String substituion in puppet template

1,562 views
Skip to first unread message

Björn

unread,
May 20, 2015, 9:26:40 AM5/20/15
to puppet...@googlegroups.com
Hello,

I try to customize my http vhost template and defined and array of ip addresses in the manifests:

class apache::webservice(
  $htdocs = $apache::param::htdocs,
  $apacheuser = $apache::param::apacheuser,
  $apachegroup = $apache::param::apachegroup,
  $logdir = $apache::param::logdir,
) inherits apache::param{

  $sitename = "service.de"

  file{"$logdir/$sitename":
    ensure => directory,
  }

  apache::vhost {"app $name":
    template    => 'apache/vhost-proxypass.conf.erb',
    port        => 80,
    servername  => "$sitename",
    modsec      => "",
    pptarget    => "10.18.10.10",
    ppproto     => "http",
    ppport      => "8080",
    ppoptions   => "",
    ppexception => "",
    logformat   => "combined_forwarded",
    rewrite     => "webservice",
    ip          => ["10.18.10."],
    ip_xforward => ["75.2.91.24", "94.5.52.252", ],
  }
}


In my template I try to use the array ip_xforward to put those ip adresses in a variable and allow them:
        <% if @rewrite != '' && @ip != '' || @ip_xforward != ''  %>
                <Location /<%= @rewrite %>>
                        <% if @ip_xforward != '' %>
                                <% if ip.is_a? Array -%>
                                <% ip_xforward.each do |name| -%><%= "\t\tSetEnvIF X-Forwarded-For ^(#{name}) AllowIP\n" %><% end -%>
                                <% elsif @ip_xforward != '' -%>
                                <%= "  SetEnvIF X-Forwarded-For  ^(#{ip_xforward}) AllowIP" -%>
                                <% end -%>
                        <% end -%>

                        Order deny,allow
                        Deny from all
                        Allow from env=AllowIP
                        <% if @ip != '' %>
                                <% if ip.is_a? Array -%>
                                <% ip.each do |name| -%><%= "Allow from #{name}\n" %><% end -%>
                                <% elsif @ip != '' -%>
                                <%= "  Allow from #{ip}" -%>
                                <% end -%>
                        <% end -%>
                </Location>
        <% end %>


My problem is that I have to escape the dot's in the ip address because it's a regex.

It should look like
        SetEnvIF X-Forwarded-For ^(94\.20\.18\.9) AllowIP

But actually it look like this:
        SetEnvIF X-Forwarded-For ^(94.20.18.9) AllowIP

I tried it with regsubst, but without success:
<% ip_xforward.each do |name| -%><%= "\t\tSetEnvIF X-Forwarded-For ^(regsubst(#{name}, '\.','\\.')) AllowIP\n" %><% end -%>



Gabriel Filion

unread,
May 22, 2015, 5:09:15 AM5/22/15
to puppet...@googlegroups.com
On 20/05/15 09:04 AM, Björn wrote:
> I tried it with regsubst, but without success:
> |
> <%ip_xforward.each do|name|-%><%="\t\tSetEnvIF X-Forwarded-For
> ^(regsubst(#{name}, '\.','\\.')) AllowIP\n"%><%end-%>
> |

maybe you need to call the function outside of the string. e.g.:

<%= "\t\tSetEnvIf X-Forwarded-For ^(" + regsubst(name, '\.','\\.') + ")
AllowIP\n"%>

--
Gabriel Filion

signature.asc

Björn

unread,
May 22, 2015, 6:55:16 AM5/22/15
to puppet...@googlegroups.com, gab...@lelutin.ca
 
Probably. But somehow the puppet agent can't find the value for regsubst

                                        <% ip_xforward.each do |name| -%>
                                                <%= "\t\tSetEnvIf X-Forwarded-For ^(" + regsubst("#{name}", 'foo','bar') + ") AllowIP\n" %>  
                                        <% end -%>

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to parse template apache/vhost-default.conf.erb:
  Filepath: /usr/lib/ruby/site_ruby/1.8/puppet/parser/templatewrapper.rb
  Line: 81
  Detail: Could not find value for 'regsubst' at /etc/puppet/modules/apache/templates/vhost-default.conf.erb:68


Henrik Lindberg

unread,
May 22, 2015, 8:21:26 AM5/22/15
to puppet...@googlegroups.com
Note that the each method returns the original LHS not the string. Also,
the substitution inside the string is not code that gets evaluation, you
need to interpolate it using #{} around the expression, or do a concat.

If you want to transform each, you should use the map function instead
of each - then the result is an array of each value returned from the block.

Regards
- henrik

--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

Björn

unread,
Jun 1, 2015, 10:20:06 AM6/1/15
to puppet...@googlegroups.com
Okay, I got it now.

                        <% if @ip_xforward != '' %>
                                <% if ip_xforward.is_a? Array -%>
                                        <% ip_xforward.map do |value| -%>
                                                <%= "\t\tSetEnvIf X-Forwarded-For ^(" + value.gsub('.', '\.') + ".*) AllowIP\n"  -%>
                                        <% end -%>
                                <% else %>
                                        <%= "  SetEnvIF X-Forwarded-For  ^(#{ip_xforward}) AllowIP" -%>
                                <% end -%>
                        <% end -%>

So a array of ip address in the manifests results in
            SetEnvIf X-Forwarded-For ^(13\.74\.8\.23.*) AllowIP
            SetEnvIf X-Forwarded-For ^(5\.63\.23\.53.*) AllowIP



Thanks!

Regards,
Björn
Reply all
Reply to author
Forward
0 new messages