I'm using a primitive template to build my iptables rulesets.
It's all in a branch on my github repo at

http://github.com/rasputnik/babysteps-puppet/tree/templated-iptables

template that looks like:

<% if has_variable?('httpd::open_firewall') %>
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
<% end -%>

(see 
http://github.com/rasputnik/babysteps-puppet/blob/templated-iptables/modules/iptables/templates/iptables.erb
)

i then set a variable in the httpd module like this:

class httpd {
  $open_firewall = 'on'
  #.... rest of httpd class def.
}

[ 
http://github.com/rasputnik/babysteps-puppet/blob/templated-iptables/modules/httpd/manifests/init.pp
]

The idea being that if a node has 'include httpd', then when it runs
'include iptables'
it'll open the right port.

This works fine for classes that include httpd. The trouble is that i
get this error on
nodes that don't :

[r...@node03 ~]# puppetd -tv
info: Retrieving plugins
err: Could not retrieve catalog: Failed to parse template
iptables/iptables.erb: Class httpd has not been evaluated so its
variables cannot be referenced at
/etc/puppet/modules/iptables/manifests/init.pp:11 on node node03.pixie
warning: Not using cache on failed catalog


To my mind, that should be a warning, not an error.

Is there any 'guard' I can put in my template to stop this blowing up?

I did try:

<% if has_variable?('httpd') && has_variable?('httpd::open_firewall') %>

but the first clause is always false, even on nodes that 'include httpd'.


Sorry this has been a bit longwinded, but I'm a bit stumped here.
Thanks in advance for
any tips.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to