Merge pull request #177 from traylenator/consolidate

Consolidate jail.conf.epp for RedHat osfamily
voxpupuli · Apr 5, 2022 · 7015227 · 7015227
2 parents 6bfb78c + 7677fa0
commit 7015227
Show file tree

Hide file tree

Showing 12 changed files with 66 additions and 5,717 deletions.
diff --git a/data/RedHat.yaml b/data/RedHat.yaml
@@ -1,2 +1,3 @@
 ---
 fail2ban::config_file_before: 'paths-fedora.conf'
+fail2ban::config_file_template: "fail2ban/RedHat/%{facts.os.release.major}/etc/fail2ban/jail.conf.epp"
diff --git a/data/osname/CentOS-7.yaml b/data/osname/CentOS-7.yaml
@@ -0,0 +1,3 @@
+---
+fail2ban::config_file_before: 'paths-fedora.conf'
+fail2ban::config_file_template: "fail2ban/CentOS/7/etc/fail2ban/jail.conf.epp"
diff --git a/hiera.yaml b/hiera.yaml
@@ -4,6 +4,9 @@ defaults:
   datadir: 'data'
   data_hash: 'yaml_data'
 hierarchy:
+  - name: 'Operating System Name and Major release'
+    path: 'osname/%{facts.os.name}-%{facts.os.release.major}.yaml'
+
   - name: 'Operating System Family'
     path: '%{facts.os.family}.yaml'
 

diff --git a/metadata.json b/metadata.json
@@ -52,6 +52,20 @@
         "8",
         "9"
       ]
+    },
+    {
+      "operatingsystem": "AlmaLinux",
+      "operatingsystemrelease": [
+        "8",
+        "9"
+      ]
+    },
+    {
+      "operatingsystem": "Rocky",
+      "operatingsystemrelease": [
+        "8",
+        "9"
+      ]
     }
   ],
   "requirements": [

diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb
@@ -137,8 +137,12 @@ class { 'fail2ban': }
     context 'when content template' do
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
+          $_config_file_template = $facts['os']['family'] ? {
+            'RedHat' => "fail2ban/RedHat/#{fact('os.release.major')}/#{config_file_path}.epp",
+            default  => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+          }
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+            config_file_template => $_config_file_template,
           }
         EOS
 
@@ -155,8 +159,12 @@ class { 'fail2ban':
     context 'when content template and custom chain' do
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
+          $_config_file_template = $facts['os']['family'] ? {
+            'RedHat' => "fail2ban/RedHat/#{fact('os.release.major')}/#{config_file_path}.epp",
+            default  => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+          }
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+            config_file_template => $_config_file_template,
             iptables_chain => 'TEST',
           }
         EOS
@@ -174,8 +182,12 @@ class { 'fail2ban':
     context 'when content template and custom banaction' do
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
+          $_config_file_template = $facts['os']['family'] ? {
+            'RedHat' => "fail2ban/RedHat/#{fact('os.release.major')}/#{config_file_path}.epp",
+            default  => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+          }
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+            config_file_template => $_config_file_template,
             banaction            => 'iptables'
           }
         EOS
@@ -192,8 +204,12 @@ class { 'fail2ban':
     context 'when content template and custom sender' do
       it 'is_expected.to work with no errors' do
         pp = <<-EOS
+          $_config_file_template = $facts['os']['family'] ? {
+            'RedHat' => "fail2ban/RedHat/#{fact('os.release.major')}/#{config_file_path}.epp",
+            default  => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+          }
           class { 'fail2ban':
-            config_file_template => "fail2ban/#{fact('os.name')}/#{fact('os.release.major')}/#{config_file_path}.epp",
+            config_file_template => $_config_file_template,
             sender => '[email protected]',
           }
         EOS

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -9,14 +9,38 @@
         facts
       end
 
+      # Hard code one existing template as a custom template
       let(:config_file_template) do
-        "fail2ban/#{facts[:os]['name']}/#{facts[:os]['release']['major']}/etc/fail2ban/jail.conf.epp"
+        'fail2ban/RedHat/8/etc/fail2ban/jail.conf.epp'
       end
 
       it { is_expected.to compile.with_all_deps }
       it { is_expected.to contain_class('fail2ban::install').that_comes_before('Class[fail2ban::config]') }
       it { is_expected.to contain_class('fail2ban::config').that_notifies('Class[fail2ban::service]') }
       it { is_expected.to contain_class('fail2ban::service') }
+      case [facts[:os]['name'], facts[:os]['release']['major']]
+      when %w[OpenSuSE 15]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/OpenSuSE/15/etc/fail2ban/jail.conf.epp') }
+      when %w[CentOS 7]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/CentOS/7/etc/fail2ban/jail.conf.epp') }
+      when %w[RedHat 7]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/RedHat/7/etc/fail2ban/jail.conf.epp') }
+      when %w[AlmaLinux 8], %w[RedHat 8], %w[Rocky 8], %w[CentOS 8]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/RedHat/8/etc/fail2ban/jail.conf.epp') }
+      when %w[AlmaLinux 9], %w[RedHat 9], %w[Rocky 9], %w[CentOS 9]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/RedHat/9/etc/fail2ban/jail.conf.epp') }
+      when %w[Debian 10]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/Debian/10/etc/fail2ban/jail.conf.epp') }
+      when %w[Debian 11]
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/Debian/11/etc/fail2ban/jail.conf.epp') }
+      when ['Ubuntu', '18.04']
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/Ubuntu/18.04/etc/fail2ban/jail.conf.epp') }
+      when ['Ubuntu', '20.04']
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('fail2ban/Ubuntu/20.04/etc/fail2ban/jail.conf.epp') }
+      else
+        # has to be better way of doing this.
+        it { is_expected.to contain_class('fail2ban').with_config_file_template('a new os.name or os.release.major needs a new case') }
+      end
 
       describe 'fail2ban::install' do
         context 'defaults' do