itamae-plugin-resource-firewalld 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +11 -0
- data/.travis.yml +4 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +124 -0
- data/Rakefile +8 -0
- data/examples/README.md +67 -0
- data/examples/Vagrantfile +7 -0
- data/examples/recipe.rb +19 -0
- data/itamae-plugin-resource-firewalld.gemspec +27 -0
- data/lib/itamae/plugin/resource/firewalld.rb +12 -0
- data/lib/itamae/plugin/resource/firewalld/version.rb +9 -0
- data/lib/itamae/plugin/resource/firewalld_zone.rb +112 -0
- data/test/helper.rb +8 -0
- data/test/itamae/plugin/resource/test_firewalld_zone.rb +127 -0
- metadata +145 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: c1cdfebfa66e315a7929c7db7c3d9399c78d5644
|
4
|
+
data.tar.gz: cf94da496215a5308a406299728ae21d56b9f533
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: e67bd2557effbdf6467ac7d06e723881d3cdbfab429a15c87d0eed3901eee8806a30b097e895c1fbf1919db53898ce8169d93d212494b9ae0574b63bd81a4838
|
7
|
+
data.tar.gz: aea44043417f0b12d525c3ebad4062dcdce8b8b08a263b49508c90f739e7ef6b8566ce7bfe0d3b68d06bc6a39c7d6d05f69440ec6d476b90c2fe200c95af3bc2
|
data/.gitignore
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2014 Wataru MIYAGUNI
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,124 @@
|
|
1
|
+
# Itamae::Plugin::Resource::Firewalld
|
2
|
+
|
3
|
+
[Itamae](https://github.com/ryotarai/itamae) resource plugin to manage [firewalld](https://fedorahosted.org/firewalld/).
|
4
|
+
|
5
|
+
[![Build Status](https://travis-ci.org/gongo/itamae-plugin-resource-firewalld.svg?branch=master)](https://travis-ci.org/gongo/itamae-plugin-resource-firewalld)
|
6
|
+
[![Coverage Status](https://coveralls.io/repos/gongo/itamae-plugin-resource-firewalld/badge.png?branch=master)](https://coveralls.io/r/gongo/itamae-plugin-resource-firewalld?branch=master)
|
7
|
+
[![Code Climate](https://codeclimate.com/github/gongo/itamae-plugin-resource-firewalld/badges/gpa.svg)](https://codeclimate.com/github/gongo/itamae-plugin-resource-firewalld)
|
8
|
+
|
9
|
+
## Usage
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
service 'firewalld' do
|
13
|
+
action [:start, :enable]
|
14
|
+
end
|
15
|
+
|
16
|
+
firewalld_zone 'external' do
|
17
|
+
interfaces %w(enp0s8 enp0s9)
|
18
|
+
services %w(ssh)
|
19
|
+
|
20
|
+
masquerade true
|
21
|
+
|
22
|
+
notifies :restart, 'service[firewalld]'
|
23
|
+
end
|
24
|
+
|
25
|
+
firewalld_zone 'public' do
|
26
|
+
interfaces %w(enp0s3)
|
27
|
+
services %w(ssh https mysql)
|
28
|
+
ports %w(8080/tcp 4243/udp)
|
29
|
+
|
30
|
+
default_zone true
|
31
|
+
|
32
|
+
notifies :restart, 'service[firewalld]'
|
33
|
+
end
|
34
|
+
```
|
35
|
+
|
36
|
+
After `itamae` execute:
|
37
|
+
|
38
|
+
```
|
39
|
+
$ sudo firewall-cmd --list-all --zone external
|
40
|
+
external (active)
|
41
|
+
interfaces: enp0s8 enp0s9
|
42
|
+
sources:
|
43
|
+
services: ssh
