diff --git a/REFERENCE.md b/REFERENCE.md
index 1a03a37..04bf5df 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -1,1002 +1,1280 @@
# Reference
## Table of Contents
### Classes
#### Public Classes
* [`systemd`](#systemd): This module allows triggering systemd commands once for all modules
* [`systemd::tmpfiles`](#systemdtmpfiles): Update the systemd temp files
#### Private Classes
-* `systemd::journald`: This class manages and configures journald. https://www.freedesktop.org/software/systemd/man/journald.conf.html
-* `systemd::logind`: This class manages systemd's login manager configuration. https://www.freedesktop.org/software/systemd/man/logind.conf.html
+* `systemd::journald`: This class manages and configures journald.
+* `systemd::logind`: This class manages systemd's login manager configuration.
* `systemd::networkd`: This class provides an abstract way to trigger systemd-networkd
-* `systemd::resolved`: This class provides an abstract way to trigger resolved. Each parameters correspond to resolved.conf(5): https://www.freedesktop.org/software
+* `systemd::resolved`: This class provides an abstract way to trigger resolved.
* `systemd::system`: This class provides a solution to enable accounting
* `systemd::timesyncd`: This class provides an abstract way to trigger systemd-timesyncd
+* `systemd::udevd`: This class manages systemd's udev config
### Defined types
* [`systemd::dropin_file`](#systemddropin_file): Creates a drop-in file for a systemd unit
-* [`systemd::network`](#systemdnetwork): -- Define: systemd::network Creates network config for systemd-networkd
-* [`systemd::service_limits`](#systemdservice_limits): Adds a set of custom limits to the service * Mutually exclusive with ``$limits``
+* [`systemd::network`](#systemdnetwork): Creates network config for systemd-networkd
+* [`systemd::service_limits`](#systemdservice_limits): Adds a set of custom limits to the service
* [`systemd::timer`](#systemdtimer): Create a timer and optionally a service unit to execute with the timer unit
-* [`systemd::tmpfile`](#systemdtmpfile): Creates a systemd tmpfile * Mutually exclusive with ``$limits``
+* [`systemd::tmpfile`](#systemdtmpfile): Creates a systemd tmpfile
+* [`systemd::udev::rule`](#systemdudevrule): Adds a custom udev rule
* [`systemd::unit_file`](#systemdunit_file): Creates a systemd unit file
### Resource types
* [`loginctl_user`](#loginctl_user): An arbitrary name used as the identity of the resource.
### Data types
* [`Systemd::Dropin`](#systemddropin)
* [`Systemd::JournaldSettings`](#systemdjournaldsettings): Matches Systemd journald config Struct
* [`Systemd::JournaldSettings::Ensure`](#systemdjournaldsettingsensure)
* [`Systemd::LogindSettings`](#systemdlogindsettings): Matches Systemd Login Manager Struct
* [`Systemd::LogindSettings::Ensure`](#systemdlogindsettingsensure)
* [`Systemd::ServiceLimits`](#systemdservicelimits): Matches Systemd Service Limit Struct
* [`Systemd::Unit`](#systemdunit)
## Classes
-### `systemd`
+### `systemd`
This module allows triggering systemd commands once for all modules
#### Parameters
-The following parameters are available in the `systemd` class.
-
-##### `service_limits`
+The following parameters are available in the `systemd` class:
+
+* [`service_limits`](#service_limits)
+* [`manage_resolved`](#manage_resolved)
+* [`resolved_ensure`](#resolved_ensure)
+* [`dns`](#dns)
+* [`fallback_dns`](#fallback_dns)
+* [`domains`](#domains)
+* [`llmnr`](#llmnr)
+* [`multicast_dns`](#multicast_dns)
+* [`dnssec`](#dnssec)
+* [`dnsovertls`](#dnsovertls)
+* [`cache`](#cache)
+* [`dns_stub_listener`](#dns_stub_listener)
+* [`use_stub_resolver`](#use_stub_resolver)
+* [`manage_networkd`](#manage_networkd)
+* [`networkd_ensure`](#networkd_ensure)
+* [`manage_timesyncd`](#manage_timesyncd)
+* [`timesyncd_ensure`](#timesyncd_ensure)
+* [`ntp_server`](#ntp_server)
+* [`fallback_ntp_server`](#fallback_ntp_server)
+* [`manage_journald`](#manage_journald)
+* [`journald_settings`](#journald_settings)
+* [`manage_udevd`](#manage_udevd)
+* [`udev_log`](#udev_log)
+* [`udev_children_max`](#udev_children_max)
+* [`udev_exec_delay`](#udev_exec_delay)
+* [`udev_event_timeout`](#udev_event_timeout)
+* [`udev_resolve_names`](#udev_resolve_names)
+* [`udev_timeout_signal`](#udev_timeout_signal)
+* [`udev_rules`](#udev_rules)
+* [`manage_logind`](#manage_logind)
+* [`logind_settings`](#logind_settings)
+* [`loginctl_users`](#loginctl_users)
+* [`dropin_files`](#dropin_files)
+* [`manage_accounting`](#manage_accounting)
+* [`accounting`](#accounting)
+* [`purge_dropin_dirs`](#purge_dropin_dirs)
+
+##### `service_limits`
Data type: `Hash[String,Hash[String, Any]]`
May be passed a resource hash suitable for passing directly into the
``create_resources()`` function as called on ``systemd::service_limits``
-##### `manage_resolved`
+##### `manage_resolved`
Data type: `Boolean`
Manage the systemd resolver
-##### `resolved_ensure`
+##### `resolved_ensure`
Data type: `Enum['stopped','running']`
The state that the ``resolved`` service should be in
-##### `dns`
+##### `dns`
Data type: `Optional[Variant[Array[String],String]]`
A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers.
DNS requests are sent to one of the listed DNS servers in parallel to suitable
per-link DNS servers acquired from systemd-networkd.service(8) or set at runtime
by external applications. requires puppetlabs-inifile
-##### `fallback_dns`
+##### `fallback_dns`
Data type: `Optional[Variant[Array[String],String]]`
A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS
servers. Any per-link DNS servers obtained from systemd-networkd take
precedence over this setting. requires puppetlabs-inifile
-##### `domains`
+##### `domains`
Data type: `Optional[Variant[Array[String],String]]`
A space-separated list of domains host names or IP addresses to be used
systemd-resolved take precedence over this setting.
-##### `llmnr`
+##### `llmnr`
Data type: `Optional[Variant[Boolean,Enum['resolve']]]`
Takes a boolean argument or "resolve".
-##### `multicast_dns`
+##### `multicast_dns`
Data type: `Optional[Variant[Boolean,Enum['resolve']]]`
Takes a boolean argument or "resolve".
-##### `dnssec`
+##### `dnssec`
Data type: `Optional[Variant[Boolean,Enum['allow-downgrade']]]`
Takes a boolean argument or "allow-downgrade".
-##### `dnsovertls`
+##### `dnsovertls`
Data type: `Optional[Variant[Boolean,Enum['opportunistic', 'no']]]`
Takes a boolean argument or "opportunistic"
-##### `cache`
+##### `cache`
-Data type: `Boolean`
+Data type: `Optional[Variant[Boolean,Enum['no-negative']]]`
-Takes a boolean argument.
