From: Peter Palfrader Date: Mon, 17 Dec 2018 09:19:44 +0000 (+0100) Subject: reload ferm on changes instead of restart X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=ecfbb7c216e5cbfd8ab8994b6c3c753e8a4f04b0;p=mirror%2Fdsa-puppet.git reload ferm on changes instead of restart --- diff --git a/modules/ferm/manifests/conf.pp b/modules/ferm/manifests/conf.pp index d7691947b..7457094e8 100644 --- a/modules/ferm/manifests/conf.pp +++ b/modules/ferm/manifests/conf.pp @@ -28,14 +28,14 @@ define ferm::conf ( ensure => $ensure, mode => '0400', content => $content, - notify => Service['ferm'], + notify => Exec['ferm reload'], } } else { file { $fname: ensure => $ensure, mode => '0400', source => $source, - notify => Service['ferm'], + notify => Exec['ferm reload'], } } } diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp index f33c8ba8d..196a39e91 100644 --- a/modules/ferm/manifests/init.pp +++ b/modules/ferm/manifests/init.pp @@ -28,6 +28,12 @@ class ferm { hasstatus => false, status => '/bin/true', } + exec { + "ferm reload": + command => "service ferm reload", + refreshonly => true, + } + $munin_ips = getfromhash($site::nodeinfo, 'misc', 'v4addrs') .map |$addr| { "ip_${addr}" } @@ -40,7 +46,7 @@ class ferm { file { '/etc/ferm': ensure => directory, - notify => Service['ferm'], + notify => Exec['ferm reload'], require => Package['ferm'], mode => '0755' } @@ -63,29 +69,29 @@ class ferm { file { '/etc/default/ferm': source => 'puppet:///modules/ferm/ferm.default', require => Package['ferm'], - notify => Service['ferm'], + notify => Exec['ferm reload'], mode => '0444', } file { '/etc/ferm/ferm.conf': content => template('ferm/ferm.conf.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } file { '/etc/ferm/conf.d/00-init.conf': content => template('ferm/00-init.conf.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } file { '/etc/ferm/conf.d/me.conf': content => template('ferm/me.conf.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } file { '/etc/ferm/conf.d/defs.conf': content => template('ferm/defs.conf.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } file { '/etc/ferm/conf.d/50-munin-interfaces.conf': content => template('ferm/conf.d-munin-interfaces.conf.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } @ferm::rule { 'dsa-munin-interfaces-in': prio => '001', @@ -104,7 +110,7 @@ class ferm { file { '/etc/ferm/dsa.d/010-base.conf': content => template('ferm/dsa.d-010-base.conf.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } augeas { 'logrotate_ulogd2': diff --git a/modules/ferm/manifests/module.pp b/modules/ferm/manifests/module.pp index 076d3e5bc..ead8136d7 100644 --- a/modules/ferm/manifests/module.pp +++ b/modules/ferm/manifests/module.pp @@ -20,7 +20,7 @@ define ferm::module ( ensure => $ensure, content => template('ferm/load_module.erb'), require => Package['ferm'], - notify => Service['ferm'] + notify => Exec['ferm reload'] } } } diff --git a/modules/ferm/manifests/rule.pp b/modules/ferm/manifests/rule.pp index f5924f716..945f3dc51 100644 --- a/modules/ferm/manifests/rule.pp +++ b/modules/ferm/manifests/rule.pp @@ -15,6 +15,6 @@ define ferm::rule ( ensure => present, mode => '0400', content => template('ferm/ferm_rule.erb'), - notify => Service['ferm'], + notify => Exec['ferm reload'], } } diff --git a/modules/ipsec/manifests/init.pp b/modules/ipsec/manifests/init.pp index 2cd0f9ab0..6952c0656 100644 --- a/modules/ipsec/manifests/init.pp +++ b/modules/ipsec/manifests/init.pp @@ -59,6 +59,6 @@ class ipsec { "/etc/ferm/dsa.d/10-ipsec": mode => '0400', content => template("ipsec/ferm.erb"), - notify => Service['ferm'], + notify => Exec['ferm reload'], } }