Merge pull request #91 from jordiprats/master

ubuntu 18.04 + resolved
NTTCom-MS · May 15, 2018 · f3c7be8 · f3c7be8
2 parents cf0aab8 + 1ee623f
commit f3c7be8
Show file tree

Hide file tree

Showing 8 changed files with 85 additions and 43 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # CHANGELOG
 
+## 0.1.43
+
+* added Ubuntu 18.04 support
+* added revolved support via **class systemd::resolved**
+
 ## 0.1.42
 
 * Add journald under puppet management - thanks to [fraenki](https://github.com/fraenki) for this [PR-84](https://github.com/NTTCom-MS/eyp-systemd/pull/84), it have been marged with some changes using [PR-87](https://github.com/NTTCom-MS/eyp-systemd/pull/87)

diff --git a/README.md b/README.md
@@ -40,6 +40,7 @@ For systemd related questions please refer to:
 - Creates drop-in definitions: **/etc/systemd/system/${servicename}/${dropin_order}-${dropin_name}.service**
 - Creates systemd/sys-v compatibility scripts
 - Manages **/etc/systemd/logind.conf**
+- Manages **/etc/systemd/journald.conf**
 
 ### Setup Requirements
 
@@ -341,48 +342,9 @@ systemd-journald is a system service that collects and stores logging data
 