+Takes a boolean argument or "no-negative".
-##### `dns_stub_listener`
+##### `dns_stub_listener`
Data type: `Optional[Variant[Boolean,Enum['udp','tcp']]]`
Takes a boolean argument or one of "udp" and "tcp".
-##### `use_stub_resolver`
+##### `use_stub_resolver`
Data type: `Boolean`
-Takes a boolean argument. When "false" (default) it uses /var/run/systemd/resolve/resolv.conf
-as /etc/resolv.conf. When "true", it uses /var/run/systemd/resolve/stub-resolv.conf
+Takes a boolean argument. When "false" (default) it uses /run/systemd/resolve/resolv.conf
+as /etc/resolv.conf. When "true", it uses /run/systemd/resolve/stub-resolv.conf
-##### `manage_networkd`
+##### `manage_networkd`
Data type: `Boolean`
Manage the systemd network daemon
-##### `networkd_ensure`
+##### `networkd_ensure`
Data type: `Enum['stopped','running']`
The state that the ``networkd`` service should be in
-##### `manage_timesyncd`
+##### `manage_timesyncd`
Data type: `Boolean`
Manage the systemd tiemsyncd daemon
-##### `timesyncd_ensure`
+##### `timesyncd_ensure`
Data type: `Enum['stopped','running']`
The state that the ``timesyncd`` service should be in
-##### `ntp_server`
+##### `ntp_server`
Data type: `Optional[Variant[Array,String]]`
comma separated list of ntp servers, will be combined with interface specific
addresses from systemd-networkd. requires puppetlabs-inifile
-##### `fallback_ntp_server`
+##### `fallback_ntp_server`
Data type: `Optional[Variant[Array,String]]`
A space-separated list of NTP server host names or IP addresses to be used
as the fallback NTP servers. Any per-interface NTP servers obtained from
systemd-networkd take precedence over this setting. requires puppetlabs-inifile
-##### `manage_journald`
+##### `manage_journald`
Data type: `Boolean`
Manage the systemd journald
-##### `journald_settings`
+##### `journald_settings`
Data type: `Systemd::JournaldSettings`
Config Hash that is used to configure settings in journald.conf
-##### `manage_logind`
+##### `manage_udevd`
+
+Data type: `Boolean`
+
+Manage the systemd udev daemon
+
+##### `udev_log`
+
+Data type: `Optional[Variant[Integer,String]]`
+
+The value of /etc/udev/udev.conf udev_log
+
+##### `udev_children_max`
+
+Data type: `Optional[Integer]`
+
+The value of /etc/udev/udev.conf children_max
+
+##### `udev_exec_delay`
+
+Data type: `Optional[Integer]`
+
+The value of /etc/udev/udev.conf exec_delay
+
+##### `udev_event_timeout`
+
+Data type: `Optional[Integer]`
+
+The value of /etc/udev/udev.conf event_timeout
+
+##### `udev_resolve_names`
+
+Data type: `Optional[Enum['early', 'late', 'never']]`
+
+The value of /etc/udev/udev.conf resolve_names
+
+##### `udev_timeout_signal`
+
+Data type: `Optional[Variant[Integer,String]]`
+
+The value of /etc/udev/udev.conf timeout_signal
+
+##### `udev_rules`
+
+Data type: `Hash`
+
+Config Hash that is used to generate instances of our
+`udev::rule` define.
+
+Default value: `{}`
+
+##### `manage_logind`
Data type: `Boolean`
Manage the systemd logind
-##### `logind_settings`
+##### `logind_settings`
Data type: `Systemd::LogindSettings`
Config Hash that is used to configure settings in logind.conf
-##### `loginctl_users`
+##### `loginctl_users`
Data type: `Hash`
Config Hash that is used to generate instances of our type
`loginctl_user`.
Default value: `{}`
-##### `dropin_files`
+##### `dropin_files`
Data type: `Hash`
Configure dropin files via hiera with factory pattern
Default value: `{}`
-##### `manage_accounting`
+##### `manage_accounting`
Data type: `Boolean`
-##### `accounting`
+##### `accounting`
Data type: `Hash[String,String]`
-##### `purge_dropin_dirs`
+##### `purge_dropin_dirs`
Data type: `Boolean`
-### `systemd::tmpfiles`
+### `systemd::tmpfiles`
Update the systemd temp files
* **See also**
* systemd-tmpfiles(8)
#### Parameters
-The following parameters are available in the `systemd::tmpfiles` class.
+The following parameters are available in the `systemd::tmpfiles` class:
-##### `operations`
+* [`operations`](#operations)
+
+##### `operations`
Data type: `Array[Enum['create','clean','remove']]`
The operations to perform on the systemd tempfiles
* All operations may be combined but you'll probably only ever want to
use ``create``
Default value: `['create']`
## Defined types
-### `systemd::dropin_file`
+### `systemd::dropin_file`
Creates a drop-in file for a systemd unit
* **See also**
* systemd.unit(5)
#### Parameters
-The following parameters are available in the `systemd::dropin_file` defined type.
+The following parameters are available in the `systemd::dropin_file` defined type:
-##### `unit`
+* [`name`](#name)
+* [`path`](#path)
+* [`selinux_ignore_defaults`](#selinux_ignore_defaults)
+* [`content`](#content)
+* [`source`](#source)
+* [`target`](#target)
+* [`owner`](#owner)
+* [`group`](#group)
+* [`mode`](#mode)
+* [`show_diff`](#show_diff)
+* [`unit`](#unit)
+* [`filename`](#filename)
+* [`ensure`](#ensure)
-Data type: `Systemd::Unit`
+##### `name`
+Data type: `Pattern['^[^/]+\.conf$']`
+The target unit file to create
-##### `filename`
-
-Data type: `Systemd::Dropin`
-
-
-
-Default value: `$name`
-
-##### `ensure`
-
-Data type: `Enum['present', 'absent', 'file']`
-
-
-
-Default value: `'present'`
-
-##### `path`
+##### `path`
Data type: `Stdlib::Absolutepath`
-
+The main systemd configuration path
Default value: `'/etc/systemd/system'`
-##### `selinux_ignore_defaults`
+##### `selinux_ignore_defaults`
Data type: `Optional[Boolean]`
-
+If Puppet should ignore the default SELinux labels.
