I am trying to use this module here with puppet: https://github.com/duritong/puppet-shorewall
Following the example I got the rules working
node xy {
class{'config::site_shorewall':
startup => "0" # create shorewall ruleset but don't startup
}
shorewall::rule {
'incoming-ssh': source => 'all', destination => '$FW', action => 'SSH(ACCEPT)', order => 200;
'incoming-puppetmaster': source => 'all', destination => '$FW', action => 'Puppetmaster(ACCEPT)', order => 300;
'incoming-imap': source => 'all', destination => '$FW', action => 'IMAP(ACCEPT)', order => 300;
'incoming-smtp': source => 'all', destination => '$FW', action => 'SMTP(ACCEPT)', order => 300;
}
}
Now I want to pack this into hiera. With some research I found this explanation here how to convert the different variables into hiera hashes: http://puppetlunch.com/puppet/hiera.html
Now when the original example is converted to hiera it should look like this, if I am not wrong (there are only 2 examples in hiera):
---
classes:
- shorewall
shorewall::rule:
incoming-ssh:
source: 'all'
destination: '$FW'
action: 'SSH(ACCEPT)'
order: '200'
incoming-puppetmaster:
source: 'all'
destination: '$FW'
action: 'Puppetmaster(ACCEPT)'
order: 200
What could be the problem that there is no data except the header and footer in the config files?
cat /etc/shorewall/puppet/rules
#
# Shorewall version 3.4 - Rules File
#
# For information on the settings in this file, type "man shorewall-rules"
#
# See http://shorewall.net/Documentation.htm#Rules for additional information.
#
#############################################################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK
# PORT PORT(S) DEST LIMIT GROUP
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
