diff options
| author | Kilian Engelhardt <kilian.engelhardt@godaddy.com> | 2019-08-06 10:48:02 +0200 |
|---|---|---|
| committer | Kilian Engelhardt <kilian.engelhardt@godaddy.com> | 2019-08-09 17:43:26 +0200 |
| commit | 1f8fe9481d7f12215661d4a0982810cd683f1ba9 (patch) | |
| tree | 18cc8137724a24bf6a11b4a533c31d72ee1b66b2 /README.md | |
| parent | a567a8fdcc6f933286a6ce3e497fc0cfb87ec971 (diff) | |
| download | puppet-ferm-1f8fe9481d7f12215661d4a0982810cd683f1ba9.tar.gz puppet-ferm-1f8fe9481d7f12215661d4a0982810cd683f1ba9.tar.bz2 | |
add example using Hiera subnet variables to README.md
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -63,17 +63,29 @@ You can collect them like this: Ferm::Rule <<| tag == 'allow_kafka_server2server' |>> ``` -You can also define rules in hiera: +You can also define rules in Hiera. Make sure to use `alias()` as interpolation function, because `hiera()` will always return string. ```yaml --- +subnet01: '123.123.123.0/24' +subnet02: '123.123.124.0/24' +subnet03: + - '123.123.125.0/24' + - '123.123.126.0/24' + +subnets: + - "%{alias('subnet01')}" + - "%{alias('subnet02')}" + - "%{alias('subnet03')}" + - 123.123.127.0/24 + ferm::rules: 'allow_http_https': chain: 'INPUT' policy: 'ACCEPT' proto: 'tcp' dport: '(80 443)' - saddr: "%{hiera('some_other_hiera_key')}" + saddr: "%{alias('subnets')}" ``` ferm::rules is a hash. configured for deep merge. Hiera will collect all |