diff --git a/manifests/brick.pp b/manifests/brick.pp
index d294a75..b2c655b 100644
--- a/manifests/brick.pp
+++ b/manifests/brick.pp
@@ -76,7 +76,7 @@
 		content => "${name}\n",
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_root}",
-		mode => 644,
+		mode => '0644',
 		ensure => present,
 		require => File["${vardir}/brick/"],
 	}
@@ -98,7 +98,7 @@
 			content => "${fsuuid}\n",
 			owner => "${::gluster::params::misc_owner_root}",
 			group => "${::gluster::params::misc_group_root}",
-			mode => 600,	# might as well...
+			mode => '0600',	# might as well...
 			ensure => present,
 			require => File["${vardir}/brick/fsuuid/"],
 		}
diff --git a/manifests/host.pp b/manifests/host.pp
index d5f09b6..ad5276e 100644
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -77,7 +77,7 @@
 			},
 			owner => "${::gluster::params::misc_owner_root}",
 			group => "${::gluster::params::misc_group_root}",
-			mode => 600,	# might as well...
+			mode => '0600',	# might as well...
 			ensure => present,
 			require => File["${vardir}/uuid/"],
 		}
@@ -112,7 +112,7 @@
 				content => template('gluster/glusterd.info.erb'),
 				owner => "${::gluster::params::misc_owner_root}",
 				group => "${::gluster::params::misc_group_root}",
-				mode => 600,			# u=rw,go=r
+				mode => '0600',			# u=rw,go=r
 				seltype => 'glusterd_var_lib_t',
 				seluser => "${::gluster::params::selinux_glusterd_seluser}",
 				ensure => present,
@@ -126,7 +126,7 @@
 				tag => 'gluster_uuid',
 				owner => "${::gluster::params::misc_owner_root}",
 				group => "${::gluster::params::misc_group_root}",
-				mode => 600,
+				mode => '0600',
 				ensure => present,
 			}
 		}
@@ -198,7 +198,7 @@
 				owner => "${::gluster::params::misc_owner_root}",
 				group => "${::gluster::params::misc_group_root}",
 				# NOTE: this mode was found by inspecting the process
-				mode => 600,			# u=rw,go=r
+				mode => '0600',			# u=rw,go=r
 				seltype => 'glusterd_var_lib_t',
 				seluser => "${::gluster::params::selinux_glusterd_seluser}",
 				notify => [
@@ -232,7 +232,7 @@
 			content => "${valid_ip}\n",
 			owner => "${::gluster::params::misc_owner_root}",
 			group => "${::gluster::params::misc_group_root}",
-			mode => 600,	# might as well...
+			mode => '0600',	# might as well...
 			ensure => present,
 			require => File["${vardir}/vrrp/"],
 		}
@@ -245,7 +245,7 @@
 			},
 			owner => "${::gluster::params::misc_owner_root}",
 			group => "${::gluster::params::misc_group_root}",
-			mode => 600,	# might as well...
+			mode => '0600',	# might as well...
 			ensure => present,
 			require => File["${vardir}/vrrp/"],
 		}
@@ -256,7 +256,7 @@
 			tag => 'gluster_vrrp',
 			owner => "${::gluster::params::misc_owner_root}",
 			group => "${::gluster::params::misc_group_root}",
-			mode => 600,
+			mode => '0600',
 			ensure => present,
 		}
 
diff --git a/manifests/mount/base.pp b/manifests/mount/base.pp
index 5b44a9d..7a76bc3 100644
--- a/manifests/mount/base.pp
+++ b/manifests/mount/base.pp
@@ -92,7 +92,7 @@
 	#	content => "fuse\n",	# TODO: "install fuse ${::gluster::params::program_modprobe} --ignore-install fuse ; /bin/true\n" ?
 	#	owner => "${::gluster::params::misc_owner_root}",
 	#	group => "${::gluster::params::misc_group_root}",
-	#	mode => 644,		# u=rw,go=r
+	#	mode => '0644',		# u=rw,go=r
 	#	ensure => present,
 	#}
 
diff --git a/manifests/params.pp b/manifests/params.pp
index 5f16f86..c5c61cc 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -109,7 +109,7 @@
 			content => inline_template('<%= @hash.to_yaml %>'),
 			owner => "${misc_owner_root}",
 			group => "${misc_group_root}",
-			mode => 644,		# u=rw,go=r
+			mode => '0644',		# u=rw,go=r
 			ensure => present,
 		}
 	}
diff --git a/manifests/server.pp b/manifests/server.pp
index aa99e82..82f3278 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -29,7 +29,7 @@
 	$ips = false,	# an optional list of ip's for each in hosts[]
 	$clients = []	# list of allowed client ip's	# TODO: get from exported resources
 ) {
-	$FW = '$FW'			# make using $FW in shorewall easier
+	$fw = '$FW'			# make using $FW in shorewall easier
 
