diff options
author | Tim Meusel <tim@bastelfreak.de> | 2019-08-12 22:55:52 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-12 22:55:52 +0200 |
commit | 15153bd994f4715d37b398264581914692a93c45 (patch) | |
tree | 46a981008420953c768e23c05ca340497b1f3d59 /README.md | |
parent | 5eee9cc90593623c8936cf5ee9da2e4ce8c5fa6e (diff) | |
parent | a0d72d5947030fc2dc4332652e5868fa15b906e4 (diff) | |
download | puppet-ferm-15153bd994f4715d37b398264581914692a93c45.tar.gz puppet-ferm-15153bd994f4715d37b398264581914692a93c45.tar.bz2 |
Merge pull request #51 from kBite/allow-array-for-saddr-daddr
Allow array for saddr and daddr
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -63,17 +63,29 @@ You can collect them like this: Ferm::Rule <<| tag == 'allow_kafka_server2server' |>> ``` -You can also define rules in hiera: +You can also define rules in Hiera. Make sure to use `alias()` as interpolation function, because `hiera()` will always return a string. ```yaml --- +subnet01: '123.123.123.0/24' +subnet02: '123.123.124.0/24' +subnet03: + - '123.123.125.0/24' + - '123.123.126.0/24' + +subnets: + - "%{alias('subnet01')}" + - "%{alias('subnet02')}" + - "%{alias('subnet03')}" + - 123.123.127.0/24 + ferm::rules: 'allow_http_https': chain: 'INPUT' policy: 'ACCEPT' proto: 'tcp' dport: '(80 443)' - saddr: "%{hiera('some_other_hiera_key')}" + saddr: "%{alias('subnets')}" ``` ferm::rules is a hash. configured for deep merge. Hiera will collect all |