and infinity for Memory Limits + Add MemoryMin [\#267](https://github.com/voxpupuli/puppet-systemd/pull/267) ([SeanHood](https://github.com/SeanHood))
+- Add CentOS 9 to supported operating systems [\#266](https://github.com/voxpupuli/puppet-systemd/pull/266) ([kajinamit](https://github.com/kajinamit))
+- Add function systemd::systemd\_escape [\#243](https://github.com/voxpupuli/puppet-systemd/pull/243) ([jkroepke](https://github.com/jkroepke))
+
+**Fixed bugs:**
+
+- Ensure systemd-networkd is available piror notifying service [\#269](https://github.com/voxpupuli/puppet-systemd/pull/269) ([mat1010](https://github.com/mat1010))
+
+**Closed issues:**
+
+- systemd target support [\#265](https://github.com/voxpupuli/puppet-systemd/issues/265)
+- systemd::escape function is does not escape a lot of other characters [\#242](https://github.com/voxpupuli/puppet-systemd/issues/242)
+
 ## [v3.8.0](https://github.com/voxpupuli/puppet-systemd/tree/v3.8.0) (2022-03-02)
 
 [Full Changelog](https://github.com/voxpupuli/puppet-systemd/compare/v3.7.0...v3.8.0)

Gemfile

@@ -4,7 +4,7 @@
 source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
 group :test do
-  gem 'voxpupuli-test', '~> 5.0',   :require => false
+  gem 'voxpupuli-test', '~> 5.4',   :require => false
   gem 'coveralls',                  :require => false
   gem 'simplecov-console',          :require => false
   gem 'puppet_metadata', '~> 1.0',  :require => false

README.md

@@ -237,6 +237,12 @@ systemd::service_limits { 'foo.service':
 }
 ```
 
+### machine-info (hostnamectl)
+
+You can set elements of `/etc/machine-info` via the `machine_info_settings` parameter.  These values are read by `hostnamectl`.
+
+To manage these, you'll need to add an additional module, [augeasproviders\_shellvar](https://forge.puppet.com/modules/herculesteam/augeasproviders_shellvar), to your environment.
+
 ### Daemon reloads
 
 Systemd caches unit files and their relations. This means it needs to reload, typically done via `systemctl daemon-reload`. Since Puppet 6.1.0 ([PUP-3483](https://tickets.puppetlabs.com/browse/PUP-3483)) takes care of this by calling `systemctl show $SERVICE -- --property=NeedDaemonReload` to determine if a reload is needed. Typically this works well and removes the need for `systemd::systemctl::daemon_reload` as provided prior to camptocamp/systemd 3.0.0. This avoids common circular dependencies.
@@ -259,6 +265,8 @@ systemd::network{'eth0.network':
 
 ### Services
 
+The default target is managed via the `default_target` parameter.  If this is left at its default value (`undef`), the default-target will be unmanaged by puppet.
+
 Systemd provides multiple services. Currently you can manage `systemd-resolved`,
 `systemd-timesyncd`, `systemd-networkd`, `systemd-journald`, `systemd-coredump`
 and `systemd-logind`
@@ -378,6 +386,21 @@ systemd::udev::rule:
     - 'ACTION=="add", KERNEL=="sdb", RUN+="/bin/raw /dev/raw/raw2 %N"',
 ```
 
+### oomd configuration
+The `systemd-oomd `system can be configured.
+
+```puppet
+class{'systemd':
+  manage_oomd   => true,
+  oomd_ensure   => 'running'
+  oomd_settings => {
+    'SwapUsedLimit' => '90%',
+    'DefaultMemoryPressureLimit' => '60%',
+    'DefaultMemoryPressureDurationSec' => 30,
+  }
+}
+```
+
 ### coredump configuration
 The `systemd-coredump `system can be configured.
 
@@ -423,7 +446,9 @@ loginctl_user { 'foo':
 or as a hash via the `systemd::loginctl_users` parameter.
 
 ### Systemd Escape Function
-Escapes strings as `systemd-escape` command does.
+Partially escape strings as `systemd-escape` command does.
+
+This functions only escapes a subset of chars. Non-ASCII character will not escape.
 
 ```puppet
 $result = systemd::escape('foo::bar/')
@@ -437,6 +462,23 @@ $result = systemd::escape('/mnt/foobar/', true)
 ```
 `$result` would be `mnt-foobar`.
 
+### Systemd Escape Function (uses systemd-escape)
+Escape strings by call the `systemd-escape` command in the background.
+
+It's highly recommend running the function as [deferred function](https://puppet.com/docs/puppet/6/deferring_functions.html) since it executes the command on the agent.
+
+```puppet
+$result = Deferred('systemd::systemd_escape', ["foo::bar"])
+```
+`$result` would be `foo::bar-`
+
+or path escape as if with `-p` option.
+
+```puppet
+$result = Deferred('systemd::systemd_escape', ["/mnt/foo-bar/", true])
+```
+`$result` would be `mnt-foo\x2dbar`.
+
 ## Transfer Notice
 
 This plugin was originally authored by [Camptocamp](http://www.camptocamp.com).

