Skip to content

Commit 3e5ae73

Browse files
supertassusupertassu
committed
nftables: Add explicit requires on the package
Puppet almost always works correctly here, but I've seen a few edge cases on the first install where Puppet tries to restart a non-existing service. I assume that has something to do with the virtual resource pattern that nftables::conf uses.
1 parent 07980f8 commit 3e5ae73

File tree

1 file changed

+11
-8
lines changed

1 file changed

+11
-8
lines changed

modules/nftables/manifests/init.pp

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,13 @@
55
}
66

77
file { '/etc/nftables.conf':
8-
ensure => file,
9-
owner => 'root',
10-
group => 'root',
11-
mode => '0444',
12-
source => 'puppet:///modules/nftables/init.nft',
13-
notify => Service['nftables'],
8+
ensure => file,
9+
owner => 'root',
10+
group => 'root',
11+
mode => '0444',
12+
source => 'puppet:///modules/nftables/init.nft',
13+
require => Package['nftables'],
14+
notify => Service['nftables'],
1415
}
1516

1617
file { '/etc/nftables/':
@@ -20,12 +21,14 @@
2021
recurse => true,
2122
purge => true,
2223
force => true,
24+
require => Package['nftables'],
2325
notify => Service['nftables'],
2426
}
2527

2628
service { 'nftables':
27-
ensure => running,
28-
enable => true,
29+
require => Package['nftables'],
30+
ensure => running,
31+
enable => true,
2932
}
3033

3134
File <| tag == 'nftables' |>

0 commit comments

Comments
 (0)