|
44
|
+
ports:
|
45
|
+
masquerade: yes
|
46
|
+
forward-ports:
|
47
|
+
icmp-blocks:
|
48
|
+
rich rules:
|
49
|
+
|
50
|
+
$ sudo firewall-cmd --list-all --zone public
|
51
|
+
public (default, active)
|
52
|
+
interfaces: enp0s3
|
53
|
+
sources:
|
54
|
+
services: https mysql ssh
|
55
|
+
ports: 4243/udp 8080/tcp
|
56
|
+
masquerade: no
|
57
|
+
forward-ports:
|
58
|
+
icmp-blocks:
|
59
|
+
rich rules:
|
60
|
+
```
|
61
|
+
|
62
|
+
### See also
|
63
|
+
|
64
|
+
Demonstration environment [examples](./examples)
|
65
|
+
|
66
|
+
|
67
|
+
## Installation
|
68
|
+
|
69
|
+
Add this line to your application's Gemfile:
|
70
|
+
|
71
|
+
```ruby
|
72
|
+
gem 'itamae-plugin-resource-firewalld'
|
73
|
+
```
|
74
|
+
|
75
|
+
And then execute:
|
76
|
+
|
77
|
+
$ bundle
|
78
|
+
|
79
|
+
Or install it yourself as:
|
80
|
+
|
81
|
+
$ gem install itamae-plugin-resource-firewalld
|
82
|
+
|
83
|
+
## Features
|
84
|
+
|
85
|
+
Provides a `firewalld_zone` resource that operation of `Zone`:
|
86
|
+
|
87
|
+
```ruby
|
88
|
+
firewalld_zone 'zone_name' do
|
89
|
+
name # [String]
|
90
|
+
|
91
|
+
interfaces # [Array of string]
|
92
|
+
sources # [Array of string]
|
93
|
+
services # [Array of string]
|
94
|
+
ports # [Array of string]
|
95
|
+
forward_ports # [Array of string]
|
96
|
+
icmp_blocks # [Array of string]
|
97
|
+
rich_rules # [Array of string]
|
98
|
+
|
99
|
+
masquerade # [True / False]
|
100
|
+
default_zone # [True] Ignored other
|
101
|
+
end
|
102
|
+
```
|
103
|
+
|
104
|
+
**IMPORTANT**
|
105
|
+
|
106
|
+
`firewalld_zone` resource performs the processing `firewall-cmd` with [--permanent](http://fedoraproject.org/wiki/FirewallD#Permanent_zone_handling) .
|
107
|
+
|
108
|
+
## TODO
|
109
|
+
|
110
|
+
Unimplemented:
|
111
|
+
|
112
|
+
- Add a new `zone`, `icmptype` and `service`
|
113
|
+
- Operation of `Direct`, `Lockdown`
|
114
|
+
- Etc...
|
115
|
+
|
116
|
+
I'll be waiting for your pull request :bow:
|
117
|
+
|
118
|
+
## Contributing
|
119
|
+
|
120
|
+
1. Fork it ( https://github.com/gongo/itamae-plugin-resource-firewalld/fork )
|
121
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
122
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
123
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
124
|
+
5. Create a new Pull Request
|
data/Rakefile
ADDED
data/examples/README.md
ADDED
@@ -0,0 +1,67 @@
|
|
1
|
+
`Itamae::Plugin::Resource::Firewalld` demonstration virtual machine.
|
2
|
+
|
3
|
+
Usage
|
4
|
+
--------------------
|
5
|
+
|
6
|
+
### Preparation
|
7
|
+
|
8
|
+
```sh
|
9
|
+
$ cd /path/to/itamae-plugin-resource-firewalld/
|
10
|
+
$ bundle install --path vendor/bundle
|
11
|
+
```
|
12
|
+
|
13
|
+
### Provision
|
14
|
+
|
15
|
+
```sh
|
16
|
+
$ cd ./examples/
|
17
|
+
$ vagrant up
|
18
|
+
$ bundle exec itamae ssh -h default --vagrant recipe.rb
|
19
|
+
INFO : Starting Itamae...
