do not use variable name with capitals + comment out empty if (future parser compatibility)

Pavel Pulec · Pavel Pulec · commit 562273ae3044 · 2017-04-26T17:34:26.000+02:00
Signed-off-by: Pavel Pulec &lt;kayn@inuits.eu&gt;
diff --git a/manifests/server.pp b/manifests/server.pp
@@ -29,7 +29,7 @@
 	$ips = false,	# an optional list of ip's for each in hosts[]
 	$clients = []	# list of allowed client ip's	# TODO: get from exported resources
 ) {
-	$FW = '$FW'			# make using $FW in shorewall easier
+	$fw = '$fw'			# make using $fw in shorewall easier
 
 	include gluster::vardir
 	include gluster::params
@@ -145,8 +145,8 @@
 		}
 	}
 
-	if $shorewall {
-		# XXX: WIP
+	# XXX: WIP
+	#if $shorewall {
 		#if type3x($ips) == 'array' {
 		#	#$other_host_ips = inline_template("<%= ips.delete_if {|x| x == '${ipaddress}' }.join(',') %>")		# list of ips except myself
 		#	$source_ips = inline_template("<%= (ips+clients).uniq.delete_if {|x| x.empty? }.join(',') %>")
@@ -161,18 +161,18 @@
 		#$nfs_endport = inline_template('<%= 38465+hosts.count %>')
 		#shorewall::rule { 'gluster-24000':
 		#	rule => "
-		#	ACCEPT    ${src}    $FW    tcp    24009:${endport}
+		#	ACCEPT    ${src}    $fw    tcp    24009:${endport}
 		#	",
 		#	comment => 'Allow 24000s for gluster',
 		#	before => Service["${::gluster::params::service_glusterd}"],
 		#}
 
 		#if $nfs {					# FIXME: TODO
 		#	shorewall::rule { 'gluster-nfs': rule => "
-		#	ACCEPT    $(src}    $FW    tcp    38465:${nfs_endport}
+		#	ACCEPT    $(src}    $fw    tcp    38465:${nfs_endport}
 		#	", comment => 'Allow nfs for gluster'}
 		#}
-	}
+	#}
 
 	# start service only after the firewall is opened and hosts are defined
 	service { "${::gluster::params::service_glusterd}":
diff --git a/vagrant/puppet/manifests/site.pp b/vagrant/puppet/manifests/site.pp
@@ -141,7 +141,7 @@
 
 class firewall {
 
-	$FW = '$FW'			# make using $FW in shorewall easier
+	$fw = '$fw'			# make using $fw in shorewall easier
 
 	class { '::shorewall::configuration':
 		# NOTE: no configuration specifics are needed at the moment
@@ -174,30 +174,30 @@
 	}
 
 	# TODO: is this policy really what we want ? can we try to limit this ?
-	shorewall::policy { '$FW-net':
+	shorewall::policy { '$fw-net':
 		policy => 'ACCEPT',		# TODO: shouldn't we whitelist?
 	}
 
-	shorewall::policy { '$FW-man':
+	shorewall::policy { '$fw-man':
 		policy => 'ACCEPT',		# TODO: shouldn't we whitelist?
 	}
 
 	####################################################################
 	#ACTION      SOURCE DEST                PROTO DEST  SOURCE  ORIGINAL
 	#                                             PORT  PORT(S) DEST
 	shorewall::rule { 'ssh': rule => "
-	SSH/ACCEPT   net    $FW
-	SSH/ACCEPT   man    $FW
+	SSH/ACCEPT   net    $fw
+	SSH/ACCEPT   man    $fw
 	", comment => 'Allow SSH'}
 
 	shorewall::rule { 'ping': rule => "
-	#Ping/DROP    net    $FW
-	Ping/ACCEPT  net    $FW
-	Ping/ACCEPT  man    $FW
+	#Ping/DROP    net    $fw
+	Ping/ACCEPT  net    $fw
+	Ping/ACCEPT  man    $fw
 	", comment => 'Allow ping from the `bad` net zone'}
 
 	shorewall::rule { 'icmp': rule => "
-	ACCEPT       $FW    net                 icmp
-	ACCEPT       $FW    man                 icmp
+	ACCEPT       $fw    net                 icmp
+	ACCEPT       $fw    man                 icmp
 	", comment => 'Allow icmp from the firewall zone'}
 }
