Start auto-purging mods-enabled. Provide a way of enabling stock modules from...

Start auto-purging mods-enabled. Provide a way of enabling stock modules from mods-available. Enable a set of stock modules by default.

Start auto-purging mods-enabled. Provide a way of enabling stock modules from...
c9820527 · Jonathan Gazeley · 26fb5079 · c9820527 · c9820527 · c9820527
Commit c9820527 authored 9 years ago by Jonathan Gazeley
--- a/README.md
+++ b/README.md
@@ -467,15 +467,24 @@ Default: `allow`

 #### `freeradius::module`

-Install a module from a flat file.
+Install a module from a flat file, or enable a stock module that came with your distribution of FreeRADIUS.

 ```puppet
+# Enable a stock module
+freeradius::module { 'pap':
+  preserve => true,
+}
+```
+
+```puppet
+# Install a custom module from a flat file
 freeradius::module { 'buffered-sql':
  source => 'puppet:///modules/site_freeradius/buffered-sql',
 }
 ```

 ```puppet
+# Install a custom module from a template
 freeradius::module { 'buffered-sql':
  content => template('some_template.erb)',
 }

--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -55,6 +55,7 @@ class freeradius (
    "${freeradius::fr_basepath}/certs",
    "${freeradius::fr_basepath}/clients.d",
    "${freeradius::fr_basepath}/sites-enabled",
+    "${freeradius::fr_basepath}/mods-enabled",
    "${freeradius::fr_basepath}/instantiate",
  ]:
    ensure  => directory,
@@ -73,6 +74,41 @@ class freeradius (
    ensure => absent,
  }

+  # Preserve some stock modules
+  freeradius::module { [
+    'always',
+    'cache_eap',
+    'chap',
+    'detail',
+    'detail.log',
+    'dhcp',
+    'digest',
+    'dynamic_clients',
+    'echo',
+    'exec',
+    'expiration',
+    'expr',
+    'files',
+    'linelog',
+    'logintime',
+    'mschap',
+    'ntlm_auth',
+    'pap',
+    'passwd',
+    'preprocess',
+    'radutmp',
+    'realm',
+    'replicate',
+    'soh',
+    'sradutmp',
+    'unix',
+    'unpack',
+    'utf8',
+  ]:
+    preserve => true,
+  }
+
+
  # Set up concat policy file, as there is only one global policy
  # We also add standard header and footer
  concat { "${freeradius::fr_basepath}/policy.conf":

--- a/manifests/module.pp
+++ b/manifests/module.pp
@@ -3,12 +3,22 @@ define freeradius::module (
  $source = undef,
  $content = undef,
  $ensure = present,
+  $preserve = false,
 ) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service
  $fr_modulepath = $::freeradius::params::fr_modulepath
+  $fr_basepath = $::freeradius::params::fr_basepath
  $fr_group    = $::freeradius::params::fr_group

+  if ($preserve) {
+    # Symlink to mods-available for stock modules
+    file { "${fr_modulepath}/${name}":
+      ensure => link,
+      target => "${fr_basepath}/mods-available/${name}",
+    }
+  } else {
+    # Deploy actual module to sites-enabled
    file { "${fr_modulepath}/${name}":
      ensure  => $ensure,
      mode    => '0640',
@@ -20,3 +30,4 @@ define freeradius::module (
      notify  => Service[$fr_service],
    }
  }
+}