Default value: ``false``
-##### `content`
+##### `content`
Data type: `Optional[Variant[String,Sensitive[String]]]`
+The full content of the unit file
+* Mutually exclusive with ``$source``
Default value: ``undef``
-##### `source`
+##### `source`
Data type: `Optional[String]`
+The ``File`` resource compatible ``source``
+* Mutually exclusive with ``$content``
Default value: ``undef``
-##### `target`
+##### `target`
Data type: `Optional[Stdlib::Absolutepath]`
+If set, will force the file to be a symlink to the given target
+* Mutually exclusive with both ``$source`` and ``$content``
Default value: ``undef``
-##### `owner`
+##### `owner`
Data type: `String`
-
+The owner to set on the dropin file
Default value: `'root'`
-##### `group`
+##### `group`
Data type: `String`
-
+The group to set on the dropin file
Default value: `'root'`
-##### `mode`
+##### `mode`
Data type: `String`
-
+The mode to set on the dropin file
Default value: `'0444'`
-##### `show_diff`
+##### `show_diff`
Data type: `Boolean`
-
+Whether to show the diff when updating dropin file
Default value: ``true``
-### `systemd::network`
+##### `unit`
+
+Data type: `Systemd::Unit`
+
+
+
+##### `filename`
+
+Data type: `Systemd::Dropin`
+
+
+
+Default value: `$name`
+
+##### `ensure`
+
+Data type: `Enum['present', 'absent', 'file']`
+
+
+
+Default value: `'present'`
+
+### `systemd::network`
--- Define: systemd::network
Creates network config for systemd-networkd
#### Parameters
-The following parameters are available in the `systemd::network` defined type.
+The following parameters are available in the `systemd::network` defined type:
+
+* [`ensure`](#ensure)
+* [`path`](#path)
+* [`content`](#content)
+* [`source`](#source)
+* [`target`](#target)
+* [`owner`](#owner)
+* [`group`](#group)
+* [`mode`](#mode)
+* [`show_diff`](#show_diff)
+* [`restart_service`](#restart_service)
-##### `ensure`
+##### `ensure`
Data type: `Enum['file', 'absent']`
Default value: `file`
-##### `path`
+##### `path`
Data type: `Stdlib::Absolutepath`
Default value: `'/etc/systemd/network'`
-##### `content`
+##### `content`
Data type: `Optional[String]`
Default value: ``undef``
-##### `source`
+##### `source`
Data type: `Optional[String]`
Default value: ``undef``
-##### `target`
+##### `target`
Data type: `Optional[Stdlib::Absolutepath]`
Default value: ``undef``
-##### `owner`
+##### `owner`
Data type: `String`
Default value: `'root'`
-##### `group`
+##### `group`
Data type: `String`
Default value: `'root'`
-##### `mode`
+##### `mode`
Data type: `String`
Default value: `'0444'`
-##### `show_diff`
+##### `show_diff`
Data type: `Boolean`
Default value: ``true``
-##### `restart_service`
+##### `restart_service`
Data type: `Boolean`
Default value: ``true``
-### `systemd::service_limits`
+### `systemd::service_limits`
Adds a set of custom limits to the service
- * Mutually exclusive with ``$limits``
-
* **See also**
* systemd.exec(5)
#### Parameters
-The following parameters are available in the `systemd::service_limits` defined type.
+The following parameters are available in the `systemd::service_limits` defined type:
+
+* [`name`](#name)
+* [`ensure`](#ensure)
+* [`path`](#path)
+* [`selinux_ignore_defaults`](#selinux_ignore_defaults)
+* [`limits`](#limits)
+* [`source`](#source)
+* [`restart_service`](#restart_service)
+
+##### `name`
+
+Data type: `Pattern['^.+\.(service|socket|mount|swap)$']`
-##### `$ensure`
+The name of the service that you will be modifying
+
+##### `ensure`
+
+Data type: `Enum['present', 'absent', 'file']`
Whether to drop a file or remove it
-##### `path`
+Default value: `'present'`
+
+##### `path`
Data type: `Stdlib::Absolutepath`
The path to the main systemd settings directory
Default value: `'/etc/systemd/system'`
-##### `selinux_ignore_defaults`
+##### `selinux_ignore_defaults`
Data type: `Optional[Boolean]`
If Puppet should ignore the default SELinux labels.
Default value: ``false``
-##### `limits`
+##### `limits`
Data type: `Optional[Systemd::ServiceLimits]`
A Hash of service limits matching the settings in ``systemd.exec(5)``
* Mutually exclusive with ``$source``
Default value: ``undef``
-##### `source`
+##### `source`
Data type: `Optional[String]`
A ``File`` resource compatible ``source``
+* Mutually exclusive with ``$limits``
+
Default value: ``undef``
-##### `restart_service`
+##### `restart_service`
Data type: `Boolean`
Restart the managed service after setting the limits
Default value: ``true``
-##### `ensure`
-
-Data type: `Enum['present', 'absent', 'file']`
-
-
-
-Default value: `'present'`
-
-### `systemd::timer`
+### `systemd::timer`
Create a timer and optionally a service unit to execute with the timer unit
* **See also**
* https://www.freedesktop.org/software/systemd/man/systemd.timer.html
* systemd.timer(5)
#### Parameters
-The following parameters are available in the `systemd::timer` defined type.
-
-##### `name`
+The following parameters are available in the `systemd::timer` defined type:
+
+* [`name`](#name)
+* [`path`](#path)
+* [`timer_content`](#timer_content)
+* [`timer_source`](#timer_source)
+* [`service_content`](#service_content)
+* [`service_source`](#service_source)
+* [`owner`](#owner)
+* [`group`](#group)
+* [`mode`](#mode)
+* [`show_diff`](#show_diff)
+* [`service_unit`](#service_unit)
+* [`active`](#active)
+* [`enable`](#enable)
+* [`ensure`](#ensure)
+
+##### `name`
Data type: `Pattern['^.+\.timer$]`
The target of the timer unit to create
-##### `path`
+##### `path`
Data type: `Stdlib::Absolutepath`
The main systemd configuration path
Default value: `'/etc/systemd/system'`
-##### `timer_content`
+##### `timer_content`
Data type: `Optional[String[1]]`
The full content of the timer unit file
* Mutually exclusive with ``$timer_source``
Default value: ``undef``
-##### `timer_source`
+##### `timer_source`
Data type: `Optional[String[1]]`
The ``File`` resource compatible ``source``
* Mutually exclusive with ``$timer_content``
Default value: ``undef``
-##### `service_content`
+##### `service_content`
Data type: `Optional[String[1]]`
The full content of the service unit file
* Mutually exclusive with ``$service_source``
Default value: ``undef``
-##### `service_source`
+##### `service_source`
Data type: `Optional[String[1]]`
The ``File`` resource compatible ``source``
* Mutually exclusive with ``$service_content``
Default value: ``undef``
-##### `owner`
+##### `owner`
Data type: `String[1]`
The owner to set on the dropin file
Default value: `'root'`
-##### `group`
+##### `group`
Data type: `String[1]`
The group to set on the dropin file
Default value: `'root'`
-##### `mode`
+##### `mode`
Data type: `Stdlib::Filemode`
The mode to set on the dropin file
Default value: `'0444'`
-##### `show_diff`
+##### `show_diff`
Data type: `Boolean`
Whether to show the diff when updating dropin file
Default value: ``true``
-##### `service_unit`
+##### `service_unit`
Data type: `Optional[Systemd::Unit]`
If set then the service_unit will have this name.
If not set the service unit has the same name
as the timer unit with s/.timer/.service/
Default value: ``undef``
-##### `active`
+##### `active`
Data type: `Optional[Boolean]`
If set to true or false the timer service will be maintained.
If true the timer service will be running and enabled, if false it will
explictly stopped and disabled.