 	include gluster::vardir
 	include gluster::params
@@ -55,7 +55,7 @@
 		source => 'puppet:///modules/gluster/sponge.py',
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_nobody}",
-		mode => 700,			# u=rwx
+		mode => '0700',			# u=rwx
 		backup => false,		# don't backup to filebucket
 		ensure => present,
 		before => Package["${::gluster::params::package_glusterfs_server}"],
@@ -91,7 +91,7 @@
 		force => false,			# TODO: eventually...
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_root}",
-		mode => 644,
+		mode => '0644',
 		#notify => Service["${::gluster::params::service_glusterd}"],	# TODO: ???
 		require => Package["${::gluster::params::package_glusterfs_server}"],
 	}
@@ -109,7 +109,7 @@
 		content => template('gluster/glusterd.vol.erb'),
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_root}",
-		mode => 644,			# u=rw,go=r
+		mode => '0644',			# u=rw,go=r
 		ensure => present,
 		require => File['/etc/glusterfs/'],
 	}
@@ -121,7 +121,7 @@
 		force => false,			# TODO: eventually...
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_root}",
-		mode => 644,
+		mode => '0644',
 		#notify => Service["${::gluster::params::service_glusterd}"],	# TODO: eventually...
 		require => File['/etc/glusterfs/glusterd.vol'],
 	}
@@ -133,7 +133,7 @@
 		force => true,
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_root}",
-		mode => 644,
+		mode => '0644',
 		notify => Service["${::gluster::params::service_glusterd}"],
 		require => File['/var/lib/glusterd/'],
 	}
@@ -145,8 +145,8 @@
 		}
 	}
 
-	if $shorewall {
-		# XXX: WIP
+	# XXX: WIP
+	#if $shorewall {
 		#if type3x($ips) == 'array' {
 		#	#$other_host_ips = inline_template("<%= ips.delete_if {|x| x == '${ipaddress}' }.join(',') %>")		# list of ips except myself
 		#	$source_ips = inline_template("<%= (ips+clients).uniq.delete_if {|x| x.empty? }.join(',') %>")
@@ -161,7 +161,7 @@
 		#$nfs_endport = inline_template('<%= 38465+hosts.count %>')
 		#shorewall::rule { 'gluster-24000':
 		#	rule => "
-		#	ACCEPT    ${src}    $FW    tcp    24009:${endport}
+		#	ACCEPT    ${src}    $fw    tcp    24009:${endport}
 		#	",
 		#	comment => 'Allow 24000s for gluster',
 		#	before => Service["${::gluster::params::service_glusterd}"],
@@ -169,10 +169,10 @@
 
 		#if $nfs {					# FIXME: TODO
 		#	shorewall::rule { 'gluster-nfs': rule => "
-		#	ACCEPT    $(src}    $FW    tcp    38465:${nfs_endport}
+		#	ACCEPT    $(src}    $fw    tcp    38465:${nfs_endport}
 		#	", comment => 'Allow nfs for gluster'}
 		#}
-	}
+	#}
 
