1. Create a puppet 4 branch for development of improved hiera lookups

2. Resolve weirdness of namepsace where sysctl is not a class but
   sysctl::base by making sysctl a class and moving defined resource
   to sysctl::configuration.

CHANGELOG.md

@@ -1,3 +1,8 @@
+#### 2016-08-02 - 1.0.6-puppet4
+* Create a Puppet 4 branch to take advantage of improved hiera lookups
+* Because Puppet 4 is a major upgrade that breaks many things, this is not
+  intended to be backwards compatible
+
 #### 2016-02-05 - 1.0.6
 * Revert previous incorrect change, more work is needed to cover all cases.
 

data/default.yaml

@@ -0,0 +1,14 @@
+---
+lookup_options:
+  sysctl::values:
+    merge: deep
+
+sysctl::purge: false
+sysctl::values: {}
+sysctl::symlink99: false
+
+sysctl::sysctl_dir: true
+sysctl::sysctl_dir_path: '/etc/sysctl.d'
+sysctl::sysctl_dir_owner: root
+sysctl::sysctl_dir_group: root
+sysctl::sysctl_dir_mode: '0755'

data/os/Debian-8.yaml

@@ -0,0 +1,2 @@
+---
+sysctl::symlink99: true

data/os/FreeBSD.yaml

@@ -0,0 +1,2 @@
+---
+sysctl::sysctl_dir: false

data/os/RedHat-7.yaml

@@ -0,0 +1,2 @@
+---
+sysctl::symlink99: true

hiera.yaml

@@ -0,0 +1,12 @@
+---
+version: 4
+datadir: data
+hierarchy:
+  - name: "OS family"
+    backend: yaml
+    path: "os/%{facts.os.family}"
+  - name: "OS family and release"
+    backend: yaml
+    path: "os/%{facts.os.family}-${facts.release.major}"
+  - name: default
+    backend: yaml

manifests/configuration.pp

@@ -0,0 +1,104 @@
+# Manage sysctl variable values.
+#
+# Parameters:
+#  $value:
+#    The value for the sysctl parameter. Mandatory, unless $ensure is 'absent'.
+#  $prefix:
+#    Optional prefix for the sysctl.d file to be created. Default: none.
+#  $ensure:
+#    Whether the variable's value should be 'present' or 'absent'.
+#    Defaults to 'present'.
+#
+# Sample Usage :
+#  sysctl::configuration { 'net.ipv6.bindv6only': value => '1' }
+define sysctl::configuration (
+  $ensure  = 'present',
+  $value   = undef,
+  $prefix  = undef,
+  $suffix  = '.conf',
+  $comment = undef,
+  $content = undef,
+  $source  = undef,
+  $enforce = true,
+) {
+
+  # If we have a prefix, then add the dash to it
+  if $prefix {
+    $_sysctl_d_file = "${prefix}-${title}${suffix}"
+  } else {
+    $_sysctl_d_file = "${title}${suffix}"
+  }
+
+  # Some sysctl keys contain a slash, which is not valid in a filename.
+  # Most common at those on VLANs: net.ipv4.conf.eth0/1.arp_accept = 0
+  $sysctl_d_file = regsubst($_sysctl_d_file, '[/ ]', '_', 'G')
+
+  # If we have an explicit content or source, use them
+  if $content or $source {
+    $file_content = $content
+    $file_source = $source
+  } else {
+    $file_content = template("${module_name}/sysctl.d-file.erb")
+    $file_source = undef
+  }
+
+  if $ensure != 'absent' {
+
+    # Present
+
+    # The permanent change
+    file { "/etc/sysctl.d/${sysctl_d_file}":
+      ensure  => $ensure,
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0644',
+      content => $file_content,
+      source  => $file_source,
+      notify  => [
+        Exec["sysctl-${title}"],
+        Exec["update-sysctl.conf-${title}"],
+      ],
+    }
+
+    # The immediate change + re-check on each run "just in case"
+    exec { "sysctl-${title}":
+      command     => "sysctl -p /etc/sysctl.d/${sysctl_d_file}",
+      path        => [ '/usr/sbin', '/sbin', '/usr/bin', '/bin' ],
+      refreshonly => true,
+      require     => File["/etc/sysctl.d/${sysctl_d_file}"],
+    }
+
+    # For the few original values from the main file
+    exec { "update-sysctl.conf-${title}":
+      command     => "sed -i -e 's#^${title} *=.*#${title} = ${value}#' /etc/sysctl.conf",
+      path        => [ '/usr/sbin', '/sbin', '/usr/bin', '/bin' ],
+      refreshonly => true,
+      onlyif      => "grep -E '^${title} *=' /etc/sysctl.conf",
+    }
+
+    # Enforce configured value during each run (can't work with custom files)
+    if $enforce and ! ( $content or $source ) {
+      $qtitle = shellquote($title)
+      # Value may contain '|' and others, we need to quote to be safe
+      # Convert any numerical to expected string, 0 instead of '0' would fail
+      # lint:ignore:only_variable_string Convert numerical to string
+      $qvalue = shellquote("${value}")
+      # lint:endignore
+      exec { "enforce-sysctl-value-${qtitle}":
+          unless  => "/usr/bin/test \"$(/sbin/sysctl -n ${qtitle})\" = ${qvalue}",
+          command => "/sbin/sysctl -w ${qtitle}=${qvalue}",
+      }
+    }
+
+  } else {
+
+    # Absent
+    # We cannot restore values, since defaults can not be known... reboot :-/
+
+    file { "/etc/sysctl.d/${sysctl_d_file}":
+      ensure => absent,
+    }
+
+  }
+
+}

