Allow backuphost to access chopin

[dsa-puppet.git] / modules / ferm / manifests / init.pp

diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp
index a977e989953b773a933a43a5864fc46f5883bbb4..6d2d0c62d946b222b0875c044139ca20a0b28c4d 100644 (file)
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -9,6 +9,7 @@
 class ferm {
        # realize (i.e. enable) all @ferm::rule virtual resources
        Ferm::Rule <| |>
+       Ferm::Conf <| |>
 
        File { mode => '0400' }
 
@@ -24,17 +25,17 @@ class ferm {
                status      => '/bin/true',
        }
 
-       $munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
+       $munin_ips = split(regsubst($::v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
 
        munin::check { $munin_ips: script => 'ip_', }
 
        if $v6ips {
-               $munin6_ips = split(regsubst($v6ips, '([^,]+)', 'ip_\1', 'G'), ',')
+               $munin6_ips = split(regsubst($::v6ips, '([^,]+)', 'ip_\1', 'G'), ',')
                munin::ipv6check { $munin6_ips: }
        }
 
        # get rid of old stuff
-       $munin6_ip6s = split(regsubst($v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
+       $munin6_ip6s = split(regsubst($::v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
        munin::check { $munin6_ip6s: ensure => absent }
 
        file { '/etc/ferm':
@@ -54,6 +55,10 @@ class ferm {
        file { '/etc/ferm/conf.d':
                ensure => directory,
                mode   => '0555',
+               purge   => true,
+               force   => true,
+               recurse => true,
+               source  => 'puppet:///files/empty/',
        }
        file { '/etc/default/ferm':
                source  => 'puppet:///modules/ferm/ferm.default',