 	# start service only after the firewall is opened and hosts are defined
 	service { "${::gluster::params::service_glusterd}":
diff --git a/manifests/vardir.pp b/manifests/vardir.pp
index c9c20d2..4173051 100644
--- a/manifests/vardir.pp
+++ b/manifests/vardir.pp
@@ -32,7 +32,7 @@
 			force => true,		# also purge subdirs and links
 			owner => "${::gluster::params::misc_owner_root}",
 			group => "${::gluster::params::misc_group_nobody}",
-			mode => 600,
+			mode => '0600',
 			backup => false,	# don't backup to filebucket
 			#before => File["${module_vardir}"],	# redundant
 			#require => Package['puppet'],	# no puppet module seen
@@ -48,7 +48,7 @@
 		force => true,			# also purge subdirs and links
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_nobody}",
-		mode => 600,
+		mode => '0600',
 		backup => false,
 		require => File["${tmp}"],	# File['/var/lib/puppet/tmp/']
 	}
diff --git a/manifests/volume.pp b/manifests/volume.pp
index c5292e3..9843118 100644
--- a/manifests/volume.pp
+++ b/manifests/volume.pp
@@ -263,7 +263,7 @@
 		content => inline_template("#!/bin/bash\n/bin/sleep 5s && ${::gluster::params::program_gluster} volume create ${name} ${valid_replica}${valid_arbiter}${valid_stripe}transport ${valid_transport} ${brick_spec} force > >(/usr/bin/tee '/tmp/gluster-volume-create-${name}.stdout') 2> >(/usr/bin/tee '/tmp/gluster-volume-create-${name}.stderr' >&2) || (${rmdir_volume_dirs} && /bin/false)\nexit \$?\n"),
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_root}",
-		mode => 755,
+		mode => '0755',
 		ensure => present,
 		# this notify is the first to kick off the 2nd step! it
 		# was put here after a process of elimination, and this
diff --git a/manifests/volume/property/group/data.pp b/manifests/volume/property/group/data.pp
index c8ece2b..14eeee2 100644
--- a/manifests/volume/property/group/data.pp
+++ b/manifests/volume/property/group/data.pp
@@ -35,7 +35,7 @@
 		force => true,
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_nobody}",
-		mode => 644,			# u=rwx
+		mode => '0644',			# u=rwx
 		backup => false,		# don't backup to filebucket
 		require => File["${vardir}/"],
 	}
diff --git a/manifests/xml.pp b/manifests/xml.pp
index 99a9543..8b0eb02 100644
--- a/manifests/xml.pp
+++ b/manifests/xml.pp
@@ -40,7 +40,7 @@
 		source => 'puppet:///modules/gluster/xml.py',
 		owner => "${::gluster::params::misc_owner_root}",
 		group => "${::gluster::params::misc_group_nobody}",
-		mode => 700,			# u=rwx
+		mode => '0700',			# u=rwx
 		backup => false,		# don't backup to filebucket
 		ensure => present,
 		require => File["${vardir}/"],
diff --git a/vagrant/puppet/manifests/site.pp b/vagrant/puppet/manifests/site.pp
index 763a90b..f9bf999 100644
--- a/vagrant/puppet/manifests/site.pp
+++ b/vagrant/puppet/manifests/site.pp
@@ -1,13 +1,10 @@
-node default {
+# puppetmaster
+node puppet {
+
 	# this will get put on every host...
-	$url = 'https://ttboj.wordpress.com/'
 	file { '/etc/motd':
-		content => "This is Puppet-Gluster+Vagrant! (${url})\n",
+		content => "This is Puppet-Gluster+Vagrant! (https://ttboj.wordpress.com/)\n",
 	}
-}
-
-# puppetmaster
-node puppet inherits default {
 
 	if "${::vagrant_gluster_firewall}" != 'false' {
 		include firewall
@@ -38,7 +35,12 @@
 	}
 }
 
-node /^annex\d+$/ inherits default {	# annex{1,2,..N}
+node /^annex\d+$/ {	# annex{1,2,..N}
+
+	# this will get put on every host...
+	file { '/etc/motd':
+		content => "This is Puppet-Gluster+Vagrant! (https://ttboj.wordpress.com/)\n",
+	}
 
 	if "${::vagrant_gluster_firewall}" != 'false' {
 		include firewall
@@ -105,7 +107,12 @@
 	}
 }
 
-node /^client\d+$/ inherits default {	# client{1,2,..N}
+node /^client\d+$/ {	# client{1,2,..N}
+
+	# this will get put on every host...
+	file { '/etc/motd':
+		content => "This is Puppet-Gluster+Vagrant! (https://ttboj.wordpress.com/)\n",
+	}
 
 	if "${::vagrant_gluster_firewall}" != 'false' {
 		include firewall
@@ -134,7 +141,7 @@
 
 class firewall {
 
-	$FW = '$FW'			# make using $FW in shorewall easier
+	$fw = '$FW'			# make using $FW in shorewall easier
 
 	class { '::shorewall::configuration':
 		# NOTE: no configuration specifics are needed at the moment
@@ -179,18 +186,18 @@
 	#ACTION      SOURCE DEST                PROTO DEST  SOURCE  ORIGINAL
 	#                                             PORT  PORT(S) DEST
 	shorewall::rule { 'ssh': rule => "
-	SSH/ACCEPT   net    $FW
-	SSH/ACCEPT   man    $FW
+	SSH/ACCEPT   net    $fw
+	SSH/ACCEPT   man    $fw
 	", comment => 'Allow SSH'}
 
 	shorewall::rule { 'ping': rule => "
-	#Ping/DROP    net    $FW
-	Ping/ACCEPT  net    $FW
-	Ping/ACCEPT  man    $FW
+	#Ping/DROP    net    $fw
+	Ping/ACCEPT  net    $fw
+	Ping/ACCEPT  man    $fw
 	", comment => 'Allow ping from the `bad` net zone'}
 
 	shorewall::rule { 'icmp': rule => "
-	ACCEPT       $FW    net                 icmp
-	ACCEPT       $FW    man                 icmp
+	ACCEPT       $fw    net                 icmp
+	ACCEPT       $fw    man                 icmp
 	", comment => 'Allow icmp from the firewall zone'}
 }