Skip to content

Commit

Permalink
Workaround for duplicate resource http_port #120
Browse files Browse the repository at this point in the history
The module is now able to handle multiple server
declarations for the same port on different IPs.
  • Loading branch information
ralfbosz committed Sep 28, 2020
1 parent 41a0d77 commit 715407f
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 49 deletions.
2 changes: 1 addition & 1 deletion manifests/cache_dir.pp
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
}
}

if $facts['os']['selinux'] == true {
if fact('os.selinux.enabled') {
selinux::fcontext { "selinux fcontext squid_cache_t ${path}":
seltype => 'squid_cache_t',
pathspec => "${path}(/.*)?",
Expand Down
17 changes: 10 additions & 7 deletions manifests/http_port.pp
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
# When set to `true` creates https_port entries. Defaults to `false`.
# @param order
# Order can be used to configure where in `squid.conf`this configuration section should occur.

define squid::http_port (
Optional[Stdlib::Port] $port = undef,
Optional[Stdlib::Host] $host = undef,
Expand Down Expand Up @@ -85,12 +86,14 @@
order => "30-${order}",
}

if $facts['os']['selinux'] == true {
selinux::port { "selinux port squid_port_t ${_port}":
ensure => 'present',
seltype => 'squid_port_t',
protocol => 'tcp',
port => $_port,
}
if fact('os.selinux.enabled') {
ensure_resource('selinux::port', "selinux port squid_port_t ${_port}",
{
ensure => 'present',
seltype => 'squid_port_t',
protocol => 'tcp',
port => $_port,
}
)
}
}
83 changes: 42 additions & 41 deletions spec/classes/init_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -84,16 +84,16 @@
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^url_rewrite_children\s+16\stestoption=a$}) }
end

context 'with access_log parameter set to an array' do
let :params do
{
config: '/tmp/squid.conf',
access_log: ['daemon:/somepath/access.log squid', 'syslog:daemon.info squid']
}
end
context 'with access_log parameter set to an array' do
let :params do
{
config: '/tmp/squid.conf',
access_log: ['daemon:/somepath/access.log squid', 'syslog:daemon.info squid']
}
end

it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+daemon:/somepath/access.log\s+squid$}) }
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+syslog:daemon.info\s+squid$}) }
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+daemon:/somepath/access.log\s+squid$}) }
it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^access_log\s+syslog:daemon.info\s+squid$}) }
end

context 'with buffered_logs parameter set to true' do
Expand Down Expand Up @@ -513,17 +513,13 @@
it { is_expected.to contain_concat_fragment('squid_https_port_2001').with_content(%r{^https_port\s+2001\s+special for 2001$}) }
end

if facts['osfamily'] == 'RedHat'
if facts[:osfamily] == 'RedHat'
context 'with http_port parameters set + SELINUX' do
let :params do
{ config: '/tmp/squid.conf',
http_ports: { 2000 => { 'options' => 'special for 2000' } } }
end
let(:facts) do
facts.merge(
selinux => true
)
end
let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_concat_fragment('squid_http_port_2000').with_order('30-05') }
Expand All @@ -536,17 +532,43 @@
{ config: '/tmp/squid.conf',
https_ports: { 2001 => { 'options' => 'special for 2001' } } }
end
let(:facts) do
facts.merge(
selinux => true
)
end
let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_concat_fragment('squid_https_port_2001').with_order('30-05') }
it { is_expected.to contain_concat_fragment('squid_https_port_2001').with_content(%r{^https_port\s+2001\s+special for 2001$}) }
it { is_expected.to contain_selinux__port('selinux port squid_port_t 2001').with('ensure' => 'present', 'seltype' => 'squid_port_t', 'protocol' => 'tcp', 'port' => '2001') }
end

context 'with duplicate ports on different ip' do
let :params do
{ config: '/tmp/squid.conf',
http_ports: { 'ipA' => { 'port' => 3128, 'host' => '192.168.1.10' }, 'ipB' => { 'port' => 3128, 'host' => '192.168.1.11' } } }
end

let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_concat_fragment('squid_http_port_ipA').with_order('30-05') }
it { is_expected.to contain_concat_fragment('squid_http_port_ipA').with_content(%r{http_port\s+192.168.1.10:3128}) }
it { is_expected.to contain_concat_fragment('squid_http_port_ipB').with_order('30-05') }
it { is_expected.to contain_concat_fragment('squid_http_port_ipB').with_content(%r{http_port\s+192.168.1.11:3128}) }
it { is_expected.to contain_selinux__port('selinux port squid_port_t 3128').with('ensure' => 'present', 'seltype' => 'squid_port_t', 'protocol' => 'tcp', 'port' => '3128') }
end

context 'with cache_dir parameters set + SELINUX' do
let :params do
{ config: '/tmp/squid.conf',
cache_dirs: { '/data' => { 'type' => 'special',
'options' => 'my options for special type' } } }
end
let(:facts) { override_facts(super(), os: { selinux: { enabled: true } }) }

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_file('/data').with_ensure('directory') }
it { is_expected.to contain_selinux__fcontext('selinux fcontext squid_cache_t /data').with('seltype' => 'squid_cache_t', 'pathspec' => '/data(/.*)?') }
it { is_expected.to contain_selinux__exec_restorecon('selinux restorecon /data').with('path' => '/data') }
end
end

context 'with snmp_incoming_address parameter set' do
Expand Down Expand Up @@ -584,27 +606,6 @@
it { is_expected.to contain_file('/data').with_ensure('directory') }
end

if facts['osfamily'] == 'RedHat'
context 'with cache_dir parameters set + SELINUX' do
let :params do
{ config: '/tmp/squid.conf',
cache_dirs: { '/data' => { 'type' => 'special',
'options' => 'my options for special type' } } }
end
let(:facts) do
facts.merge(
selinux => true
)
end

it { is_expected.to contain_concat_fragment('squid_header').with_target('/tmp/squid.conf') }
it { is_expected.to contain_file('/data').with_ensure('directory') }
it { is_expected.to contain_selinux__fcontext('selinux fcontext squid_cache_t /data').with('seltype' => 'squid_cache_t', 'pathspec' => '/data(/.*)?') }
it { is_expected.to contain_selinux__fcontext('selinux fcontext squid_cache_t /data').that_notifies('Selinux::Exec_restorecon["restorecon /data"]') }
it { is_expected.to contain_selinux__exec_restorecon('selinux restorecon /data').with('path' => '/data') }
end
end

context 'with extra_config_sections parameter set' do
let :params do
{
Expand Down

0 comments on commit 715407f

Please sign in to comment.