Class: Puffy::Puppet

Inherits:

Object

• Object
• Puffy::Puppet

Defined in:

lib/puffy/puppet.rb

Overview

Manage nodes rulesets as a tree of rules to serve via Puppet

Instance Method Summary

• #diff ⇒ void

  Show differences between saved and generated rules.

• #initialize(path, parser) ⇒ Puppet constructor

  Setup an environment to store firewall rules to disk.

• #save ⇒ void

  Saves rules to disk.

Constructor Details

#initialize(path, parser) ⇒ Puppet

Setup an environment to store firewall rules to disk

Parameters:

• path (String) —

  Root directory of the tree of firewall rules

• parser (Puffy::Parser) —

  A parser with nodes and rules

# File 'lib/puffy/puppet.rb', line 12

def initialize(path, parser)
  @path = path
  @parser = parser

  @formatters = [
    Puffy::Formatters::Pf::Ruleset.new,
    Puffy::Formatters::Netfilter4::Ruleset.new,
    Puffy::Formatters::Netfilter6::Ruleset.new,
  ]
end

Instance Method Details

#diff ⇒ void

This method returns an undefined value.

Show differences between saved and generated rules

# File 'lib/puffy/puppet.rb', line 41

def diff
  each_fragment do |fragment_name, fragment_content|
    human_fragment_name = fragment_name.delete_prefix(@path).delete_prefix('/')
    IO.popen("diff -u1 -N --unidirectional-new-file --ignore-matching-lines='^#' --label a/#{human_fragment_name} #{fragment_name} --label b/#{human_fragment_name} -", 'r+') do |io|
      io.write(fragment_content)
      io.close_write
      out = io.read
      $stdout.write out
    end
  end
end

#save ⇒ void

This method returns an undefined value.

Saves rules to disk

# File 'lib/puffy/puppet.rb', line 26

def save
  each_fragment do |fragment_name, fragment_content|
    FileUtils.mkdir_p(File.dirname(fragment_name))

    next unless fragment_changed?(fragment_name, fragment_content)

    File.open(fragment_name, 'w') do |f|
      f.write(fragment_content)
    end
  end
end