Default value: ``undef``
-##### `enable`
+##### `enable`
Data type: `Optional[Variant[Boolean, Enum['mask']]]`
If set, will manage the state of the unit.
Default value: ``undef``
-##### `ensure`
+##### `ensure`
Data type: `Enum['present', 'absent', 'file']`
Default value: `'present'`
-### `systemd::tmpfile`
+### `systemd::tmpfile`
Creates a systemd tmpfile
- * Mutually exclusive with ``$limits``
-
* **See also**
* systemd-tmpfiles(8)
#### Parameters
-The following parameters are available in the `systemd::tmpfile` defined type.
+The following parameters are available in the `systemd::tmpfile` defined type:
-##### `$ensure`
+* [`name`](#name)
+* [`ensure`](#ensure)
+* [`path`](#path)
+* [`content`](#content)
+* [`source`](#source)
+* [`filename`](#filename)
+
+##### `name`
+
+Data type: `Pattern['^[^/]+\.conf$']`
+
+(filename)
+The name of the tmpfile to create
+
+##### `ensure`
+
+Data type: `Enum['present', 'absent', 'file']`
Whether to drop a file or remove it
-##### `path`
+Default value: `'file'`
+
+##### `path`
Data type: `Stdlib::Absolutepath`
The path to the main systemd tmpfiles directory
Default value: `'/etc/tmpfiles.d'`
-##### `content`
+##### `content`
Data type: `Optional[String]`
The literal content to write to the file
* Mutually exclusive with ``$source``
Default value: ``undef``
-##### `source`
+##### `source`
Data type: `Optional[String]`
A ``File`` resource compatible ``source``
+* Mutually exclusive with ``$limits``
+
Default value: ``undef``
-##### `ensure`
+##### `filename`
+
+Data type: `Systemd::Dropin`
+
+
+
+Default value: `$name`
+
+### `systemd::udev::rule`
+
+Adds a custom udev rule
+
+* **See also**
+ * udev(7)
+
+#### Parameters
+
+The following parameters are available in the `systemd::udev::rule` defined type:
+
+* [`name`](#name)
+* [`ensure`](#ensure)
+* [`path`](#path)
+* [`selinux_ignore_defaults`](#selinux_ignore_defaults)
+* [`notify_services`](#notify_services)
+* [`rules`](#rules)
+
+##### `name`
+
+Data type: `Pattern['^.+\.rules$']`
+
+The name of the udev rules to create
+
+##### `ensure`
Data type: `Enum['present', 'absent', 'file']`
+Whether to drop a file or remove it
+Default value: `'present'`
-Default value: `'file'`
+##### `path`
-##### `filename`
+Data type: `Stdlib::Absolutepath`
-Data type: `Systemd::Dropin`
+The path to the main systemd settings directory
+Default value: `'/etc/udev/rules.d'`
+##### `selinux_ignore_defaults`
-Default value: `$name`
+Data type: `Optional[Boolean]`
+
+If Puppet should ignore the default SELinux labels.
+
+Default value: ``false``
+
+##### `notify_services`
+
+Data type: `Optional[Variant[Array, String]]`
-### `systemd::unit_file`
+List of services to notify when this rule is updated
+
+Default value: `[]`
+
+##### `rules`
+
+Data type: `Array`
+
+The literal udev rules you want to deploy
+
+### `systemd::unit_file`
Creates a systemd unit file
* **See also**
* systemd.unit(5)
#### Parameters
-The following parameters are available in the `systemd::unit_file` defined type.
+The following parameters are available in the `systemd::unit_file` defined type:
-##### `name`
+* [`name`](#name)
+* [`ensure`](#ensure)
+* [`path`](#path)
+* [`content`](#content)
+* [`source`](#source)
+* [`target`](#target)
+* [`owner`](#owner)
+* [`group`](#group)
+* [`mode`](#mode)
+* [`show_diff`](#show_diff)
+* [`enable`](#enable)
+* [`active`](#active)
+* [`restart`](#restart)
+
+##### `name`
Data type: `Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']`
The target unit file to create
-##### `ensure`
+##### `ensure`
Data type: `Enum['present', 'absent', 'file']`
The state of the unit file to ensure
Default value: `'present'`
-##### `path`
+##### `path`
Data type: `Stdlib::Absolutepath`
The main systemd configuration path
Default value: `'/etc/systemd/system'`
-##### `content`
+##### `content`
Data type: `Optional[String]`
The full content of the unit file
* Mutually exclusive with ``$source``
Default value: ``undef``
-##### `source`
+##### `source`
Data type: `Optional[String]`
The ``File`` resource compatible ``source``
* Mutually exclusive with ``$content``
Default value: ``undef``
-##### `target`
+##### `target`
Data type: `Optional[Stdlib::Absolutepath]`
If set, will force the file to be a symlink to the given target
* Mutually exclusive with both ``$source`` and ``$content``
Default value: ``undef``
-##### `owner`
+##### `owner`
Data type: `String`
The owner to set on the unit file
Default value: `'root'`
-##### `group`
+##### `group`
Data type: `String`
The group to set on the unit file
Default value: `'root'`
-##### `mode`
+##### `mode`
Data type: `String`
The mode to set on the unit file
Default value: `'0444'`
-##### `show_diff`
+##### `show_diff`
Data type: `Boolean`
Whether to show the diff when updating unit file
Default value: ``true``
-##### `enable`
+##### `enable`
Data type: `Optional[Variant[Boolean, Enum['mask']]]`
If set, will manage the unit enablement status.
Default value: ``undef``
-##### `active`
+##### `active`
Data type: `Optional[Boolean]`
If set, will manage the state of the unit.
Default value: ``undef``
+##### `restart`
+
+Data type: `Optional[String]`
+
+Specify a restart command manually. If left unspecified, a standard Puppet service restart happens.
+
+Default value: ``undef``
+
## Resource types
-### `loginctl_user`
+### `loginctl_user`
An arbitrary name used as the identity of the resource.
#### Properties
The following properties are available in the `loginctl_user` type.
##### `linger`
Valid values: `enabled`, `disabled`
Whether linger is enabled for the user.
Default value: `disabled`
#### Parameters
The following parameters are available in the `loginctl_user` type.
-##### `name`
+* [`name`](#name)
+* [`provider`](#provider)
+
+##### `name`
namevar
An arbitrary name used as the identity of the resource.
-##### `provider`
+##### `provider`
The specific backend to use for this `loginctl_user` resource. You will seldom need to specify this --- Puppet will
usually discover the appropriate provider for your platform.
## Data types
-### `Systemd::Dropin`
+### `Systemd::Dropin`
The Systemd::Dropin data type.
