Skip to content

Commit

Permalink
Workaround for duplicate resource http_port voxpupuli#120
Browse files Browse the repository at this point in the history 
The module is now able to handle multiple server
declarations for the same port on different IPs.
  • Loading branch information
@ralfbosz
ralfbosz committed Sep 28, 2020
1 parent 41a0d77 commit 51caf75
Show file tree
Hide file tree
Showing 3 changed files with 85 additions and 81 deletions.
2 changes: 1 addition & 1 deletion manifests/cache_dir.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
}
}

if $facts['os']['selinux'] == true {
if fact('os.selinux.enabled') {
selinux::fcontext { "selinux fcontext squid_cache_t ${path}":
seltype => 'squid_cache_t',
pathspec => "${path}(/.*)?",
Expand Down
81 changes: 42 additions & 39 deletions manifests/http_port.pp
View file
Original file line number Diff line number Diff line change
@@ -1,36 +1,37 @@
# @summary
# Defines http_port entries for a squid server.
# By setting optional `ssl` parameter to `true` will create https_port entries instead.
# @see
# http://www.squid-cache.org/Doc/config/http_port/
# @example
# squid::http_port { '10000':
# options => 'accel vhost'
# }
# squid::http_port { '10001':
# ssl => true,
# options => 'cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key'
# }
# squid::http_port { '127.0.0.1:3128':
# }
#
# Results in a squid configuration of:
# http_port 10000 accel vhost
# https_port 10001 cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key
# http_port 127.0.0.1:3128
# @param title
# The title/namevar may be in the form `port` or `host:port` to provide the below values. Otherwise,
# specify `port` explicitly, and `host` if desired.
# @param port
# Defaults to the port of the namevar and is the port number to listen on.
# @param host
# Defaults to the host part of the namevar and is the interface to listen on. If not specified, Squid listens on all interfaces.
# @param options
# A string to specify any options for the default. By default and empty string.
# @param ssl
# When set to `true` creates https_port entries. Defaults to `false`.
# @param order
# @summary
# Defines http_port entries for a squid server.
# By setting optional `ssl` parameter to `true` will create https_port entries instead.
# @see
# http://www.squid-cache.org/Doc/config/http_port/
# @example
# squid::http_port { '10000':
# options => 'accel vhost'
# }
# squid::http_port { '10001':
# ssl => true,
# options => 'cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key'
# }
# squid::http_port { '127.0.0.1:3128':
# }
#
# Results in a squid configuration of:
# http_port 10000 accel vhost
# https_port 10001 cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key
# http_port 127.0.0.1:3128
# @param title
# The title/namevar may be in the form `port` or `host:port` to provide the below values. Otherwise,
# specify `port` explicitly, and `host` if desired.
# @param port
# Defaults to the port of the namevar and is the port number to listen on.
# @param host
# Defaults to the host part of the namevar and is the interface to listen on. If not specified, Squid listens on all interfaces.
# @param options
# A string to specify any options for the default. By default and empty string.
# @param ssl
# When set to `true` creates https_port entries. Defaults to `false`.
# @param order
# Order can be used to configure where in `squid.conf`this configuration section should occur.

define squid::http_port (
Optional[Stdlib::Port] $port = undef,
Optional[Stdlib::Host] $host = undef,
Expand Down Expand Up @@ -85,12 +86,14 @@
order => "30-${order}",
}

if $facts['os']['selinux'] == true {
selinux::port { "selinux port squid_port_t ${_port}":
ensure => 'present',
seltype => 'squid_port_t',
protocol => 'tcp',
port => $_port,
}
if fact('os.selinux.enabled') {
ensure_resource('selinux::port', "selinux port squid_port_t ${_port}",
{
ensure => 'present',
seltype => 'squid_port_t',
protocol => 'tcp',
port => $_port,
}
)
}
}
83 changes: 42 additions & 41 deletions spec/classes/init_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,16 +84,16 @@
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^url_rewrite_children\s+16\stestoption=a$}) }
end

context 'with access_log parameter set to an array' do
let :params do
{
config: '/tmp/squid.conf',
access_log: ['daemon:/somepath/access.log squid', 'syslog:daemon.info squid']
}
end
context 'with access_log parameter set to an array' do
let :params do
{
config: '/tmp/squid.conf',
access_log: ['daemon:/somepath/access.log squid', 'syslog:daemon.info squid']
}
end