|
20
|
+
INFO : Recipe: /path/to/itamae-plugin-resource-firewalld/examples/recipe.rb
|
21
|
+
INFO : service[firewalld]
|
22
|
+
INFO : action: start
|
23
|
+
INFO : running will change from 'false' to 'true'
|
24
|
+
INFO : action: enable
|
25
|
+
INFO : enabled will change from 'false' to 'true'
|
26
|
+
INFO : firewalld_zone[home]
|
27
|
+
INFO : action: update
|
28
|
+
INFO : services will change from '["dhcpv6-client", "ipp-client", "mdns", "samba-client", "ssh"]' to '["samba", "ssh", "vnc-server"]'
|
29
|
+
INFO : ports will change from '[]' to '["1900/udp", "32469/tcp", "5353/udp"]'
|
30
|
+
INFO : Notifying restart to service resource 'firewalld' (delayed)
|
31
|
+
INFO : firewalld_zone[public]
|
32
|
+
INFO : action: update
|
33
|
+
INFO : services will change from '["dhcpv6-client", "ssh"]' to '["https", "mysql", "ssh"]'
|
34
|
+
INFO : Notifying restart to service resource 'firewalld' (delayed)
|
35
|
+
INFO : service[firewalld]
|
36
|
+
INFO : action: restart
|
37
|
+
```
|
38
|
+
|
39
|
+
### Confirmation
|
40
|
+
|
41
|
+
```sh
|
42
|
+
$ vagrant ssh
|
43
|
+
[vagrant@localhost ~]$ sudo systemctl is-enabled firewalld
|
44
|
+
enabled
|
45
|
+
|
46
|
+
[vagrant@localhost ~]$ sudo firewall-cmd --list-all --zone home
|
47
|
+
home
|
48
|
+
interfaces:
|
49
|
+
sources:
|
50
|
+
services: samba ssh vnc-server
|
51
|
+
ports: 5353/udp 32469/tcp 1900/udp
|
52
|
+
masquerade: no
|
53
|
+
forward-ports:
|
54
|
+
icmp-blocks:
|
55
|
+
rich rules:
|
56
|
+
|
57
|
+
[vagrant@localhost ~]$ sudo firewall-cmd --list-all --zone public
|
58
|
+
public (default, active)
|
59
|
+
interfaces: enp0s3
|
60
|
+
sources:
|
61
|
+
services: https mysql ssh
|
62
|
+
ports:
|
63
|
+
masquerade: no
|
64
|
+
forward-ports:
|
65
|
+
icmp-blocks:
|
66
|
+
rich rules:
|
67
|
+
```
|
data/examples/recipe.rb
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'itamae/plugin/resource/firewalld'
|
2
|
+
|
3
|
+
service 'firewalld' do
|
4
|
+
action [:start, :enable]
|
5
|
+
end
|
6
|
+
|
7
|
+
firewalld_zone 'home' do
|
8
|
+
services %w(samba ssh vnc-server)
|
9
|
+
ports %w(1900/udp 5353/udp 32469/tcp)
|
10
|
+
|
11
|
+
notifies :restart, 'service[firewalld]'
|
12
|
+
end
|
13
|
+
|
14
|
+
firewalld_zone 'public' do
|
15
|
+
services %w(ssh https mysql)
|
16
|
+
default_zone true
|
17
|
+
|
18
|
+
notifies :restart, 'service[firewalld]'
|
19
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'itamae/plugin/resource/firewalld/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "itamae-plugin-resource-firewalld"
|
8
|
+
spec.version = Itamae::Plugin::Resource::Firewalld::VERSION
|
9
|
+
spec.authors = ["Wataru MIYAGUNI"]
|
10
|
+
spec.email = ["gonngo@gmail.com"]
|
11
|
+
spec.summary = %q{Itamae resource plugin to manage firewalld.}
|
12
|
+
spec.description = %q{Itamae resource plugin to manage firewalld.}
|
13
|
+
spec.homepage = "https://github.com/gongo/itamae-plugin-resource-firewalld"
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_development_dependency 'bundler', '~> 1.7'
|
22
|
+
spec.add_development_dependency 'rake', '~> 10.0'
|
23
|
+
spec.add_development_dependency 'test-unit', '~> 3.0.1'
|
24
|
+
spec.add_development_dependency 'mocha'
