Hi -
I am trying to figure out how to best override
resource attributes for a module. I know this might not
be the best way to do things, but it's where I am at currently.

In summary:

    - I have a module called Apache, that references the firewall class from
    the puppetlabs/firewall module - to open ports 80/443.
    - I have a few nodes, that need wordpress installed (as well as apache)
    - I need to override the default fw ports 80/443 being opened, for more
    selective rules.

I am trying to override these resources similar to what is described here:

Here's my code:

   node 'wordpress-dev.blah.example.com' {
     include base
     include users
     include webteam
     include apache
     include libfw::wordpress
     group { 'webteam':
       ensure => present,
       name => 'webteam',
       members => 'sdf, sdf1, sdf3, sdf4'
     include basicfw
     include lib-wordpress
     include wordpress_cli
     include php

Apache and wordpress are two very basic modules I wrote.

apache::config has the following:
class apache::config {
   firewall { '0050 allow http and https access':
     chain => 'LSO-Firewall-1-INPUT',
     dport => [80, 443],
     proto => tcp,
     action => accept,

Then in the wordpress module, I am trying to override this setting with:

class lib-wordpress::firewall inherits apache::config {
   Class['apache::config'] {
     chain => 'LSO-Firewall-1-INPUT',
     dport => [80, 443],
     proto => tcp,
     action => reject,

Puppet apply run's ok, but IPtables never changes. The default rule 0050,
stays as
accept. I also noticed with puppet-lint this warning:
class inherits across module namespaces

Is this because I am overriding a class that references another class
(firewall)? If
so, how should I avoid this? I might be running up against this bug:
Note: If a base class declares other classes with the resource-like
syntax, a class derived from it cannot override the class parameters of
those inner classes. This is a known bug.
Thank you.


You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0d3b3462-4264-4411-af47-e1ded2db5797%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Discussion Posts

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 1 of 4 | next ›
Discussion Overview
grouppuppet-users @
postedMar 14, '16 at 9:36p
activeMar 16, '16 at 1:13p

2 users in discussion

Jcbollinger: 2 posts TimV: 2 posts



site design / logo © 2022 Grokbase