X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fconf.pp;h=c016e09f37382df00eb8b47cb0396a36ef026e9d;hb=9b3b9b27fccaa62aae90ef3713d3af0407116854;hp=a97ec69017fca3a4e4e5dd5c74f30e7eabd8263d;hpb=2ac3c31e46729c35e8ce201e27b79b43c79c11b2;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/conf.pp b/modules/ferm/manifests/conf.pp
index a97ec6901..c016e09f3 100644
--- a/modules/ferm/manifests/conf.pp
+++ b/modules/ferm/manifests/conf.pp
@@ -1,23 +1,41 @@
-define ferm::conf ($content=undef, $source=undef) {
+#
+define ferm::conf (
+  $source=undef,
+  $content=undef,
+  $ensure=present,
+  $prio='xx-10',
+) {
+  include ferm
 
-	case $ensure {
-		present,absent: {}
-		default: { fail ( "Invald ensure `${ensure}' for ${name}" ) }
-	}
+  case $ensure {
+    present: {
+      if ! ($source or $content) {
+        fail ( "No configuration found for ${name}" )
+      }
+    }
+    absent:  {}
+    default: { fail ( "Unknown ensure value: '${ensure}'" ) }
+  }
 
-	if ($source and $content) {
-		fail ( "Can't define both source and content for ${name}" )
-	}
+  if ($source and $content) {
+    fail ( "Can't define both source and content for ${name}" )
+  }
 
-	if $source {
-		file { "/etc/ferm/conf.d/${name}":
-			ensure => $ensure,
-			source => $source
-		}
-	} elsif $content {
-		file { "/etc/ferm/conf.d/${name}":
-			ensure  => $ensure,
-			content => $content,
-		}
-	}
+  $fname = "/etc/ferm/conf.d/${prio}_${name}.conf"
+
+  if $content {
+    file { $fname:
+        ensure  => $ensure,
+        mode    => '0400',
+        content => $content,
+        notify  => Exec['ferm reload'],
+    }
+  } else {
+    file { $fname:
+        ensure => $ensure,
+        mode   => '0400',
+        source => $source,
+        notify => Exec['ferm reload'],
+    }
+  }
 }