 #### systemd::service::dropin
 
+Has the same options as **systemd::service** plus the following options for the dropin itself management:
 * **dropin_order**: dropin priority - part of the filename, only useful for multiple dropin files (default: 99)
 * **dropin_name**: dropin name (default: override)
-* **execstart**: command to start daemon (default: undef)
-* **execstop**: command to stop daemon (default: undef)
-* **execreload**: commands or scripts to be executed when the unit is reloaded (default: undef)
-* **restart**: restart daemon if crashes. Takes one of no, on-success, on-failure, on-abnormal, on-watchdog, on-abort, or always (default: undef)
-* **user**: username to use (default: root)
-* **group**: group to use (default: root)
-* **servicename**: service name (default: resource's name)
-* **pid_file**: PIDFile specifies a stable PID for the main process of the service (default: undef)
-* **description**: A meaningful description of the unit. This text is displayed for example in the output of the systemctl status command (default: undef)
-* **after**: Defines the order in which units are started (default: undef)
-* **remain_after_exit**: If set to True, the service is considered active even when all its processes exited. (default: undef)
-* **type**: Configures the unit process startup type that affects the functionality of ExecStart and related options (default: undef)
-* **env_vars**: array of environment variables (default: undef)
-* **wants**: A weaker version of Requires=. Units listed in this option will be started if the configuring unit is. However, if the listed units fail to start or cannot be added to the transaction, this has no impact on the validity of the transaction as a whole (default: [])
-* **before_units**: Configures ordering dependencies between units, for example, if a unit foo.service contains a setting Before=bar.service and both units are being started, bar.service's start-up is delayed until foo.service is started up (default: [])
-* **after_units**: Configures ordering dependencies between units. (default: [])
-* **requires**: Configures requirement dependencies on other units. If this unit gets activated, the units listed here will be activated as well. If one of the other units gets deactivated or its activation fails, this unit will be deactivated (default: [])
-* **conflicts**: A space-separated list of unit names. Configures negative requirement dependencies. If a unit has a Conflicts= setting on another unit, starting the former will stop the latter and vice versa (default: [])
-* **permissions_start_only**: If **true**, the permission-related execution options, as configured with User= and similar options, are only applied to the process started with ExecStart=, and not to the various other ExecStartPre=, ExecStartPost=, ExecReload=, ExecStop=, and ExecStopPost= commands. If **false**, the setting is applied to all configured commands the same way (default: false)
-* **execstartpre**: Additional commands that are executed before the command in ExecStart= Syntax is the same as for ExecStart=, except that multiple command lines are allowed and the commands are executed one after the other, serially. (default: undef)
-* **timeoutstartsec**:Configures the time to wait for start-up. If a daemon service does not signal start-up completion within the configured time, the service will be considered failed and will be shut down again. Takes a unit-less value in seconds, or a time span value such as "5min 20s". Pass "infinity" to disable the timeout logic (default: undef)
-* **timeoutstopsec**: Configures the time to wait for stop. If a service is asked to stop, but does not terminate in the specified time, it will be terminated forcibly via SIGTERM, and after another timeout of equal duration with SIGKILL. Takes a unit-less value in seconds, or a time span value such as "5min 20s". Pass "infinity" to disable the timeout logic. (default: undef)
-* **timeoutsec**: A shorthand for configuring both **TimeoutStartSec=** and **TimeoutStopSec=** to the specified value. (default: undef)
-* **restart_prevent_exit_status**: Takes a list of exit status definitions that, when returned by the main service process, will prevent automatic service restarts, regardless of the restart setting configured with Restart=. Exit status definitions can either be numeric exit codes or termination signal names, and are separated by spaces. Defaults to the empty list, so that, by default, no exit status is excluded from the configured restart logic. For example: **RestartPreventExitStatus=1 6 SIGABRT** ensures that exit codes 1 and 6 and the termination signal SIGABRT will not result in automatic service restarting. This option may appear more than once, in which case the list of restart-preventing statuses is merged. If the empty string is assigned to this option, the list is reset and all prior assignments of this option will have no effect. (default: undef)
-* **limit_nofile**: Limit number of File Descriptors *ulimit -n* Resource limits may be specified in two formats: either as single value to set a specific soft and hard limit to the same value, or as colon-separated pair soft:hard to set both limits individually (default: undef)
-* **limit_nproc**: Limit max number of processes *ulimit -u* Resource limits may be specified in two formats: either as single value to set a specific soft and hard limit to the same value, or as colon-separated pair soft:hard to set both limits individually (default: undef)
-* **limit_nice**: Nice level (default: undef)
-* **runtime_directory**: Takes a list of directory names. If set, one or more directories by the specified names will be created below /run (for system services) or below $XDG_RUNTIME_DIR (for user services) when the unit is started, and removed when the unit is stopped. The directories will have the access mode specified in RuntimeDirectoryMode=, and will be owned by the user and group specified in User= and Group=. Use this to manage one or more runtime directories of the unit and bind their lifetime to the daemon runtime. The specified directory names must be relative, and may not include a "/", i.e. must refer to simple directories to create or remove. This is particularly useful for unprivileged daemons that cannot create runtime directories in /run due to lack of privileges, and to make sure the runtime directory is cleaned up automatically after use (default: undef)
-* **runtime_directory_mode**: Directory mode for **runtime_directory** (default: undef)
-* **restart_sec**: Configures the time to sleep before restarting a service in seconds (default: undef)
-* **private_tmp**: If true, sets up a new file system namespace for the executed processes and mounts private /tmp and /var/tmp directories inside it that is not shared by processes outside of the namespace. This is useful to secure access to temporary files of the process, but makes sharing between processes via /tmp or /var/tmp impossible. If this is enabled, all temporary files created by a service in these directories will be removed after the service is stopped (default: false)
-* **working_directory**: Takes a directory path relative to the service's root directory specified by RootDirectory= (default: undef)
-* **root_directory**: Sets the root directory for executed processes, with the chroot(2) system call (default: undef)
-* **environment_files**: Similar to **env_vars** but reads the environment variables from a text file. The text file should contain new-line-separated variable assignments. Empty lines, lines without an "=" separator, or lines starting with ; or # will be ignored, which may be used for commenting. A line ending with a backslash will be concatenated with the following one, allowing multiline variable definitions (default: undef)
-* **umask**: Controls the file mode creation mask. Takes an access mode in octal notation. (default: undef)
-* **nice**: Sets the default nice level (scheduling priority) for executed processes. Takes an integer between -20 *highest priority* and 19 *lowest priority* (default: undef)
-* **oom_score_adjust**: Sets the adjustment level for the **Out-Of-Memory killer** for executed processes. Takes an integer between -1000 *to disable OOM killing* and 1000 *to make killing of this process under memory pressure very likely* (default: undef)
-* **startlimitinterval**:  Configures the checking interval (default: undef)
-* **startlimitburst**: Configures how many starts per interval are allowed (default: undef)
-* **killmode**: Specifies how processes of this unit shall be killed. One of control-group, process, mixed, none. (default: undef)
 