REFERENCE.md

@@ -17,8 +17,10 @@
 * `systemd::install`: Install any systemd sub packages
 * `systemd::journald`: This class manages and configures journald.
 * `systemd::logind`: This class manages systemd's login manager configuration.
+* `systemd::machine_info`: This class manages systemd's machine-info file (hostnamectl)
 * `systemd::modules_loads`: Activate the modules contained in modules-loads.d
 * `systemd::networkd`: This class provides an abstract way to trigger systemd-networkd
+* `systemd::oomd`: This class manages and configures oomd.
 * `systemd::resolved`: This class provides an abstract way to trigger resolved.
 * `systemd::system`: This class provides a solution to enable accounting
 * `systemd::timesyncd`: This class provides an abstract way to trigger systemd-timesyncd
@@ -42,6 +44,7 @@
 ### Functions
 
 * [`systemd::escape`](#systemdescape): Escape strings as systemd-escape does.
+* [`systemd::systemd_escape`](#systemdsystemd_escape): Escape strings by call the `systemd-escape` command in the background.
 
 ### Data types
 
@@ -51,6 +54,8 @@
 * [`Systemd::JournaldSettings::Ensure`](#systemdjournaldsettingsensure): defines allowed ensure states for systemd-journald settings
 * [`Systemd::LogindSettings`](#systemdlogindsettings): Matches Systemd Login Manager Struct
 * [`Systemd::LogindSettings::Ensure`](#systemdlogindsettingsensure): defines allowed ensure states for systemd-logind settings
+* [`Systemd::MachineInfoSettings`](#systemdmachineinfosettings): Matches Systemd machine-info (hostnamectl) file Struct
+* [`Systemd::OomdSettings`](#systemdoomdsettings): Configurations for oomd.conf
 * [`Systemd::ServiceLimits`](#systemdservicelimits): Matches Systemd Service Limit Struct
 * [`Systemd::Unit`](#systemdunit): custom datatype that validates different filenames for systemd units
 
@@ -64,6 +69,7 @@ This module allows triggering systemd commands once for all modules
 
 The following parameters are available in the `systemd` class:
 
+* [`default_target`](#default_target)
 * [`service_limits`](#service_limits)
 * [`networks`](#networks)
 * [`timers`](#timers)
@@ -99,6 +105,7 @@ The following parameters are available in the `systemd` class:
 * [`udev_resolve_names`](#udev_resolve_names)
 * [`udev_timeout_signal`](#udev_timeout_signal)
 * [`udev_rules`](#udev_rules)
+* [`machine_info_settings`](#machine_info_settings)
 * [`manage_logind`](#manage_logind)
 * [`logind_settings`](#logind_settings)
 * [`loginctl_users`](#loginctl_users)
@@ -111,6 +118,17 @@ The following parameters are available in the `systemd` class:
 * [`manage_coredump`](#manage_coredump)
 * [`coredump_settings`](#coredump_settings)
 * [`coredump_backtrace`](#coredump_backtrace)
+* [`manage_oomd`](#manage_oomd)
+* [`oomd_ensure`](#oomd_ensure)
+* [`oomd_settings`](#oomd_settings)
+
+##### <a name="default_target"></a>`default_target`
+
+Data type: `Optional[Pattern['^.+\.target$']]`
+
+The default systemd boot target, unmanaged if set to undef.
+
+Default value: ``undef``
 
 ##### <a name="service_limits"></a>`service_limits`
 
@@ -408,6 +426,14 @@ Config Hash that is used to generate instances of our
 
 Default value: `{}`
 
+##### <a name="machine_info_settings"></a>`machine_info_settings`
+
+Data type: `Systemd::MachineInfoSettings`
+
+Settings to place into /etc/machine-info (hostnamectl)
+
+Default value: `{}`
+
 ##### <a name="manage_logind"></a>`manage_logind`
 
 Data type: `Boolean`
@@ -505,6 +531,30 @@ Add --backtrace to systemd-coredump call systemd-coredump@.service unit
 
 Default value: ``false``
 
+##### <a name="manage_oomd"></a>`manage_oomd`
+
+Data type: `Boolean`
+
+Should systemd-oomd configuration be managed
+
+Default value: ``false``
+
+##### <a name="oomd_ensure"></a>`oomd_ensure`
+
+Data type: `Enum['stopped','running']`
+
+The state that the ``oomd`` service should be in
+
+Default value: `'running'`
+
+##### <a name="oomd_settings"></a>`oomd_settings`
+
+Data type: `Systemd::OomdSettings`
+
+Hash of systemd-oomd configurations for oomd.conf
+
+Default value: `{}`
+
 ### <a name="systemdtmpfiles"></a>`systemd::tmpfiles`
 
 Update the systemd temp files
@@ -1458,6 +1508,30 @@ Data type: `Boolean`
 
 Use path (-p) ornon-path  style escaping.
 