|
25
|
+
spec.add_development_dependency 'coveralls'
|
26
|
+
spec.add_dependency 'itamae'
|
27
|
+
end
|
@@ -0,0 +1,112 @@
|
|
1
|
+
require 'itamae/resource/base'
|
2
|
+
|
3
|
+
module Itamae
|
4
|
+
module Plugin
|
5
|
+
module Resource
|
6
|
+
class FirewalldZone < Itamae::Resource::Base
|
7
|
+
|
8
|
+
define_attribute :action, default: :update
|
9
|
+
define_attribute :name, type: String, default_name: true
|
10
|
+
|
11
|
+
define_attribute :masquerade, type: [TrueClass, FalseClass]
|
12
|
+
define_attribute :default_zone, type: [TrueClass, FalseClass]
|
13
|
+
|
14
|
+
ARRAYABLE_SETTINGS = [
|
15
|
+
:interfaces,
|
16
|
+
:sources,
|
17
|
+
:services,
|
18
|
+
:ports,
|
19
|
+
:forward_ports,
|
20
|
+
:icmp_blocks,
|
21
|
+
:rich_rules
|
22
|
+
]
|
23
|
+
|
24
|
+
ARRAYABLE_SETTINGS.each do |name|
|
25
|
+
define_attribute name, type: Array
|
26
|
+
end
|
27
|
+
|
28
|
+
def pre_action
|
29
|
+
ARRAYABLE_SETTINGS.each do |name|
|
30
|
+
attributes[name].sort! if attributes[name]
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def set_current_attributes
|
35
|
+
ARRAYABLE_SETTINGS.each do |name|
|
36
|
+
attributes[name].sort! if attributes[name]
|
37
|
+
current[name] = current_setting(name) if attributes[name]
|
38
|
+
end
|
39
|
+
|
40
|
+
current.masquerade = masquerade_enabled? unless attributes.masquerade.nil?
|
41
|
+
current.default_zone = default_zone? unless attributes.default_zone.nil?
|
42
|
+
end
|
43
|
+
|
44
|
+
def action_update(options)
|
45
|
+
ARRAYABLE_SETTINGS.each do |name|
|
46
|
+
update_setting(name, current[name], attributes[name]) if attributes[name]
|
47
|
+
end
|
48
|
+
|
49
|
+
if !attributes.masquerade.nil? && (current.masquerade != attributes.masquerade)
|
50
|
+
update_masquerade(attributes.masquerade)
|
51
|
+
updated!
|
52
|
+
end
|
53
|
+
|
54
|
+
if attributes.default_zone && !current.default_zone
|
55
|
+
set_default_zone
|
56
|
+
updated!
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
private
|
61
|
+
|
62
|
+
#
|
63
|
+
# @param [String] name setting name
|
64
|
+
# @param [Array] current current.{property_name}
|
65
|
+
# @param [Array] updated updated.{property_name}
|
66
|
+
#
|
67
|
+
def update_setting(name, current, updated)
|
68
|
+
#
|
69
|
+
# singularize (e.g. forward_ports -> forward-port)
|
70
|
+
#
|
71
|
+
# TODO: Not beautiful..
|
72
|
+
#
|
73
|
+
name = name.to_s.gsub('_', '-').chop
|
74
|
+
|
75
|
+
add_args = ["--add-#{name}"].product(updated - (current & updated)).flatten
|
76
|
+
remove_args = ["--remove-#{name}"].product(current - updated).flatten
|
77
|
+
|
78
|
+
run_zone_command(add_args) unless add_args.empty?
|
79
|
+
run_zone_command(remove_args) unless remove_args.empty?
|
80
|
+
end
|
81
|
+
|
82
|
+
def update_masquerade(enabled)
|
83
|
+
action = enabled ? 'add' : 'remove'
|
84
|
+
run_zone_command(["--#{action}-masquerade"])
|
85
|
+
end
|
86
|
+
|
87
|
+
def current_setting(name)
|
88
|
+
name = name.to_s.gsub('_', '-')
|
89
|
+
run_zone_command(["--list-#{name}"]).stdout.strip.split.sort
|
90
|
+
end
|
91
|
+
|
92
|
+
def masquerade_enabled?
|
93
|
+
run_zone_command(['--query-masquerade'], error: false).success?
