-define ferm::conf ($content=undef, $source=undef) {
+#
+define ferm::conf (
+ $source=undef,
+ $content=undef,
+ $ensure=present,
+ $prio='xx-10',
+) {
+ include ferm
- case $ensure {
- present,absent: {}
- default: { fail ( "Invald ensure `${ensure}' for ${name}" ) }
- }
+ case $ensure {
+ present: {
+ if ! ($source or $content) {
+ fail ( "No configuration found for ${name}" )
+ }
+ }
+ absent: {}
+ default: { fail ( "Unknown ensure value: '${ensure}'" ) }
+ }
- if ($source and $content) {
- fail ( "Can't define both source and content for ${name}" )
- }
+ if ($source and $content) {
+ fail ( "Can't define both source and content for ${name}" )
+ }
- if $source {
- file { "/etc/ferm/conf.d/${name}":
- ensure => $ensure,
- source => $source
- }
- } elsif $content {
- file { "/etc/ferm/conf.d/${name}":
- ensure => $ensure,
- content => $content,
- }
- }
+ $fname = "/etc/ferm/conf.d/${prio}_${name}.conf"
+
+ if $content {
+ file { $fname:
+ ensure => $ensure,
+ mode => '0400',
+ content => $content,
+ notify => Exec['ferm reload'],
+ }
+ } else {
+ file { $fname:
+ ensure => $ensure,
+ mode => '0400',
+ source => $source,
+ notify => Exec['ferm reload'],
+ }
+ }
}