do not use variable name with capitals + comment out empty if (future…

… parser compatibility) Signed-off-by: Pavel Pulec <[email protected]>
purpleidea · Apr 26, 2017 · 2398be0 · 2398be0
1 parent e80eff8
commit 2398be0
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 14 deletions.
diff --git a/manifests/server.pp b/manifests/server.pp
@@ -29,7 +29,8 @@
 	$ips = false,	# an optional list of ip's for each in hosts[]
 	$clients = []	# list of allowed client ip's	# TODO: get from exported resources
 ) {
-	$FW = '$FW'			# make using $FW in shorewall easier
+	# XXX: WIP
+	# $FW = '$FW'			# make using $FW in shorewall easier
 
 	include gluster::vardir
 	include gluster::params
@@ -145,8 +146,8 @@
 		}
 	}
 
-	if $shorewall {
-		# XXX: WIP
+	# XXX: WIP
+	#if $shorewall {
 		#if type3x($ips) == 'array' {
 		#	#$other_host_ips = inline_template("<%= ips.delete_if {|x| x == '${ipaddress}' }.join(',') %>")		# list of ips except myself
 		#	$source_ips = inline_template("<%= (ips+clients).uniq.delete_if {|x| x.empty? }.join(',') %>")
@@ -172,7 +173,7 @@
 		#	ACCEPT    $(src}    $FW    tcp    38465:${nfs_endport}
 		#	", comment => 'Allow nfs for gluster'}
 		#}
-	}
+	#}
 
 	# start service only after the firewall is opened and hosts are defined
 	service { "${::gluster::params::service_glusterd}":

diff --git a/vagrant/puppet/manifests/site.pp b/vagrant/puppet/manifests/site.pp
@@ -141,7 +141,7 @@
 
 class firewall {
 
-	$FW = '$FW'			# make using $FW in shorewall easier
+	$fw = '$fw'			# make using $fw in shorewall easier
 
 	class { '::shorewall::configuration':
 		# NOTE: no configuration specifics are needed at the moment
@@ -174,30 +174,30 @@
 	}
 
 	# TODO: is this policy really what we want ? can we try to limit this ?
-	shorewall::policy { '$FW-net':
+	shorewall::policy { '$fw-net':
 		policy => 'ACCEPT',		# TODO: shouldn't we whitelist?
 	}
 
-	shorewall::policy { '$FW-man':
+	shorewall::policy { '$fw-man':
 		policy => 'ACCEPT',		# TODO: shouldn't we whitelist?
 	}
 
 	####################################################################
 	#ACTION      SOURCE DEST                PROTO DEST  SOURCE  ORIGINAL
 	#                                             PORT  PORT(S) DEST
 	shorewall::rule { 'ssh': rule => "
-	SSH/ACCEPT   net    $FW
-	SSH/ACCEPT   man    $FW
+	SSH/ACCEPT   net    $fw
+	SSH/ACCEPT   man    $fw
 	", comment => 'Allow SSH'}
 
 	shorewall::rule { 'ping': rule => "
-	#Ping/DROP    net    $FW
-	Ping/ACCEPT  net    $FW
-	Ping/ACCEPT  man    $FW
+	#Ping/DROP    net    $fw
+	Ping/ACCEPT  net    $fw
+	Ping/ACCEPT  man    $fw
 	", comment => 'Allow ping from the `bad` net zone'}
 
 	shorewall::rule { 'icmp': rule => "
-	ACCEPT       $FW    net                 icmp
-	ACCEPT       $FW    man                 icmp
+	ACCEPT       $fw    net                 icmp
+	ACCEPT       $fw    man                 icmp
 	", comment => 'Allow icmp from the firewall zone'}
 }