|
94
|
+
end
|
95
|
+
|
96
|
+
def run_zone_command(args, options = {})
|
97
|
+
command = ['firewall-cmd', '--zone', attributes.name, '--permanent']
|
98
|
+
run_command(command + args, options)
|
99
|
+
end
|
100
|
+
|
101
|
+
def default_zone?
|
102
|
+
command = ['firewall-cmd', '--get-default-zone']
|
103
|
+
run_command(command).stdout.strip == attributes.name
|
104
|
+
end
|
105
|
+
|
106
|
+
def set_default_zone
|
107
|
+
run_command(['firewall-cmd', '--set-default-zone', attributes.name])
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
data/test/helper.rb
ADDED
@@ -0,0 +1,127 @@
|
|
1
|
+
require 'helper'
|
2
|
+
require 'itamae/plugin/resource/firewalld_zone'
|
3
|
+
|
4
|
+
module Itamae
|
5
|
+
module Plugin
|
6
|
+
module Resource
|
7
|
+
class TestFirewalldZone < Test::Unit::TestCase
|
8
|
+
setup do
|
9
|
+
@resource = FirewalldZone.new(stub, 'public')
|
10
|
+
end
|
11
|
+
|
12
|
+
sub_test_case 'settings' do
|
13
|
+
setup do
|
14
|
+
#
|
15
|
+
# $ firewall-cmd --zone public --list-all
|
16
|
+
# public (default, active)
|
17
|
+
# ..
|
18
|
+
# services: pop3s ssh
|
19
|
+
# ..
|
20
|
+
#
|
21
|
+
@resource.stubs(:run_zone_command)
|
22
|
+
.with(['--list-services'])
|
23
|
+
.returns(stub(stdout: 'pop3s ssh'))
|
24
|
+
end
|
25
|
+
|
26
|
+
test 'Change the setting' do
|
27
|
+
@resource.attributes.services = ['ssh', 'http', 'smtp']
|
28
|
+
@resource.expects(:run_zone_command).with(['--add-service', 'http', '--add-service', 'smtp'])
|
29
|
+
@resource.expects(:run_zone_command).with(['--remove-service', 'pop3s'])
|
30
|
+
@resource.expects(:notify)
|
31
|
+
@resource.run
|
32
|
+
end
|
33
|
+
|
34
|
+
test 'No change the setting (noop)' do
|
35
|
+
@resource.attributes.services = ['ssh', 'pop3s']
|
36
|
+
@resource.expects(:notify).never
|
37
|
+
@resource.run
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
sub_test_case 'masquerade' do
|
42
|
+
sub_test_case 'enable' do
|
43
|
+
setup do
|
44
|
+
#
|
45
|
+
# $ firewall-cmd --zone public --query-masquerade
|
46
|
+
# yes
|
47
|
+
#
|
48
|
+
@resource.stubs(:masquerade_enabled?).returns(true)
|
49
|
+
end
|
50
|
+
|
51
|
+
test 'To enbale (noop)' do
|
52
|
+
@resource.attributes.masquerade = true
|
53
|
+
@resource.expects(:notify).never
|
54
|
+
@resource.run
|
55
|
+
end
|
56
|
+
|
57
|
+
test 'To disable' do
|
58
|
+
@resource.attributes.masquerade = false
|
59
|
+
@resource.expects(:run_zone_command).with(['--remove-masquerade'])
|
60
|
+
@resource.expects(:notify)
|
61
|
+
@resource.run
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
sub_test_case 'disable' do
|
66
|
+
setup do
|
67
|
+
#
|
68
|
+
# $ firewall-cmd --zone public --query-masquerade
|
69
|
+
# no
|
70
|
+
#
|
71
|
+
@resource.stubs(:masquerade_enabled?).returns(false)
|
72
|
+
end
|
73
|
+
|
74
|
+
test 'To enable' do
|
75
|
+
@resource.attributes.masquerade = true
|
76
|
+
@resource.expects(:run_zone_command).with(['--add-masquerade'])
|
77
|
+
@resource.expects(:notify)
|
78
|
+
@resource.run
|
79
|
+
end
|
80
|
+
|
81
|
+
test 'To disable (noop)' do
|
82
|
+
@resource.attributes.masquerade = false
|
83
|
+
@resource.expects(:notify).never
|
84
|
+
@resource.run
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
sub_test_case 'default_zone' do
|
90
|
+
setup do
|
91
|
+
@resource.stubs(:run_command)
|
92
|
+
.with(['firewall-cmd', '--get-default-zone'])
