Parameterised port - service/proftpd

2026-02-22 11:48:17 +00:00 · 2017-04-19 13:17:48 +01:00
parent e0a0e1f8d4
commit 3d4c0fa98a
5 changed files with 19 additions and 5 deletions
--- a/modules/services/unix/ftp/proftpd/manifests/configure.pp
+++ b/modules/services/unix/ftp/proftpd/manifests/configure.pp
@@ -1,9 +1,11 @@
 class proftpd::configure {
+  $json_inputs = base64('decode', $::base64_inputs)
  file { '/etc/proftpd/proftpd.conf':
+    notify   => Service['proftpd'],
    ensure   => present,
    owner    => 'root',
    group    => 'root',
    mode     => '0644',
-    content  => template('proftpd/proftpd.erb')
+    content  => template('proftpd/proftpd.erb'),
  }
 }
--- a/modules/services/unix/ftp/proftpd/manifests/init.pp
+++ b/modules/services/unix/ftp/proftpd/manifests/init.pp
@@ -1,5 +1,5 @@
 class proftpd {
-  require proftpd::install
-  require proftpd::configure
-  require proftpd::service
+  class { 'proftpd::install': }
+  class { 'proftpd::configure': } ~>
+  class { 'proftpd::service': }
 }
--- a/modules/services/unix/ftp/proftpd/manifests/service.pp
+++ b/modules/services/unix/ftp/proftpd/manifests/service.pp
@@ -2,6 +2,8 @@ class proftpd::service {
  service { 'proftpd':
    ensure  => running,
    enable  => true,
+    hasrestart  => true,
    require => File['/etc/proftpd/proftpd.conf'],
+    subscribe => File['/etc/proftpd/proftpd.conf'],
  }
 }
--- a/modules/services/unix/ftp/proftpd/secgen_metadata.xml
+++ b/modules/services/unix/ftp/proftpd/secgen_metadata.xml
@@ -12,6 +12,12 @@
  <type>ftp</type>
  <platform>linux</platform>

+  <read_fact>port</read_fact>
+
+  <default_input into="port">
+    <value>201</value>
+  </default_input>
+
  <!--optional details-->
  <reference>https://security.appspot.com/vsftpd.html</reference>
  <reference>https://forge.puppet.com/adamjlow/proftpd</reference>
--- a/modules/services/unix/ftp/proftpd/templates/proftpd.erb
+++ b/modules/services/unix/ftp/proftpd/templates/proftpd.erb
@@ -1,3 +1,7 @@
+<%  require 'json'
+    $secgen_parameters = JSON.parse(@json_inputs)
+    $port = $secgen_parameters['port'].first
+%>
 #
 # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
 # To really apply changes, reload proftpd after modifications, if
@@ -38,7 +42,7 @@ DenyFilter			\*.*/
 # RequireValidShell		off

 # Port 21 is the standard FTP port.
-Port				21
+Port				<%=$port%>

 # In some cases you have to specify passive ports range to by-pass
 # firewall limitations. Ephemeral ports can be used for that, but