-Alias of `Pattern['^[^/]+\.conf$']`
+Alias of
-### `Systemd::JournaldSettings`
+```puppet
+Pattern['^[^/]+\.conf$']
+```
+
+### `Systemd::JournaldSettings`
Matches Systemd journald config Struct
-Alias of `Struct[{
+Alias of
+
+```puppet
+Struct[{
Optional['Storage'] => Variant[Enum['volatile','persistent','auto','none'],Systemd::JournaldSettings::Ensure],
Optional['Compress'] => Variant[Enum['yes','no'], Pattern[/^[0-9]+(K|M|G)?$/],Systemd::JournaldSettings::Ensure],
Optional['Seal'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['SplitMode'] => Variant[Enum['uid','none'],Systemd::JournaldSettings::Ensure],
Optional['RateLimitInterval'] => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/],Systemd::JournaldSettings::Ensure],
Optional['RateLimitIntervalSec'] => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/],Systemd::JournaldSettings::Ensure],
Optional['RateLimitBurst'] => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
Optional['SystemMaxUse'] => Variant[Pattern[/^[0-9]+(K|M|G|T|P|E)?$/],Systemd::JournaldSettings::Ensure],
Optional['SystemKeepFree'] => Variant[Pattern[/^[0-9]+(K|M|G|T|P|E)?$/],Systemd::JournaldSettings::Ensure],
Optional['SystemMaxFileSize'] => Variant[Pattern[/^[0-9]+(K|M|G|T|P|E)?$/],Systemd::JournaldSettings::Ensure],
Optional['SystemMaxFiles'] => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
Optional['RuntimeMaxUse'] => Variant[Pattern[/^[0-9]+(K|M|G|T|P|E)?$/],Systemd::JournaldSettings::Ensure],
Optional['RuntimeKeepFree'] => Variant[Pattern[/^[0-9]+(K|M|G|T|P|E)?$/],Systemd::JournaldSettings::Ensure],
Optional['RuntimeMaxFileSize'] => Variant[Pattern[/^[0-9]+(K|M|G|T|P|E)?$/],Systemd::JournaldSettings::Ensure],
Optional['RuntimeMaxFiles'] => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
Optional['MaxFileSec'] => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
Optional['MaxRetentionSec'] => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
Optional['SyncIntervalSec'] => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
Optional['ForwardToSyslog'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['ForwardToKMsg'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['ForwardToConsole'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['ForwardToWall'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelStore'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelSyslog'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelKMsg'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelConsole'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelWall'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['ReadKMsg'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['TTYPath'] => Variant[Stdlib::Absolutepath,Systemd::JournaldSettings::Ensure],
Optional['LineMax'] => Variant[Pattern[/^[0-9]+(K|M|G|T)?$/],Systemd::JournaldSettings::Ensure],
- }]`
+ }]
+```
-### `Systemd::JournaldSettings::Ensure`
+### `Systemd::JournaldSettings::Ensure`
The Systemd::JournaldSettings::Ensure data type.
-Alias of `Struct[{ 'ensure' => Enum['present','absent'] }]`
+Alias of
-### `Systemd::LogindSettings`
+```puppet
+Struct[{ 'ensure' => Enum['present','absent'] }]
+```
+
+### `Systemd::LogindSettings`
Matches Systemd Login Manager Struct
-Alias of `Struct[{
+Alias of
+
+```puppet
+Struct[{
Optional['HandleHibernateKey'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleLidSwitch'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleLidSwitchDocked'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleLidSwitchExternalPower'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandlePowerKey'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleSuspendKey'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HibernateKeyIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['HoldoffTimeoutSec'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['IdleAction'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['IdleActionSec'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['InhibitDelayMaxSec'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['InhibitorsMax'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['KillExcludeUsers'] => Variant[Array[String],Systemd::LogindSettings::Ensure],
Optional['KillOnlyUsers'] => Variant[Array[String],Systemd::LogindSettings::Ensure],
Optional['KillUserProcesses'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['LidSwitchIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['NAutoVTs'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['PowerKeyIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['RemoveIPC'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['ReserveVT'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['RuntimeDirectorySize'] => Variant[Integer,Pattern['^(\d+(K|M|G|T|P|E|%)?)$'],Systemd::LogindSettings::Ensure],
Optional['SessionsMax'] => Variant[Integer,Pattern['^(infinity|(\d+(K|M|G|T|P|E|%)?))$'],Systemd::LogindSettings::Ensure],
Optional['SuspendKeyIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['UserTasksMax'] => Variant[Integer,Pattern['^(infinity|(\d+(K|M|G|T|P|E|%)?))$'],Systemd::LogindSettings::Ensure]
- }]`
+ }]
+```
-### `Systemd::LogindSettings::Ensure`
+### `Systemd::LogindSettings::Ensure`
The Systemd::LogindSettings::Ensure data type.
-Alias of `Struct[{ 'ensure' => Enum['present','absent'] }]`
+Alias of
+
+```puppet
+Struct[{ 'ensure' => Enum['present','absent'] }]
+```
-### `Systemd::ServiceLimits`
+### `Systemd::ServiceLimits`
Matches Systemd Service Limit Struct
-Alias of `Struct[{
+Alias of
+
+```puppet
+Struct[{
Optional['LimitCPU'] => Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'],
Optional['LimitFSIZE'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitDATA'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitSTACK'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitCORE'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitRSS'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitNOFILE'] => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
Optional['LimitAS'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
- Optional['LimitNPROC'] => Integer[1],
+ Optional['LimitNPROC'] => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
Optional['LimitMEMLOCK'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitLOCKS'] => Integer[1],
Optional['LimitSIGPENDING'] => Integer[1],
Optional['LimitMSGQUEUE'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)(:\d+(K|M|G|T|P|E))?)))$'],
Optional['LimitNICE'] => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$']],
Optional['LimitRTPRIO'] => Integer[0],
Optional['LimitRTTIME'] => Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'],
Optional['CPUAccounting'] => Boolean,
Optional['CPUShares'] => Integer[2,262144],
Optional['StartupCPUShares'] => Integer[2,262144],
Optional['CPUQuota'] => Pattern['^([1-9][0-9]*)%$'],
Optional['MemoryAccounting'] => Boolean,
Optional['MemoryLow'] => Pattern['^(\d+(K|M|G|T)?)$'],
Optional['MemoryHigh'] => Pattern['^(\d+(K|M|G|T)?)$'],
Optional['MemoryMax'] => Pattern['^(\d+(K|M|G|T)?)$'],
Optional['MemoryLimit'] => Pattern['^(\d+(K|M|G|T)?)$'],
Optional['TasksAccounting'] => Boolean,
Optional['TasksMax'] => Variant[Integer[1],Pattern['^(infinity|([1-9][0-9]?$|^100)%)$']],
Optional['IOAccounting'] => Boolean,
Optional['IOWeight'] => Integer[1,10000],
Optional['StartupIOWeight'] => Integer[1,10000],
Optional['IODeviceWeight'] => Array[Hash[Stdlib::Absolutepath, Integer[1,10000], 1, 1]],
Optional['IOReadBandwidthMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['IOWriteBandwidthMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['IOReadIOPSMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['IOWriteIOPSMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['DeviceAllow'] => String[1],
Optional['DevicePolicy'] => Enum['auto','closed','strict'],
Optional['Slice'] => String[1],
Optional['Delegate'] => Boolean,
Optional['OOMScoreAdjust'] => Integer[-1000,1000]
- }]`
+ }]
+```
-### `Systemd::Unit`
+### `Systemd::Unit`
The Systemd::Unit data type.