|
93
|
+
.returns(stub(stdout: 'home'))
|
94
|
+
end
|
95
|
+
|
96
|
+
test 'Set default zone' do
|
97
|
+
@resource.attributes.default_zone = true
|
98
|
+
@resource.expects(:set_default_zone)
|
99
|
+
@resource.expects(:notify)
|
100
|
+
@resource.run
|
101
|
+
end
|
102
|
+
|
103
|
+
sub_test_case 'already default zone' do
|
104
|
+
setup do
|
105
|
+
@resource.stubs(:run_command)
|
106
|
+
.with(['firewall-cmd', '--get-default-zone'])
|
107
|
+
.returns(stub(stdout: 'public'))
|
108
|
+
end
|
109
|
+
|
110
|
+
test 'Set default zone (noop)' do
|
111
|
+
@resource.attributes.default_zone = true
|
112
|
+
@resource.expects(:set_default_zone).never
|
113
|
+
@resource.expects(:notify).never
|
114
|
+
@resource.run
|
115
|
+
end
|
116
|
+
|
117
|
+
test 'Do not perform unset default zone (noop)' do
|
118
|
+
@resource.attributes.default_zone = false
|
119
|
+
@resource.expects(:notify).never
|
120
|
+
@resource.run
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
metadata
ADDED
@@ -0,0 +1,145 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: itamae-plugin-resource-firewalld
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Wataru MIYAGUNI
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-12-20 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.7'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.7'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: test-unit
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: 3.0.1
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: 3.0.1
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: mocha
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: coveralls
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: itamae
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
description: Itamae resource plugin to manage firewalld.
|
98
|
+
email:
|
99
|
+
- gonngo@gmail.com
|
100
|
+
executables: []
|
101
|
+
extensions: []
|
102
|
+
extra_rdoc_files: []
|
103
|
+
files:
|
104
|
+
- ".gitignore"
|
105
|
+
- ".travis.yml"
|
106
|
+
- Gemfile
|
107
|
+
- LICENSE.txt
|
108
|
+
- README.md
|
109
|
+
- Rakefile
|
110
|
+
- examples/README.md
|
111
|
+
- examples/Vagrantfile
|
112
|
+
- examples/recipe.rb
|
113
|
+
- itamae-plugin-resource-firewalld.gemspec
|
114
|
+
- lib/itamae/plugin/resource/firewalld.rb
|
115
|
+
- lib/itamae/plugin/resource/firewalld/version.rb
|
116
|
+
- lib/itamae/plugin/resource/firewalld_zone.rb
|
117
|
+
- test/helper.rb
|
118
|
+
- test/itamae/plugin/resource/test_firewalld_zone.rb
|
119
|
+
homepage: https://github.com/gongo/itamae-plugin-resource-firewalld
|
120
|
+
licenses:
|
121
|
+
- MIT
|
122
|
+
metadata: {}
|
123
|
+
post_install_message:
|
124
|
+
rdoc_options: []
|
125
|
+
require_paths:
|
126
|
+
- lib
|
127
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - ">="
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '0'
|
132
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
133
|
+
requirements:
|
134
|
+
- - ">="
|
135
|
+
- !ruby/object:Gem::Version
|
136
|
+
version: '0'
|
137
|
+
requirements: []
|
138
|
+
rubyforge_project:
|
139
|
+
rubygems_version: 2.2.2
|
140
|
+
signing_key:
|
141
|
+
specification_version: 4
|
142
|
+
summary: Itamae resource plugin to manage firewalld.
|
143
|
+
test_files:
|
144
|
+
- test/helper.rb
|
145
|
+
- test/itamae/plugin/resource/test_firewalld_zone.rb
|