From e511291a111db7a7d88a8820c5423aa5b92304e0 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Tue, 11 Dec 2012 18:42:15 -0500
Subject: Because the puppet shorewall module uses concat::fragment assembly to
 put the final results in /etc/shorewall/puppet, we have to make sure the
 shorewall.conf is pointing to that directory to get those configurations.
 This commit fixes that.

---
 README            | 6 +++++-
 manifests/base.pp | 7 +++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/README b/README
index 2487f20..29fd84d 100644
--- a/README
+++ b/README
@@ -60,7 +60,11 @@ class site_shorewall::config inherits shorewall::base {
 }
 
 NOTE: if you distribute a file, you cannot also use augeas, puppet and augeas
-will fight forever
+will fight forever. Secondly, you will *need* to make sure that if you are shipping your own
+shorewall.conf that you have the following value set in your shorewall.conf otherwise this
+module will not work:
+
+    CONFIG_PATH="/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"
 
 Documentation
 -------------
diff --git a/manifests/base.pp b/manifests/base.pp
index 7dd025f..537c2a6 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -15,6 +15,13 @@ class shorewall::base {
         owner => root, group => 0, mode => 0644;
     }
 
+    augeas { 'shorewall_module_config_path':
+      changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'',
+      lens    => 'Shellvars.lns',
+      incl    => '/etc/shorewall/shorewall.conf',
+      notify  => Service[shorewall];
+    }
+
     service{shorewall:
         ensure  => running,
         enable  => true,
-- 
cgit v1.2.3