-Alias of `Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']`
+Alias of
+
+```puppet
+Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']
+```
diff --git a/manifests/dropin_file.pp b/manifests/dropin_file.pp
index f91cebe..7390963 100644
--- a/manifests/dropin_file.pp
+++ b/manifests/dropin_file.pp
@@ -1,90 +1,90 @@
# Creates a drop-in file for a systemd unit
#
# @api public
#
# @see systemd.unit(5)
#
-# @attr name [Pattern['^[^/]+\.conf$']]
+# @param name [Pattern['^[^/]+\.conf$']]
# The target unit file to create
#
-# @attr path
+# @param path
# The main systemd configuration path
#
-# @attr selinux_ignore_defaults
+# @param selinux_ignore_defaults
# If Puppet should ignore the default SELinux labels.
#
-# @attr content
+# @param content
# The full content of the unit file
#
# * Mutually exclusive with ``$source``
#
-# @attr source
+# @param source
# The ``File`` resource compatible ``source``
#
# * Mutually exclusive with ``$content``
#
-# @attr target
+# @param target
# If set, will force the file to be a symlink to the given target
#
# * Mutually exclusive with both ``$source`` and ``$content``
#
-# @attr owner
+# @param owner
# The owner to set on the dropin file
#
-# @attr group
+# @param group
# The group to set on the dropin file
#
-# @attr mode
+# @param mode
# The mode to set on the dropin file
#
-# @attr show_diff
+# @param show_diff
# Whether to show the diff when updating dropin file
#
define systemd::dropin_file (
Systemd::Unit $unit,
Systemd::Dropin $filename = $name,
Enum['present', 'absent', 'file'] $ensure = 'present',
Stdlib::Absolutepath $path = '/etc/systemd/system',
Optional[Boolean] $selinux_ignore_defaults = false,
Optional[Variant[String,Sensitive[String]]] $content = undef,
Optional[String] $source = undef,
Optional[Stdlib::Absolutepath] $target = undef,
String $owner = 'root',
String $group = 'root',
String $mode = '0444',
Boolean $show_diff = true,
) {
include systemd
if $target {
$_ensure = 'link'
} else {
$_ensure = $ensure ? {
'present' => 'file',
default => $ensure,
}
}
if $ensure != 'absent' {
ensure_resource('file', "${path}/${unit}.d", {
ensure => directory,
owner => 'root',
group => 'root',
recurse => $systemd::purge_dropin_dirs,
purge => $systemd::purge_dropin_dirs,
selinux_ignore_defaults => $selinux_ignore_defaults,
})
}
file { "${path}/${unit}.d/${filename}":
ensure => $_ensure,
content => $content,
source => $source,
target => $target,
owner => $owner,
group => $group,
mode => $mode,
selinux_ignore_defaults => $selinux_ignore_defaults,
show_diff => $show_diff,
}
}
diff --git a/manifests/journald.pp b/manifests/journald.pp
index 8e88c53..233f50f 100644
--- a/manifests/journald.pp
+++ b/manifests/journald.pp
@@ -1,30 +1,28 @@
# @api private
-#
-# This class manages and configures journald.
-#
-# https://www.freedesktop.org/software/systemd/man/journald.conf.html
+# @summary This class manages and configures journald.
+# @see https://www.freedesktop.org/software/systemd/man/journald.conf.html
class systemd::journald {
assert_private()
service { 'systemd-journald':
ensure => running,
}
$systemd::journald_settings.each |$option, $value| {
ini_setting {
$option:
path => '/etc/systemd/journald.conf',
section => 'Journal',
setting => $option,
notify => Service['systemd-journald'],
}
if $value =~ Hash {
Ini_setting[$option] {
* => $value,
}
} else {
Ini_setting[$option] {
value => $value,
}
}
}
}
diff --git a/manifests/logind.pp b/manifests/logind.pp
index b35f4a0..5130c8c 100644
--- a/manifests/logind.pp
+++ b/manifests/logind.pp
@@ -1,40 +1,38 @@
# @api private
-#
-# This class manages systemd's login manager configuration.
-#
-# https://www.freedesktop.org/software/systemd/man/logind.conf.html
+# @summary This class manages systemd's login manager configuration.
+# @see https://www.freedesktop.org/software/systemd/man/logind.conf.html
class systemd::logind {
assert_private()
service { 'systemd-logind':
ensure => running,
}
$systemd::logind_settings.each |$option, $value| {
ini_setting {
$option:
path => '/etc/systemd/logind.conf',
section => 'Login',
setting => $option,
notify => Service['systemd-logind'],
}
if $value =~ Hash {
Ini_setting[$option] {
* => $value,
}
} elsif $value =~ Array {
Ini_setting[$option] {
value => join($value, ' '),
}
} else {
Ini_setting[$option] {
value => $value,
}
}
}
$systemd::loginctl_users.each |$loginctl_name, $loginctl_settings| {
loginctl_user { $loginctl_name:
* => $loginctl_settings,
}
}
}
diff --git a/manifests/network.pp b/manifests/network.pp
index e336ab2..dc5ba06 100644
--- a/manifests/network.pp
+++ b/manifests/network.pp
@@ -1,34 +1,33 @@
-# -- Define: systemd::network
-# Creates network config for systemd-networkd
+# @summary Creates network config for systemd-networkd
define systemd::network (
Enum['file', 'absent'] $ensure = file,
Stdlib::Absolutepath $path = '/etc/systemd/network',
Optional[String] $content = undef,
Optional[String] $source = undef,
Optional[Stdlib::Absolutepath] $target = undef,
String $owner = 'root',
String $group = 'root',
String $mode = '0444',
Boolean $show_diff = true,
Boolean $restart_service = true,
) {
include systemd
if $restart_service and $systemd::manage_networkd {
$notify = Service['systemd-networkd']
} else {
$notify = undef
}
file { "${path}/${name}":
ensure => $ensure,
content => $content,
source => $source,
target => $target,
owner => $owner,
group => $group,
mode => $mode,
show_diff => $show_diff,
notify => $notify,
}
}
diff --git a/manifests/resolved.pp b/manifests/resolved.pp
index a3a992f..3b6e3ee 100644
--- a/manifests/resolved.pp
+++ b/manifests/resolved.pp
@@ -1,232 +1,232 @@
# @api private
#
-# This class provides an abstract way to trigger resolved.
-# Each parameters correspond to resolved.conf(5):
-# https://www.freedesktop.org/software/systemd/man/resolved.conf.html
+# @summary This class provides an abstract way to trigger resolved.
