Vox Pupuli Tasks Repositories About
Log in

GitHub puppet-ipset
Puppet module to manage ipset tooling and actual sets

Repo Checks ( 18 of 28 successfull )
Metadata Valid
No translation
passed
Correct Puppet Version Range
Supported Puppet version range is %{PUPPET_SUPPORT_RANGE}
passed
With Puppet Version Range
Puppet version range is present in requirements in metadata.json
passed
With Operatingsystem Support
No translation
passed
Operatingsystems
No translation
passed
Supports Only Current Debian
No translation
passed
Supports Latest Debian
No translation
failed
Supports Only Current Ubuntu
No translation
passed
Supports Latest Ubuntu
No translation
failed
Supports Only Current Redhat
No translation
passed
Supports Latest Redhat
No translation
failed
Supports Only Current Centos
No translation
passed
Supports Latest Centos
No translation
failed
Supports Only Current Oraclelinux
No translation
passed
Supports Latest Oraclelinux
No translation
failed
Supports Only Current Scientific
No translation
passed
Supports Latest Scientific
No translation
failed
Supports Only Current Virtuozzolinux
No translation
passed
Supports Latest Virtuozzolinux
No translation
failed
Supports Only Current Archlinux
No translation
failed
Supports Latest Archlinux
No translation
failed
In Modulesync Repo
Is listed as a module managed using modulesync_config
passed
Synced
Has a .msync.yml file
passed
Latest Modulesync
Has been synchronized with the latest tagged version of modulesync_config
failed
Has Modulesync
Is present in voxpupuli/modulesync_config/managed_modules.yml
passed
Released
Is in modulesync_config and in forge releases.
passed
Valid Sync File
If a (optional) sync file is present, it must not contain a `.travis.yml` entry.
passed
Reference Dot Md
The repository has a REFERENCE.md. It needs to be generated / puppet-strings documentation is missing.
passed

Open Pull Requests

modulesync 5.4.0
modulesync

modulesync 5.4.0

Open PR in GitHub
Add purging to $config_path dir

Add purging to $config_path dir to remove floating ipset config files

Open PR in GitHub
Enable using nested arrays for parameter 'set'

This PR will enable using nested arrays for parameter 'set'.

It's required (e.g.) when grouping networks in Hiera.
```
ip4subnetaclass00: '10.0.1.0/24'
ip4subnetaclass01: '10.0.2.0/24'
ip4subnetsaclass:
- "%{alias('ip4subnetaclass00')}"
- "%{alias('ip4subnetaclass01')}"

ip4subnetcclass00: '192.168.0.0/24'
ip4subnetcclass01: '192.168.1.0/24'
ip4subnetscclass:
- "%{alias('ip4subnetcclass00')}"
- "%{alias('ip4subnetcclass01')}"

ip4subnets:
- "%{alias('ip4subnetsaclass')}"
- "%{alias('ip4subnets_cclass')}"

ipset::sets:
ip4subnets:
set: "%{alias('ip4subnets')}"
type: 'hash:net'
```

Open PR in GitHub
Support for comments and more types
enhancement

Pull Request (PR) description

Add support for comments (#5) and the types from the man page.

counters skbinfo markmask options are not implemented, they are boolean options. If anyone has any advice on how to implement that cleanly ...

example with using hiera data for bitmap:port:
yaml
data::from::hiera::ports:
- 5005
- 5006
- 5007
- 5008
- 5009
- 5010
- 5023
- 5027
- 5028
- 5031

puppet
ipset::set { 'port-server1':
set => lookup('data::from::hiera::ports'),
type => 'bitmap:port',
options => {
range => '5000-6000',
},
}

If you want to limit to udp:
puppet
ipset::set { 'port-server2':
set => lookup('data::from::hiera::ports').map |$value| { "udp:${value}" },
type => 'bitmap:port',
options => {
range => '5000-6000',
},
}

This was primarily implemented to be able to create non consecutive port lists as iptables only support a maximum of 15 ports with the --multiports and the XT_MULTI_PORTS compile setting source

Open PR in GitHub