Augeas & Arrays
855 views
Skip to first unread message
steve foster
May 28, 2012, 11:47:52 AM5/28/12
to puppet...@googlegroups.com
Hi Folks,
I'm trying to figure our why if I pass an array to a augeas resource type it ends up being concatenated eg for the following example I would expect 2 firewall rules, but instead I get one rule with the dport = 17001701
class {'test':
port => ['1700', '1701'],
}
class test ($port) {
augeas{"$port":
context => "/files/etc/sysconfig/iptables/table",
changes => ['ins append before append[.="INPUT"][last()]',
'defnode INPUT append[.=""] INPUT',
'set $INPUT INPUT',
'set $INPUT/match[1] state',
'set $INPUT/state NEW',
'set $INPUT/match[2] tcp',
'set $INPUT/protocol tcp',
"set \$INPUT/dport $port",
'set $INPUT/jump ACCEPT'],
onlyif => "match append[*]/dport[.=\"$port\"] size == 0",
}
}
Anyone got any suggestions?
Cheers
Steve
Paul Tötterman
May 28, 2012, 2:44:34 PM5/28/12
to puppet...@googlegroups.com
augeas{"$port":
There's a difference between $var and "$var". With quotes the array is forced to a string.
Cheers,
Paul
Raphink
May 28, 2012, 4:13:54 PM5/28/12
to puppet...@googlegroups.com
Adding to Paul's answer, if you want to set more than one port here, you'll probably want to make a define for a port and loop on resources.
The define can then use augeas to set the port.
The define can then use augeas to set the port.
steve foster
May 29, 2012, 3:21:58 AM5/29/12
to puppet...@googlegroups.com
Thanks for the suggestions... so now we have:
class {'test':
tport => ['1700', '1701'],
}
class test ($tport) {
fwport{"spoo": fport => $tport, }
}
define fwport ($fport) {
augeas{$fport:
context => "/files/etc/sysconfig/iptables/table",
changes => ['ins append before append[.="INPUT"][last()]',
'defnode INPUT append[.=""] INPUT',
'set $INPUT INPUT',
'set $INPUT/match[1] state',
'set $INPUT/state NEW',
'set $INPUT/match[2] tcp',
'set $INPUT/protocol tcp',
"set \$INPUT/dport $title",
'set $INPUT/jump ACCEPT'],
onlyif => "match append[*]/dport[.=\"$title\"] size == 0",
}
}
but now in the augeas resource $title is evaluated to "spoo", i would have though that it would have been the name or title passed to augeas??? very confused.
Additionally if I use $fport in the changes or matches section of augeas I still get a concatenation of the array... even more confused!
TIA
Steve
Denmat
May 29, 2012, 6:43:21 AM5/29/12
to puppet...@googlegroups.com
Hi Steve,
I believe he meant that you pass your array directly to the defined type:
class test ($tport) {fwport{ $fport: }}
define fwport {$fport = $name
augeas{$fport:context => "/files/etc/sysconfig/iptables/table",
Regards,
Den
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zbR2TYVe8hcJ.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
steve foster
May 29, 2012, 8:48:47 AM5/29/12
to puppet...@googlegroups.com
Cheers for the clarification Den... Works a charm now :-)
On Tuesday, May 29, 2012 11:43:21 AM UTC+1, denmat wrote:
S
On Tuesday, May 29, 2012 11:43:21 AM UTC+1, denmat wrote:
Hi Steve,I believe he meant that you pass your array directly to the defined type:class test ($tport) {fwport{ $fport: }}define fwport {$fport = $nameaugeas{$fport:context => "/files/etc/sysconfig/iptables/table",I hope that gives you the idea.Regards,Den
Reply all
Reply to author
Forward
0 new messages