it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+daemon:/somepath/access.log\s+squid$}) }
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+syslog:daemon.info\s+squid$}) }
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+daemon:/somepath/access.log\s+squid$}) }
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+syslog:daemon.info\s+squid$}) }
end

context 'with buffered_logs parameter set to true' do
Expand Down Expand Up @@ -513,17 +513,13 @@
it { is_expected.to contain_concat_fragment('squid_https_port_2001').with_content(%r{^https_port\s+2001\s+special for 2001$}) }
end

if facts['osfamily'] == 'RedHat'
if facts[:osfamily] == 'RedHat'
context 'with http_port parameters set + SELINUX' do
let :params do
{ config: '/tmp/squid.conf',
http_ports: { 2000 => { 'options' => 'special for 2000' } } }
end
let(:facts) do
facts.merge(
selinux => true
)
end
let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_concat_fragment('squid_http_port_2000').with_order('30-05') }
Expand All @@ -536,17 +532,43 @@
{ config: '/tmp/squid.conf',
https_ports: { 2001 => { 'options' => 'special for 2001' } } }
end
let(:facts) do
facts.merge(
selinux => true
)
end
let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_concat_fragment('squid_https_port_2001').with_order('30-05') }
it { is_expected.to contain_concat_fragment('squid_https_port_2001').with_content(%r{^https_port\s+2001\s+special for 2001$}) }
it { is_expected.to contain_selinux__port('selinux port squid_port_t 2001').with('ensure' => 'present', 'seltype' => 'squid_port_t', 'protocol' => 'tcp', 'port' => '2001') }
end

context 'with duplicate ports on different ip' do
let :params do
{ config: '/tmp/squid.conf',
http_ports: { 'ipA' => { 'port' => 3128, 'host' => '192.168.1.10' }, 'ipB' => { 'port' => 3128, 'host' => '192.168.1.11' } } }
end

let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_concat_fragment('squid_http_port_ipA').with_order('30-05') }
it { is_expected.to contain_concat_fragment('squid_http_port_ipA').with_content(%r{http_port\s+192.168.1.10:3128}) }
it { is_expected.to contain_concat_fragment('squid_http_port_ipB').with_order('30-05') }
it { is_expected.to contain_concat_fragment('squid_http_port_ipB').with_content(%r{http_port\s+192.168.1.11:3128}) }
it { is_expected.to contain_selinux__port('selinux port squid_port_t 3128').with('ensure' => 'present', 'seltype' => 'squid_port_t', 'protocol' => 'tcp', 'port' => '3128') }
end

context 'with cache_dir parameters set + SELINUX' do
let :params do
{ config: '/tmp/squid.conf',
cache_dirs: { '/data' => { 'type' => 'special',
'options' => 'my options for special type' } } }
end
let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_file('/data').with_ensure('directory') }
it { is_expected.to contain_selinux__fcontext('selinux fcontext squid_cache_t /data').with('seltype' => 'squid_cache_t', 'pathspec' => '/data(/.*)?') }
it { is_expected.to contain_selinux__exec_restorecon('selinux restorecon /data').with('path' => '/data') }
end
end

context 'with snmp_incoming_address parameter set' do
Expand Down Expand Up @@ -584,27 +606,6 @@
it { is_expected.to contain_file('/data').with_ensure('directory') }
end

if facts['osfamily'] == 'RedHat'
context 'with cache_dir parameters set + SELINUX' do
let :params do
{ config: '/tmp/squid.conf',
cache_dirs: { '/data' => { 'type' => 'special',
'options' => 'my options for special type' } } }
end
let(:facts) do
facts.merge(
selinux => true
)
end

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_file('/data').with_ensure('directory') }
it { is_expected.to contain_selinux__fcontext('selinux fcontext squid_cache_t /data').with('seltype' => 'squid_cache_t', 'pathspec' => '/data(/.*)?') }
it { is_expected.to contain_selinux__fcontext('selinux fcontext squid_cache_t /data').that_notifies('Selinux::Exec_restorecon["restorecon /data"]') }
it { is_expected.to contain_selinux__exec_restorecon('selinux restorecon /data').with('path' => '/data') }
end
end

context 'with extra_config_sections parameter set' do
let :params do
{
Expand Down

0 comments on commit 51caf75

Please sign in to comment.