From c3e537bbb83811ee872be83ccb0a90a79108b44a Mon Sep 17 00:00:00 2001 From: jbond Date: Thu, 24 Aug 2023 17:43:01 +0200 Subject: [PATCH] Allow forcing service restart if control_enable true Also fix some minor rubocop issues Fixes #318 --- REFERENCE.md | 14 ++++++++++++-- manifests/init.pp | 11 +++++++++-- spec/classes/init_spec.rb | 13 +++++++++++++ 3 files changed, 34 insertions(+), 4 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 6eaf736..b995358 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -47,6 +47,7 @@ The following parameters are available in the `unbound` class: * [`unbound_version`](#-unbound--unbound_version) * [`update_root_hints`](#-unbound--update_root_hints) * [`interface_automatic_ports`](#-unbound--interface_automatic_ports) +* [`force_restart`](#-unbound--force_restart) * [`manage_service`](#-unbound--manage_service) * [`verbosity`](#-unbound--verbosity) * [`statistics_interval`](#-unbound--statistics_interval) @@ -290,6 +291,15 @@ specifies the default ports to listen on when interface_automatic is also set to Default value: `undef` +##### `force_restart` + +Data type: `Boolean` + +if true and manage_service is also true the unbound service will be restarted instead +of reloaded. + +Default value: `false` + ##### `manage_service` Data type: `Boolean` @@ -2463,7 +2473,7 @@ Alias of ```puppet Struct[{ - action => Optional[Enum['deny', 'refuse', 'allow', 'allow_snoop', 'deny_non_local', 'refuse_non_local']], + action => Optional[Enum['deny', 'refuse', 'allow', 'allow_setrd', 'allow_snoop', 'allow_cookie', 'deny_non_local', 'refuse_non_local']], tags => Optional[Array[String]], rr_string => Optional[String], view => Optional[String], @@ -2533,7 +2543,7 @@ Struct[{ custom enum type for local-zone types -Alias of `Enum['deny', 'refuse', 'static', 'transparent', 'redirect', 'nodefault', 'typetransparent', 'inform', 'inform_deny', 'always_transparent', 'always_refuse', 'always_nxdomain']` +Alias of `Enum['deny', 'refuse', 'static', 'transparent', 'redirect', 'nodefault', 'typetransparent', 'inform', 'inform_deny', 'inform_redirect', 'always_transparent', 'block_a', 'always_refuse', 'always_nxdomain', 'always_null', 'noview', 'nodefault']` ### `Unbound::Module` diff --git a/manifests/init.pp b/manifests/init.pp index 846dd56..3952a77 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -12,6 +12,8 @@ # @param interface_automatic_ports # specifies the default ports to listen on when interface_automatic is also set to true, defaults to undef, specify as a string of space seperated ports e.g. "53 853 443" # +# @param force_restart if true and manage_service is also true the unbound service will be restarted instead +# of reloaded. class unbound ( Boolean $manage_service = true, Integer[0,5] $verbosity = 1, @@ -190,6 +192,7 @@ Boolean $service_enable = true, String[1] $validate_cmd = '/usr/sbin/unbound-checkconf %', String[1] $restart_cmd = "/bin/systemctl restart ${service_name}", + Boolean $force_restart = false, Array[String[1]] $custom_server_conf = [], Boolean $skip_roothints_download = false, Optional[Stdlib::Absolutepath] $python_script = undef, @@ -279,9 +282,13 @@ require => $service_reuse, } if $manage_service { + $service_require = { 'require' => Class['unbound::remote'] } + $service_params = $force_restart ? { + true => $service_require, + false => $service_require + { 'restart' => "${control_path} reload" }, + } Service[$service_name] { - restart => "${control_path} reload", - require => Class['unbound::remote'], + * => $service_params, } } include unbound::remote diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index ef169ec..abd5d4b 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -24,16 +24,19 @@ let(:service) { 'unbound' } let(:conf_dir) { '/etc/unbound' } let(:purge_unbound_conf_d) { true } + let(:control_path) { '/usr/sbin/unbound-control' } when 'OpenBSD' pidfile = '/var/run/unbound.pid' let(:service) { 'unbound' } let(:conf_dir) { '/var/unbound/etc' } let(:purge_unbound_conf_d) { false } + let(:control_path) { '/usr/sbin/unbound-control' } when 'FreeBSD' pidfile = '/usr/local/etc/unbound/unbound.pid' let(:service) { 'unbound' } let(:conf_dir) { '/usr/local/etc/unbound' } let(:purge_unbound_conf_d) { false } + let(:control_path) { '/usr/local/sbin/unbound-control' } when 'Darwin' pidfile = '/var/run/unbound.pid' let(:service) { 'org.macports.unbound' } @@ -44,6 +47,7 @@ let(:service) { 'unbound' } let(:conf_dir) { '/etc/unbound' } let(:purge_unbound_conf_d) { false } + let(:control_path) { '/usr/sbin/unbound-control' } end context 'with default params' do @@ -945,6 +949,8 @@ ) end + it { is_expected.to contain_service(service).with_restart("#{control_path} reload") } + case facts[:os]['family'] when 'FreeBSD' it { is_expected.to contain_exec('unbound-control-setup').with_command('/usr/local/sbin/unbound-control-setup -d /usr/local/etc/unbound') } @@ -1194,6 +1200,13 @@ ) end end + + context 'with force_restart' do + let(:params) { { force_restart: true, control_enable: true } } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_service(service).with_restart(nil) } + end end end # rubocop:enable RSpec/MultipleMemoizedHelpers