 #### systemd::sysvwrapper
 

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -20,7 +20,7 @@
         {
           case $::operatingsystemrelease
           {
-            /^16.*$/:
+            /^1[68].*$/:
             {
             }
             default: { fail("Unsupported Ubuntu version! - ${::operatingsystemrelease}")  }

diff --git a/manifests/resolved.pp b/manifests/resolved.pp
@@ -0,0 +1,17 @@
+class systemd::resolved (
+                          $manage_service        = true,
+                          $manage_docker_service = true,
+                          $service_ensure        = 'running',
+                          $service_enable        = true,
+                          $dns                   = [],
+                          $fallback_dns          = [],
+                          $dns_stub_listener     = true,
+                          $dnssec                = false,
+                          $cache                 = true,
+                        ) inherits systemd::params {
+
+
+  class { '::systemd::resolved::config': } ~>
+  class { '::systemd::resolved::service': } ->
+  Class['::systemd::resolved']
+}
diff --git a/manifests/resolved/config.pp b/manifests/resolved/config.pp
@@ -0,0 +1,14 @@
+class systemd::resolved::config inherits systemd::resolved {
+
+  Exec {
+    path => '/bin:/sbin:/usr/bin:/usr/sbin',
+  }
+
+  file { '/etc/systemd/resolved.conf':
+    ensure  => 'present',
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    content => template("${module_name}/resolved.erb"),
+  }
+}
diff --git a/manifests/resolved/service.pp b/manifests/resolved/service.pp
@@ -0,0 +1,19 @@
+class systemd::resolved::service inherits systemd::resolved {
+
+  $is_docker_container_var=getvar('::eyp_docker_iscontainer')
+  $is_docker_container=str2bool($is_docker_container_var)
+
+  if( $is_docker_container==false or
+      $systemd::resolved::manage_docker_service)
+  {
+    if($systemd::resolved::manage_service)
+    {
+      service { 'systemd-resolved':
+        ensure     => $systemd::resolved::service_ensure,
+        enable     => $systemd::resolved::service_enable,
+        hasstatus  => true,
+        hasrestart => true,
+      }
+    }
+  }
+}
diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "eyp-systemd",
-  "version": "0.1.42",
+  "version": "0.1.43",
   "author": "eyp",
   "summary": "management of systemd services, services dropins, sockets and timers",
   "license": "Apache-2.0",
@@ -34,7 +34,7 @@
     },
     {
       "operatingsystem": "Ubuntu",
-      "operatingsystemrelease": [ "16.04" ]
+      "operatingsystemrelease": [ "16.04", "18.04" ]
     },
     {
       "operatingsystem": "Debian",

diff --git a/templates/resolved.erb b/templates/resolved.erb
@@ -0,0 +1,25 @@
+###  puppet managed file
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See resolved.conf(5) for details
+<% if @dns.any? -%>
+DNS=<%= @dns.join(' ') %>
+<% end -%>
+<% if @fallback_dns.any? -%>
+FallbackDNS=<%= @fallback_dns.join(' ') %>
+<% end -%>
+#Domains=
+#LLMNR=no
+#MulticastDNS=no
+DNSSEC=<%= scope.function_bool2yesno([@dnssec]) %>
+Cache=<%= scope.function_bool2yesno([@cache]) %>
+DNSStubListener=<%= scope.function_bool2yesno([@dns_stub_listener]) %>