manifests/init.pp

@@ -1,110 +1,31 @@
-# Define: sysctl
-#
-# Manage sysctl variable values.
-#
-# Parameters:
-#  $value:
-#    The value for the sysctl parameter. Mandatory, unless $ensure is 'absent'.
-#  $prefix:
-#    Optional prefix for the sysctl.d file to be created. Default: none.
-#  $ensure:
-#    Whether the variable's value should be 'present' or 'absent'.
-#    Defaults to 'present'.
-#
-# Sample Usage :
-#  sysctl { 'net.ipv6.bindv6only': value => '1' }
-#
-define sysctl (
-  $ensure  = undef,
-  $value   = undef,
-  $prefix  = undef,
-  $suffix  = '.conf',
-  $comment = undef,
-  $content = undef,
-  $source  = undef,
-  $enforce = true,
-) {
-
-  include '::sysctl::base'
-
-  # If we have a prefix, then add the dash to it
-  if $prefix {
-    $_sysctl_d_file = "${prefix}-${title}${suffix}"
-  } else {
-    $_sysctl_d_file = "${title}${suffix}"
-  }
-
-  # Some sysctl keys contain a slash, which is not valid in a filename.
-  # Most common at those on VLANs: net.ipv4.conf.eth0/1.arp_accept = 0
-  $sysctl_d_file = regsubst($_sysctl_d_file, '[/ ]', '_', 'G')
-
-  # If we have an explicit content or source, use them
-  if $content or $source {
-    $file_content = $content
-    $file_source = $source
-  } else {
-    $file_content = template("${module_name}/sysctl.d-file.erb")
-    $file_source = undef
-  }
-
-  if $ensure != 'absent' {
-
-    # Present
-
-    # The permanent change
-    file { "/etc/sysctl.d/${sysctl_d_file}":
-      ensure  => $ensure,
-      owner   => 'root',
-      group   => 'root',
-      mode    => '0644',
-      content => $file_content,
-      source  => $file_source,
-      notify  => [
-        Exec["sysctl-${title}"],
-        Exec["update-sysctl.conf-${title}"],
-      ],
-    }
-
-    # The immediate change + re-check on each run "just in case"
-    exec { "sysctl-${title}":
-      command     => "sysctl -p /etc/sysctl.d/${sysctl_d_file}",
-      path        => [ '/usr/sbin', '/sbin', '/usr/bin', '/bin' ],
-      refreshonly => true,
-      require     => File["/etc/sysctl.d/${sysctl_d_file}"],
-    }
-
-    # For the few original values from the main file
-    exec { "update-sysctl.conf-${title}":
-      command     => "sed -i -e 's#^${title} *=.*#${title} = ${value}#' /etc/sysctl.conf",
-      path        => [ '/usr/sbin', '/sbin', '/usr/bin', '/bin' ],
-      refreshonly => true,
-      onlyif      => "grep -E '^${title} *=' /etc/sysctl.conf",
+class sysctl (Boolean $purge,
+              Hash $values,
+              Boolean $symlink99,
+              Boolean $sysctl_dir,
+              String $sysctl_dir_path,
+              String $sysctl_dir_owner,
+              String $sysctl_dir_group,
+              String $sysctl_dir_mode) {
+
+  create_resources(sysctl::configuration, $values)
+
+  if $sysctl_dir {
+    # if we're purging we should also recurse
+    $recurse = $purge
+    file { $sysctl_dir_path:
+      ensure  => directory,
+      owner   => $sysctl_dir_owner,
+      group   => $sysctl_dir_group,
+      mode    => $sysctl_dir_mode,
+      purge   => $purge,
+      recurse => $recurse,
     }
 
-    # Enforce configured value during each run (can't work with custom files)
-    if $enforce and ! ( $content or $source ) {
-      $qtitle = shellquote($title)
-      # Value may contain '|' and others, we need to quote to be safe
-      # Convert any numerical to expected string, 0 instead of '0' would fail
-      # lint:ignore:only_variable_string Convert numerical to string
-      $qvalue = shellquote("${value}")
-      # lint:endignore
-      exec { "enforce-sysctl-value-${qtitle}":
-          unless  => "/usr/bin/test \"$(/sbin/sysctl -n ${qtitle})\" = ${qvalue}",
-          command => "/sbin/sysctl -w ${qtitle}=${qvalue}",
+    if $symlink99 and $sysctl_dir_path =~ /^\/etc\/[^\/]+$/ {
+      file { "${sysctl_dir_path}/99-sysctl.conf":
+        ensure => link,
+        target => '../sysctl.conf',
       }
     }
-
-  } else {
-
-    # Absent
-    # We cannot restore values, since defaults can not be known... reboot :-/
-
-    file { "/etc/sysctl.d/${sysctl_d_file}":
-      ensure => absent,
-    }
-
   }
-
 }
-

metadata.json

@@ -36,5 +36,6 @@
     "version_requirement": ">=2.7.20 <4.1.0"
     }
   ],
-  "dependencies": []
+  "dependencies": [],
+  "data_provider": "hiera"
 }

spec/classes/sysctl_spec.rb

@@ -0,0 +1,9 @@
+require 'spec_helper'
+
+describe 'sysctl', :type => :class do
+
+  it { should create_class('sysctl') }
+  it { should contain_file('/etc/sysctl.d') }
+
+end
+