move common from hiera data values to init.pp

diff --git a/REFERENCE.md b/REFERENCE.md
index 5ab5f0ba577acffe2db61d0784da47a3c1c35380..75dfe6f08100a25c88cea253415d0b00bbe6cb5f 100644 (file)
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -76,129 +76,126 @@ The following parameters are available in the `ferm` class.
 Data type: `Boolean`
 
 Disable/Enable the management of the ferm daemon
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `manage_configfile`
 
 Data type: `Boolean`
 
 Disable/Enable the management of the ferm default config
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `manage_initfile`
 
 Data type: `Boolean`
 
 Disable/Enable the management of the ferm init script for RedHat-based OS
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `configfile`
 
 Data type: `Stdlib::Absolutepath`
 
 Path to the config file
-Default value: /etc/ferm.conf
-Allowed values: Stdlib::Absolutepath
 
 ##### `configdirectory`
 
 Data type: `Stdlib::Absolutepath`
 
 Path to the directory where the module stores ferm configuration files
-Default value: /etc/ferm.d or /etc/ferm/ferm.d
-Allowed values: Stdlib::Absolutepath
 
 ##### `disable_conntrack`
 
 Data type: `Boolean`
 
 Disable/Enable the generation of conntrack rules
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `forward_policy`
 
 Data type: `Ferm::Policies`
 
 Default policy for the FORWARD chain
-Default value: DROP
-Allowed values: (ACCEPT|DROP)
+
+Default value: 'DROP'
 
 ##### `output_policy`
 
 Data type: `Ferm::Policies`
 
 Default policy for the OUTPUT chain
-Default value: ACCEPT
-Allowed values: (ACCEPT|DROP)
+
+Default value: 'ACCEPT'
 
 ##### `input_policy`
 
 Data type: `Ferm::Policies`
 
 Default policy for the INPUT chain
-Default value: DROP
-Allowed values: (ACCEPT|DROP)
+
+Default value: 'DROP'
 
 ##### `rules`
 
 Data type: `Hash`
 
 A hash that holds all data for ferm::rule
-Default value: Empty Hash
-Allowed value: Any Hash
+
+Default value: {}
 
 ##### `chains`
 
 Data type: `Hash`
 
 A hash that holds all data for ferm::chain
-Default value: Empty Hash
-Allowed value: Any Hash
+
+Default value: {}
 
 ##### `forward_log_dropped_packets`
 
 Data type: `Boolean`
 
 Enable/Disable logging in the FORWARD chain of packets to the kernel log, if no explicit chain matched
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `output_log_dropped_packets`
 
 Data type: `Boolean`
 
 Enable/Disable logging in the OUTPUT chain of packets to the kernel log, if no explicit chain matched
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `input_log_dropped_packets`
 
 Data type: `Boolean`
 
 Enable/Disable logging in the INPUT chain of packets to the kernel log, if no explicit chain matched
-Default value: false
-Allowed values: (true|false)
+
+Default value: `false`
 
 ##### `ip_versions`
 
 Data type: `Array[Enum['ip','ip6']]`
 
 Set list of versions of ip we want ot use.
-Default value: ['ip', 'ip6']
+
+Default value: ['ip','ip6']
 
 ##### `preserve_chains_in_tables`
 
 Data type: `Hash[String[1],Array[String[1]]]`
 
 Hash with table:chains[] to use ferm @preserve for
-Default value: Empty Hash
-Allowed values: Hash with a list of tables and chains in it to preserve
 Example: {'nat' => ['PREROUTING', 'POSTROUTING']}
 
+Default value: {}
+
 ## Defined types
 
 ### ferm::chain

diff --git a/data/Archlinux.yaml b/data/Archlinux.yaml
new file mode 100644 (file)
index 0000000..6b05d2f
--- /dev/null
+++ b/data/Archlinux.yaml
@@ -0,0 +1,3 @@
+---
+ferm::configfile: /etc/ferm.conf
+ferm::configdirectory: /etc/ferm.d

diff --git a/data/RedHat.yaml b/data/RedHat.yaml
new file mode 100644 (file)
index 0000000..6b05d2f
--- /dev/null
+++ b/data/RedHat.yaml
@@ -0,0 +1,3 @@
+---
+ferm::configfile: /etc/ferm.conf
+ferm::configdirectory: /etc/ferm.d

diff --git a/data/Ubuntu.yaml b/data/Ubuntu.yaml
index f580a8fc41877e54994627bf4405fc49c46743c0..cb3055308e911821347d72dc67861ecbd1519771 100644 (file)
--- a/data/Ubuntu.yaml
+++ b/data/Ubuntu.yaml
@@ -1,2 +1,3 @@
 ---
 ferm::configfile: /etc/ferm/ferm.conf
+ferm::configdirectory: /etc/ferm.d

diff --git a/data/common.yaml b/data/common.yaml
deleted file mode 100644 (file)
index 34392e9..0000000
--- a/data/common.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-ferm::manage_service: false
-ferm::manage_configfile: false
-ferm::manage_initfile: false
-ferm::disable_conntrack: false
-ferm::configfile: /etc/ferm.conf
-ferm::configdirectory: /etc/ferm.d
-ferm::input_policy: DROP
-ferm::forward_policy: DROP
-ferm::output_policy: ACCEPT
-ferm::preserve_chains_in_tables: {}
-ferm::rules: {}
-ferm::chains: {}
-ferm::input_log_dropped_packets: false
-ferm::forward_log_dropped_packets: false
-ferm::output_log_dropped_packets: false
-ferm::ip_versions:
-  - ip
-  - ip6

diff --git a/hiera.yaml b/hiera.yaml
index aa8c6ecd9c683996aa464e3e769fd455aaf3ed0d..6b62091b943b9ec4e7c63e486174e7fd475bb40e 100644 (file)
--- a/hiera.yaml
+++ b/hiera.yaml
@@ -15,5 +15,8 @@ hierarchy:
   - name: 'Distribution Name'
     path: '%{facts.os.name}.yaml'
 
