On Tuesday, November 20, 2012 3:51:07 PM UTC-5, Dusty Doris wrote:
>
> Lets say I wanted to make a declared type for adding custom firewall rules
> on a per-node basis.
>
>
> define myfirewall::accept($proto, $port, $sources=[]) {
> include defaultfirewall
>
> $sources.each do |source|
>
> firewall { "100 allow $proto $port for $source":
> proto => $proto,
> dport => $dport,
> source => $source,
> action => 'accept',
> }
>
> end
> }
>
> I could use it something like this:
>
> node "mynode" {
> myfirewall:: accept { "http":
> proto => 'tcp',
> port => '80',
> sources => ['1.1.1.1','2.2.2.2']
> }
> }
>
>
> Is there any way to do something like this with puppet? I'm new to this
> and quite confused.
>
>
>
aha. I found I can do it using the $name parameter.
Is there anything inherently wrong with this type of usage?
define myfirewall::accept($proto, $port) {
firewall { "100 $name $proto $port":
proto => $proto,
dport => $port,
source => $name,
action => 'accept'
}
}
node 'mynode' {
include firewall
myfirewall::accept { ['node1', 'node2'] :
proto => 'tcp',
port => '80'
}
}
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/9QSWO9NQWg4J.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