+### <a name="systemdsystemd_escape"></a>`systemd::systemd_escape`
+
+Type: Ruby 4.x API
+
+Escape strings by call the `systemd-escape` command in the background.
+
+#### `systemd::systemd_escape(String $input, Optional[Optional[Boolean]] $path)`
+
+The systemd::systemd_escape function.
+
+Returns: `String`
+
+##### `input`
+
+Data type: `String`
+
+Input string
+
+##### `path`
+
+Data type: `Optional[Optional[Boolean]]`
+
+Use path (-p) ornon-path  style escaping.
+
 ## Data types
 
 ### <a name="systemdcoredumpsettings"></a>`Systemd::CoredumpSettings`
@@ -1587,6 +1661,41 @@ Alias of
 Struct[{ 'ensure' => Enum['present','absent'] }]
 ```
 
+### <a name="systemdmachineinfosettings"></a>`Systemd::MachineInfoSettings`
+
+Matches Systemd machine-info (hostnamectl) file Struct
+
+Alias of
+
+```puppet
+Struct[{
+    Optional['PRETTY_HOSTNAME'] => String[1],
+    Optional['ICON_NAME']       => String[1],
+    Optional['CHASSIS']         => String[1],
+    Optional['DEPLOYMENT']      => String[1],
+    Optional['LOCATION']        => String[1],
+    Optional['HARDWARE_VENDOR'] => String[1],
+    Optional['HARDWARE_MODEL']  => String[1],
+  }]
+```
+
+### <a name="systemdoomdsettings"></a>`Systemd::OomdSettings`
+
+Configurations for oomd.conf
+
+* **See also**
+  * https://www.freedesktop.org/software/systemd/man/oomd.conf.html
+
+Alias of
+
+```puppet
+Struct[{
+    Optional['SwapUsedLimit']                    => Pattern[/^[0-9]+[%|‰|‱]$/],
+    Optional['DefaultMemoryPressureLimit']       => Pattern[/^[0-9]+%$/],
+    Optional['DefaultMemoryPressureDurationSec'] => Integer[0],
+  }]
+```
+
 ### <a name="systemdservicelimits"></a>`Systemd::ServiceLimits`
 
 Matches Systemd Service Limit Struct
@@ -1596,18 +1705,18 @@ Alias of
 ```puppet
 Struct[{
     Optional['LimitCPU']            => Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'],
-    Optional['LimitFSIZE']          => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
-    Optional['LimitDATA']           => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
-    Optional['LimitSTACK']          => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
-    Optional['LimitCORE']           => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
-    Optional['LimitRSS']            => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
+    Optional['LimitFSIZE']          => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
+    Optional['LimitDATA']           => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
+    Optional['LimitSTACK']          => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
+    Optional['LimitCORE']           => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
+    Optional['LimitRSS']            => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
     Optional['LimitNOFILE']         => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
-    Optional['LimitAS']             => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
+    Optional['LimitAS']             => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
     Optional['LimitNPROC']          => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
-    Optional['LimitMEMLOCK']        => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
+    Optional['LimitMEMLOCK']        => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
     Optional['LimitLOCKS']          => Integer[1],
     Optional['LimitSIGPENDING']     => Integer[1],
-    Optional['LimitMSGQUEUE']       => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
+    Optional['LimitMSGQUEUE']       => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
     Optional['LimitNICE']           => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$']],
     Optional['LimitRTPRIO']         => Integer[0],
     Optional['LimitRTTIME']         => Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'],
@@ -1616,10 +1725,11 @@ Struct[{
     Optional['StartupCPUShares']    => Integer[2,262144],
     Optional['CPUQuota']            => Pattern['^([1-9][0-9]*)%$'],
     Optional['MemoryAccounting']    => Boolean,
-    Optional['MemoryLow']           => Pattern['^(\d+(K|M|G|T)?)$'],
-    Optional['MemoryHigh']          => Pattern['^(\d+(K|M|G|T)?)$'],
-    Optional['MemoryMax']           => Pattern['^(\d+(K|M|G|T)?)$'],
-    Optional['MemoryLimit']         => Pattern['^(\d+(K|M|G|T)?)$'],
+    Optional['MemoryLow']           => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
+    Optional['MemoryMin']           => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
+    Optional['MemoryHigh']          => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
+    Optional['MemoryMax']           => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
+    Optional['MemoryLimit']         => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
     Optional['TasksAccounting']     => Boolean,
     Optional['TasksMax']            => Variant[Integer[1],Pattern['^(infinity|([1-9][0-9]?$|^100)%)$']],
     Optional['IOAccounting']        => Boolean,

lib/puppet/functions/systemd/systemd_escape.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# @summary Escape strings by call the `systemd-escape` command in the background.
+Puppet::Functions.create_function(:'systemd::systemd_escape') do
+  # @param input Input string
+  # @param path Use path (-p) ornon-path  style escaping.
+  dispatch :escape do
+    param 'String', :input
+    optional_param 'Optional[Boolean]', :path
+    return_type 'String'
+  end
+
+  def escape(input, path = false)
+    args = []
+
+    args.push('--path') if path
+
+    args.push(input)
+    exec_systemd(args)
+  end
+
+  def exec_systemd(*args)
+    exec_args = { failonfail: true, combine: false }
+    escaped = Puppet::Util::Execution.execute(['systemd-escape', args], **exec_args)
+    escaped.strip
+  end
+end