+  - name: 'Operating System Family'
+    path: '%{facts.os.family}.yaml'
+
   - name: 'common'
     path: 'common.yaml'

diff --git a/manifests/init.pp b/manifests/init.pp
index 2f5e1efeca7a97812cd7e2757eba0beed272b6fd..d8fd06a7e0e5d641dfd83acd27f326d4af790f9d 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -26,70 +26,39 @@
 #   }
 #
 # @param manage_service Disable/Enable the management of the ferm daemon
-#   Default value: false
-#   Allowed values: (true|false)
 # @param manage_configfile Disable/Enable the management of the ferm default config
-#   Default value: false
-#   Allowed values: (true|false)
 # @param manage_initfile Disable/Enable the management of the ferm init script for RedHat-based OS
-#   Default value: false
-#   Allowed values: (true|false)
 # @param configfile Path to the config file
-#   Default value: /etc/ferm.conf
-#   Allowed values: Stdlib::Absolutepath
 # @param configdirectory Path to the directory where the module stores ferm configuration files
-#   Default value: /etc/ferm.d or /etc/ferm/ferm.d
-#   Allowed values: Stdlib::Absolutepath
 # @param disable_conntrack Disable/Enable the generation of conntrack rules
-#   Default value: false
-#   Allowed values: (true|false)
 # @param forward_policy Default policy for the FORWARD chain
-#   Default value: DROP
-#   Allowed values: (ACCEPT|DROP)
 # @param output_policy Default policy for the OUTPUT chain
-#   Default value: ACCEPT
-#   Allowed values: (ACCEPT|DROP)
 # @param input_policy Default policy for the INPUT chain
-#   Default value: DROP
-#   Allowed values: (ACCEPT|DROP)
 # @param rules A hash that holds all data for ferm::rule
-#   Default value: Empty Hash
-#   Allowed value: Any Hash
 # @param chains A hash that holds all data for ferm::chain
-#   Default value: Empty Hash
-#   Allowed value: Any Hash
 # @param forward_log_dropped_packets Enable/Disable logging in the FORWARD chain of packets to the kernel log, if no explicit chain matched
-#   Default value: false
-#   Allowed values: (true|false)
 # @param output_log_dropped_packets Enable/Disable logging in the OUTPUT chain of packets to the kernel log, if no explicit chain matched
-#   Default value: false
-#   Allowed values: (true|false)
 # @param input_log_dropped_packets Enable/Disable logging in the INPUT chain of packets to the kernel log, if no explicit chain matched
-#   Default value: false
-#   Allowed values: (true|false)
 # @param ip_versions Set list of versions of ip we want ot use.
-#   Default value: ['ip', 'ip6']
 # @param preserve_chains_in_tables Hash with table:chains[] to use ferm @preserve for
-#   Default value: Empty Hash
-#   Allowed values: Hash with a list of tables and chains in it to preserve
 #   Example: {'nat' => ['PREROUTING', 'POSTROUTING']}
 class ferm (
-  Boolean $manage_service,
-  Boolean $manage_configfile,
-  Boolean $manage_initfile,
   Stdlib::Absolutepath $configfile,
   Stdlib::Absolutepath $configdirectory,
-  Boolean $disable_conntrack,
-  Ferm::Policies $forward_policy,
-  Ferm::Policies $output_policy,
-  Ferm::Policies $input_policy,
-  Boolean $forward_log_dropped_packets,
-  Boolean $output_log_dropped_packets,
-  Boolean $input_log_dropped_packets,
-  Hash $rules,
-  Hash $chains,
-  Array[Enum['ip','ip6']] $ip_versions,
-  Hash[String[1],Array[String[1]]] $preserve_chains_in_tables,
+  Boolean $manage_service = false,
+  Boolean $manage_configfile = false,
+  Boolean $manage_initfile = false,
+  Boolean $disable_conntrack = false,
+  Ferm::Policies $forward_policy = 'DROP',
+  Ferm::Policies $output_policy = 'ACCEPT',
+  Ferm::Policies $input_policy = 'DROP',
+  Boolean $forward_log_dropped_packets = false,
+  Boolean $output_log_dropped_packets = false,
+  Boolean $input_log_dropped_packets = false,
+  Hash $rules = {},
+  Hash $chains = {},
+  Array[Enum['ip','ip6']] $ip_versions = ['ip','ip6'],
+  Hash[String[1],Array[String[1]]] $preserve_chains_in_tables = {},
 ) {
   contain ferm::install
   contain ferm::config