4 files changed, 19 insertions, 14 deletions

diff --git a/manifests/chain.pp b/manifests/chain.pp
index 0a0071a..1198f62 100644
--- a/manifests/chain.pp
+++ b/manifests/chain.pp
@@ -7,17 +7,17 @@ define ferm::chain (
   Ferm::Policies $policy,
   Boolean $disable_conntrack,
   Boolean $log_dropped_packets,
-  Ferm::Chains $chain = $name,
+  String[1] $chain = $name,
 ) {
 
   # concat resource for the chain
   $filename = downcase($chain)
-  concat{"/etc/ferm.d/chains/${chain}.conf":
+  concat{"${ferm::configdirectory}/chains/${chain}.conf":
     ensure  => 'present',
   }
 
   concat::fragment{"${chain}-policy":
-    target  => "/etc/ferm.d/chains/${chain}.conf",
+    target  => "${ferm::configdirectory}/chains/${chain}.conf",
     content => epp(
       "${module_name}/ferm_chain_header.conf.epp", {
         'policy'            => $policy,
@@ -29,7 +29,7 @@ define ferm::chain (
 
   if $log_dropped_packets {
     concat::fragment{"${chain}-footer":
-      target  => "/etc/ferm.d/chains/${chain}.conf",
+      target  => "${ferm::configdirectory}/chains/${chain}.conf",
       content => epp("${module_name}/ferm_chain_footer.conf.epp", { 'chain' => $chain }),
       order   => 'zzzzzzzzzzzzzzzzzzzzz',
     }
diff --git a/manifests/config.pp b/manifests/config.pp
index 23ed390..88fff15 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -9,13 +9,13 @@ class ferm::config {
 
   # copy static files to ferm
   # on a long term point of view, we want to package this
-  file{'/etc/ferm.d':
+  file{$ferm::configdirectory:
     ensure => 'directory',
   }
-  -> file{'/etc/ferm.d/definitions':
+  -> file{"${ferm::configdirectory}/definitions":
     ensure => 'directory',
   }
-  -> file{'/etc/ferm.d/chains':
+  -> file{"${ferm::configdirectory}/chains":
     ensure => 'directory',
   }
 
@@ -25,7 +25,7 @@ class ferm::config {
     }
     concat::fragment{'ferm_header.conf':
       target  => $ferm::configfile,
-      content => epp("${module_name}/ferm_header.conf.epp"),
+      content => epp("${module_name}/ferm_header.conf.epp", {'configdirectory' => $ferm::configdirectory}),
       order   => '01',
     }
 
@@ -33,7 +33,8 @@ class ferm::config {
       target  => $ferm::configfile,
       content => epp(
         "${module_name}/ferm.conf.epp", {
-          'ip' => $_ip,
+          'ip'              => $_ip,
+          'configdirectory' => $ferm::configdirectory,
           }
       ),
       order   => '50',
diff --git a/manifests/init.pp b/manifests/init.pp
index b70d56d..f1f9aa9 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -20,6 +20,9 @@
 # @param configfile Path to the config file
 #   Default value: /etc/ferm.conf
 #   Allowed values: Stdlib::Absolutepath
+# @param configdirectory Path to the directory where the module stores ferm configuration files
+#   Default value: /etc/ferm.d or /etc/ferm/ferm.d
+#   Allowed values: Stdlib::Absolutepath
 # @param disable_conntrack Disable/Enable the generation of conntrack rules
 #   Default value: false
 #   Allowed values: (true|false)
@@ -51,6 +54,7 @@ class ferm (
   Boolean $manage_configfile,
   Boolean $manage_initfile,
   Stdlib::Absolutepath $configfile,
+  Stdlib::Absolutepath $configdirectory,
   Boolean $disable_conntrack,
   Ferm::Policies $forward_policy,
   Ferm::Policies $output_policy,
diff --git a/manifests/rule.pp b/manifests/rule.pp
index bd17245..68e88a2 100644
--- a/manifests/rule.pp
+++ b/manifests/rule.pp
@@ -11,7 +11,7 @@
 # @param interface an Optional interface where this rule should be applied
 # @param ensure Set the rule to present or absent
 define ferm::rule (
-  Ferm::Chains $chain,
+  String[1] $chain,
   Ferm::Policies $policy,
   Ferm::Protocols $proto,
   String $comment = $name,
@@ -68,28 +68,28 @@ define ferm::rule (
     if $interface {
       unless defined(Concat::Fragment["${chain}-${interface}-aaa"]) {
         concat::fragment{"${chain}-${interface}-aaa":
-          target  => "/etc/ferm.d/chains/${chain}.conf",
+          target  => "${ferm::configdirectory}/chains/${chain}.conf",
           content => "interface ${interface} {\n",
           order   => $interface,
         }
       }
 
       concat::fragment{"${chain}-${interface}-${name}":
-        target  => "/etc/ferm.d/chains/${chain}.conf",
+        target  => "${ferm::configdirectory}/chains/${chain}.conf",
         content => "  ${rule}\n",
         order   => $interface,
       }
 
       unless defined(Concat::Fragment["${chain}-${interface}-zzz"]) {
         concat::fragment{"${chain}-${interface}-zzz":
-          target  => "/etc/ferm.d/chains/${chain}.conf",
+          target  => "${ferm::configdirectory}/chains/${chain}.conf",
           content => "}\n",
           order   => $interface,
         }
       }
     } else {
       concat::fragment{"${chain}-${name}":
-        target  => "/etc/ferm.d/chains/${chain}.conf",
+        target  => "${ferm::configdirectory}/chains/${chain}.conf",
         content => "${rule}\n",
       }
     }