Hi - I am trying to figure out how to best override resource attributes for a module. I know this might not be the best way to do things, but it's where I am at currently.
In summary: - I have a module called Apache, that references the firewall class from the puppetlabs/firewall module - to open ports 80/443. - I have a few nodes, that need wordpress installed (as well as apache) - I need to override the default fw ports 80/443 being opened, for more selective rules. I am trying to override these resources similar to what is described here: https://docs.puppetlabs.com/puppet/latest/reference/lang_classes.html#overriding-resource-attributes Here's my code: nodes.pp node 'wordpress-dev.blah.example.com' { include base include users include webteam include apache include libfw::wordpress group { 'webteam': ensure => present, name => 'webteam', members => 'sdf, sdf1, sdf3, sdf4' } include basicfw include lib-wordpress include wordpress_cli include php } Apache and wordpress are two very basic modules I wrote. apache::config apache::config has the following: class apache::config { firewall { '0050 allow http and https access': chain => 'LSO-Firewall-1-INPUT', dport => [80, 443], proto => tcp, action => accept, } } Then in the wordpress module, I am trying to override this setting with: lib-wordpress::config class lib-wordpress::firewall inherits apache::config { Class['apache::config'] { chain => 'LSO-Firewall-1-INPUT', dport => [80, 443], proto => tcp, action => reject, } } Puppet apply run's ok, but IPtables never changes. The default rule 0050, stays as accept. I also noticed with puppet-lint this warning: class inherits across module namespaces Is this because I am overriding a class that references another class (firewall)? If so, how should I avoid this? I might be running up against this bug: > Note: If a base class declares other classes with the resource-like >> syntax, a class derived from it cannot override the class parameters of >> those inner classes. This is a known bug. >> > Thank you. Tim -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0d3b3462-4264-4411-af47-e1ded2db5797%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