+# Each parameters correspond to resolved.conf(5)
+# @see https://www.freedesktop.org/software/systemd/man/resolved.conf.html
#
# @param ensure
# The state that the ``resolved`` service should be in
#
# @param dns
# A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers.
# DNS requests are sent to one of the listed DNS servers in parallel to suitable
# per-link DNS servers acquired from systemd-networkd.service(8) or set at runtime
# by external applications. requires puppetlabs-inifile
#
# @param fallback_dns
# A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS
# servers. Any per-link DNS servers obtained from systemd-networkd take
# precedence over this setting. requires puppetlabs-inifile
#
# @param domains
# A space-separated list of domains host names or IP addresses to be used
# systemd-resolved take precedence over this setting.
#
# @param llmnr
# Takes a boolean argument or "resolve".
#
# @param multicast_dns
# Takes a boolean argument or "resolve".
#
# @param dnssec
# Takes a boolean argument or "allow-downgrade".
#
# @param dnsovertls
# Takes a boolean argument or "opportunistic" or "no"
#
# @param cache
# Takes a boolean argument or "no-negative".
#
# @param dns_stub_listener
# Takes a boolean argument or one of "udp" and "tcp".
#
# @param use_stub_resolver
# Takes a boolean argument. When "false" (default) it uses /run/systemd/resolve/resolv.conf
# as /etc/resolv.conf. When "true", it uses /run/systemd/resolve/stub-resolv.conf
#
class systemd::resolved (
Enum['stopped','running'] $ensure = $systemd::resolved_ensure,
Optional[Variant[Array[String],String]] $dns = $systemd::dns,
Optional[Variant[Array[String],String]] $fallback_dns = $systemd::fallback_dns,
Optional[Variant[Array[String],String]] $domains = $systemd::domains,
Optional[Variant[Boolean,Enum['resolve']]] $llmnr = $systemd::llmnr,
Optional[Variant[Boolean,Enum['resolve']]] $multicast_dns = $systemd::multicast_dns,
Optional[Variant[Boolean,Enum['allow-downgrade']]] $dnssec = $systemd::dnssec,
Optional[Variant[Boolean,Enum['opportunistic', 'no']]] $dnsovertls = $systemd::dnsovertls,
Optional[Variant[Boolean,Enum['no-negative']]] $cache = $systemd::cache,
Optional[Variant[Boolean,Enum['udp', 'tcp']]] $dns_stub_listener = $systemd::dns_stub_listener,
Boolean $use_stub_resolver = $systemd::use_stub_resolver,
) {
assert_private()
$_enable_resolved = $ensure ? {
'stopped' => false,
'running' => true,
default => $ensure,
}
service { 'systemd-resolved':
ensure => $ensure,
enable => $_enable_resolved,
}
$_resolv_conf_target = $use_stub_resolver ? {
true => '/run/systemd/resolve/stub-resolv.conf',
default => '/run/systemd/resolve/resolv.conf',
}
file { '/etc/resolv.conf':
ensure => 'symlink',
target => $_resolv_conf_target,
require => Service['systemd-resolved'],
}
if $dns {
if $dns =~ String {
$_dns = $dns
} else {
$_dns = join($dns, ' ')
}
ini_setting { 'dns':
ensure => 'present',
value => $_dns,
setting => 'DNS',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
if $fallback_dns {
if $fallback_dns =~ String {
$_fallback_dns = $fallback_dns
} else {
$_fallback_dns = join($fallback_dns, ' ')
}
ini_setting { 'fallback_dns':
ensure => 'present',
value => $_fallback_dns,
setting => 'FallbackDNS',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
if $domains {
if $domains =~ String {
$_domains = $domains
} else {
$_domains = join($domains, ' ')
}
ini_setting { 'domains':
ensure => 'present',
value => $_domains,
setting => 'Domains',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
$_llmnr = $llmnr ? {
true => 'yes',
false => 'no',
default => $llmnr,
}
if $_llmnr {
ini_setting { 'llmnr':
ensure => 'present',
value => $_llmnr,
setting => 'LLMNR',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
$_multicast_dns = $multicast_dns ? {
true => 'yes',
false => 'no',
default => $multicast_dns,
}
if $_multicast_dns {
ini_setting { 'multicast_dns':
ensure => 'present',
value => $_multicast_dns,
setting => 'MulticastDNS',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
$_dnssec = $dnssec ? {
true => 'yes',
false => 'no',
default => $dnssec,
}
if $_dnssec {
ini_setting { 'dnssec':
ensure => 'present',
value => $_dnssec,
setting => 'DNSSEC',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
$_dnsovertls = $dnsovertls ? {
true => 'opportunistic',
false => false,
default => $dnsovertls,
}
if $_dnsovertls {
ini_setting { 'dnsovertls':
ensure => 'present',
value => $_dnsovertls,
setting => 'DNSOverTLS',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
$_cache = $cache ? {
true => 'yes',
false => 'no',
default => $cache,
}
if $cache {
ini_setting { 'cache':
ensure => 'present',
value => $_cache,
setting => 'Cache',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
$_dns_stub_listener = $dns_stub_listener ? {
true => 'yes',
false => 'no',
default => $dns_stub_listener,
}
if $_dns_stub_listener {
ini_setting { 'dns_stub_listener':
ensure => 'present',
value => $_dns_stub_listener,
setting => 'DNSStubListener',
section => 'Resolve',
path => '/etc/systemd/resolved.conf',
notify => Service['systemd-resolved'],
}
}
}
diff --git a/manifests/service_limits.pp b/manifests/service_limits.pp
index 53a6db7..d004802 100644
--- a/manifests/service_limits.pp
+++ b/manifests/service_limits.pp
@@ -1,80 +1,80 @@
# Adds a set of custom limits to the service
#
# @api public
#
# @see systemd.exec(5)
#
-# @attr name [Pattern['^.+\.(service|socket|mount|swap)$']]
+# @param name [Pattern['^.+\.(service|socket|mount|swap)$']]
