added controls for main conf/local files

manifests/params.pp

@@ -23,12 +23,42 @@
 # @param  [string] pkg_ensure
 #   which [package type](https://confdroid.com/2017/05/puppet-type-package/)
 #   to choose, i.e. `latest` or `present`.
+# @param  [boolean] fn_manage_config Whether to manage the fail2ban
+#   configuration files. If set to false, fail2ban will be installed, but the
+#   configuration will not be managed.
+# @param  [string] fn_enable_service Whether to enable/start or disable/stop
+#    the fail2ban service. Valid options are `running` or `stopped`.
+# @param  [string]  fn_loglevel Set the log level output. Valid options are
+# `CRITICAL`,`ERROR`,`WARNING`,`NOTICE`,`INFO` and `DEBUG`.
+# @param  [string]  fn_logtarget Set the log target. This could be a file,
+#   SYSLOG, STDERR or STDOUT. Only one log target can be specified.
+# @param  [string] fn_syslogsocket Set the syslog socket file. Only used when
+#   logtarget is SYSLOG.  auto uses platform.system() to determine predefined
+#   paths Valid options: [ auto | FILE ].
+# @param  [string] fn_socket Set the socket file to communicate with the daemon.
+# @param  [string]  fn_pidfile Set the PID file to store the process ID of the
+#   fail2ban server.
+# @param  [string] fn_dbfile file for the fail2ban persistent data to be stored.
+#   A value of ":memory:" means database is only stored in memory
+#   and data is lost when fail2ban is stopped.
+#   A value of "None" disables the database.
+# @param  [string] fn_dbpurgeage age in seconds at which bans should be purged
+#   from the database.
 ##############################################################################
 class cd_fail2ban::params (
 
-$pkg_ensure           = 'latest',
+$pkg_ensure             = 'latest',
+
+$fn_manage_config       = true,
+$fn_enable_service      = 'running',
+$fn_loglevel            = 'INFO',
+$fn_logtarget           = 'SYSLOG',
+$fn_syslogsocket        = 'auto',
+$fn_socket              = '/var/run/fail2ban/fail2ban.sock',
+$fn_pidfile             = '/var/run/fail2ban/fail2ban.pid',
+$fn_dbfile              = '/var/lib/fail2ban/fail2ban.sqlite3',
+$fn_dbpurgeage          = '86400',
 
-$fn_enable_fail2ban   =  true,
 
 ) {
 
@@ -42,18 +72,22 @@ $reqpackages  = $::operatingsystem ? {
 
 
 # service
-$fn_service           = 'fail2ban'
+$fn_service             = 'fail2ban'
 
 # directories
-$fn_main_dir          = '/etc/fail2ban'
-$fn_action_d_dir      = "${fn_main_dir}/action.d"
-$fn_fail2ban_d_dir    = "${fn_main_dir}/fail2ban.d"
-$fn_filter_d_dir      = "${fn_main_dir}/filter.d"
-$fn_jail_d_dir        = "${fn_main_dir}/jail.d"
-$fn_var_lib_dir       = '/var/lib/fail2ban'
-
+$fn_main_dir            = '/etc/fail2ban'
+$fn_action_d_dir        = "${fn_main_dir}/action.d"
+$fn_fail2ban_d_dir      = "${fn_main_dir}/fail2ban.d"
+$fn_filter_d_dir        = "${fn_main_dir}/filter.d"
+$fn_jail_d_dir          = "${fn_main_dir}/jail.d"
+$fn_var_lib_dir         = '/var/lib/fail2ban'
+$fn_var_run_dir         = '/var/run/fail2ban'
 
 # files
+$fn_fail2ban_conf_file  = "${fn_main_dir}fail2ban.conf"
+$fn_fail2ban_conf_erb   = 'cd_fail2ban/fail2ban_conf.erb'
+$fn_fail2ban_local_file = "${fn_main_dir}fail2ban.local"
+$fn_fail2ban_local_erb  = 'cd_fail2ban/fail2ban_local.erb'
 
 # includes must be last