# The name of the service that you will be modifying
#
-# @param $ensure
+# @param ensure
# Whether to drop a file or remove it
#
# @param path
# The path to the main systemd settings directory
#
# @param selinux_ignore_defaults
# If Puppet should ignore the default SELinux labels.
#
# @param limits
# A Hash of service limits matching the settings in ``systemd.exec(5)``
#
# * Mutually exclusive with ``$source``
#
# @param source
# A ``File`` resource compatible ``source``
#
-# * Mutually exclusive with ``$limits``
+# * Mutually exclusive with ``$limits``
#
# @param restart_service
# Restart the managed service after setting the limits
#
define systemd::service_limits (
Enum['present', 'absent', 'file'] $ensure = 'present',
Stdlib::Absolutepath $path = '/etc/systemd/system',
Optional[Boolean] $selinux_ignore_defaults = false,
Optional[Systemd::ServiceLimits] $limits = undef,
Optional[String] $source = undef,
Boolean $restart_service = true
) {
include systemd
if $name !~ Pattern['^.+\.(service|socket|mount|swap)$'] {
fail('$name must match Pattern["^.+\.(service|socket|mount|swap)$"]')
}
if $limits and !empty($limits) {
$_content = template("${module_name}/limits.erb")
}
else {
$_content = undef
}
if $ensure != 'absent' {
if ($limits and !empty($limits)) and $source {
fail('You may not supply both limits and source parameters to systemd::service_limits')
}
elsif ($limits == undef or empty($limits)) and ($source == undef) {
fail('You must supply either the limits or source parameter to systemd::service_limits')
}
}
systemd::dropin_file { "${name}-90-limits.conf":
ensure => $ensure,
unit => $name,
filename => '90-limits.conf',
path => $path,
selinux_ignore_defaults => $selinux_ignore_defaults,
content => $_content,
source => $source,
}
if $restart_service {
exec { "restart ${name} because limits":
command => "systemctl restart ${name}",
path => $::path,
refreshonly => true,
subscribe => File["${path}/${name}.d/90-limits.conf"],
}
}
}
diff --git a/manifests/timesyncd.pp b/manifests/timesyncd.pp
index 22d9481..6a83605 100644
--- a/manifests/timesyncd.pp
+++ b/manifests/timesyncd.pp
@@ -1,65 +1,65 @@
# @api private
#
# This class provides an abstract way to trigger systemd-timesyncd
#
# @param ensure
# The state that the ``networkd`` service should be in
#
-# @param $ntp_server
+# @param ntp_server
# A space-separated list of NTP servers, will be combined with interface specific
# addresses from systemd-networkd. requires puppetlabs-inifile
#
# @param fallback_ntp_server
# A space-separated list of NTP server host names or IP addresses to be used
# as the fallback NTP servers. Any per-interface NTP servers obtained from
# systemd-networkd take precedence over this setting. requires puppetlabs-inifile
class systemd::timesyncd (
Enum['stopped','running'] $ensure = $systemd::timesyncd_ensure,
Optional[Variant[Array,String]] $ntp_server = $systemd::ntp_server,
Optional[Variant[Array,String]] $fallback_ntp_server = $systemd::fallback_ntp_server,
) {
assert_private()
$_enable_timesyncd = $ensure ? {
'stopped' => false,
'running' => true,
default => $ensure,
}
service { 'systemd-timesyncd':
ensure => $ensure,
enable => $_enable_timesyncd,
}
if $ntp_server {
if $ntp_server =~ String {
$_ntp_server = $ntp_server
} else {
$_ntp_server = join($ntp_server, ' ')
}
ini_setting { 'ntp_server':
ensure => 'present',
value => $_ntp_server,
setting => 'NTP',
section => 'Time',
path => '/etc/systemd/timesyncd.conf',
notify => Service['systemd-timesyncd'],
}
}
if $fallback_ntp_server {
if $fallback_ntp_server =~ String {
$_fallback_ntp_server = $fallback_ntp_server
} else {
$_fallback_ntp_server = join($fallback_ntp_server, ' ')
}
ini_setting { 'fallback_ntp_server':
ensure => 'present',
value => $_fallback_ntp_server,
setting => 'FallbackNTP',
section => 'Time',
path => '/etc/systemd/timesyncd.conf',
notify => Service['systemd-timesyncd'],
}
}
}
diff --git a/manifests/tmpfile.pp b/manifests/tmpfile.pp
index 90a7d14..9f9b136 100644
--- a/manifests/tmpfile.pp
+++ b/manifests/tmpfile.pp
@@ -1,49 +1,49 @@
# Creates a systemd tmpfile
#
# @api public
#
# @see systemd-tmpfiles(8)
#
-# @attr name [Pattern['^[^/]+\.conf$']] (filename)
+# @param name [Pattern['^[^/]+\.conf$']] (filename)
# The name of the tmpfile to create
#
-# @param $ensure
+# @param ensure
# Whether to drop a file or remove it
#
# @param path
# The path to the main systemd tmpfiles directory
#
# @param content
# The literal content to write to the file
#
# * Mutually exclusive with ``$source``
#
# @param source
# A ``File`` resource compatible ``source``
#
-# * Mutually exclusive with ``$limits``
+# * Mutually exclusive with ``$limits``
#
define systemd::tmpfile (
Enum['present', 'absent', 'file'] $ensure = 'file',
Systemd::Dropin $filename = $name,
Stdlib::Absolutepath $path = '/etc/tmpfiles.d',
Optional[String] $content = undef,
Optional[String] $source = undef,
) {
include systemd::tmpfiles
$_tmp_file_ensure = $ensure ? {
'present' => 'file',
default => $ensure,
}
file { "${path}/${filename}":
ensure => $_tmp_file_ensure,
content => $content,
source => $source,
owner => 'root',
group => 'root',
mode => '0444',
notify => Class['systemd::tmpfiles'],
}
}
diff --git a/manifests/udev/rule.pp b/manifests/udev/rule.pp
index adf027d..d318031 100644
--- a/manifests/udev/rule.pp
+++ b/manifests/udev/rule.pp
@@ -1,48 +1,48 @@
# Adds a custom udev rule
#
# @api public
#
# @see udev(7)
#
-# @attr name [Pattern['^.+\.rules$']]
+# @param name [Pattern['^.+\.rules$']]
# The name of the udev rules to create
#
-# @param $ensure
+# @param ensure
# Whether to drop a file or remove it
#
# @param path
# The path to the main systemd settings directory
#
# @param selinux_ignore_defaults
# If Puppet should ignore the default SELinux labels.
#
# @param notify_services
# List of services to notify when this rule is updated
#
# @param rules
# The literal udev rules you want to deploy
#
define systemd::udev::rule (
Array $rules,
Enum['present', 'absent', 'file'] $ensure = 'present',
Stdlib::Absolutepath $path = '/etc/udev/rules.d',
Optional[Variant[Array, String]] $notify_services = [],
Optional[Boolean] $selinux_ignore_defaults = false,
) {
include systemd
$filename = assert_type(Pattern['^.+\.rules$'], $name) |$expected, $actual| {
fail("The \$name should match \'${expected}\', you passed \'${actual}\'")
}
file { $filename:
ensure => $ensure,
owner => 'root',
group => 'root',
mode => '0444',
path => join([$path, $name], '/'),
notify => $notify_services,
selinux_ignore_defaults => $selinux_ignore_defaults,
content => epp("${module_name}/udev_rule.epp", {'rules' => $rules}),
}
}
diff --git a/manifests/udevd.pp b/manifests/udevd.pp
index 2fc9fd5..babbd54 100644
--- a/manifests/udevd.pp
+++ b/manifests/udevd.pp
@@ -1,35 +1,33 @@
# @api private
-#
-# This class manages systemd's udev config
-#
-# https://www.freedesktop.org/software/systemd/man/udev.conf.html
+# @summary This class manages systemd's udev config
+# @see https://www.freedesktop.org/software/systemd/man/udev.conf.html
class systemd::udevd {
assert_private()
service { 'systemd-udevd':
ensure => running,
enable => true,
}
file { '/etc/udev/udev.conf':
ensure => 'file',
owner => 'root',
group => 'root',
mode => '0444',
content => epp("${module_name}/udev_conf.epp", {
'udev_log' => $systemd::udev_log,
'udev_children_max' => $systemd::udev_children_max,
'udev_exec_delay' => $systemd::udev_exec_delay,
'udev_event_timeout' => $systemd::udev_event_timeout,
'udev_resolve_names' => $systemd::udev_resolve_names,
'udev_timeout_signal' => $systemd::udev_timeout_signal,
}),
notify => Service['systemd-udevd'],
}
$systemd::udev_rules.each |$udev_rule_name, $udev_rule| {
systemd::udev::rule { $udev_rule_name:
* => $udev_rule,
}
}
}