and actually quote correctly

[mirror/dsa-puppet.git] / modules / munin-node / manifests / init.pp

diff --git a/modules/munin-node/manifests/init.pp b/modules/munin-node/manifests/init.pp
index c3b4a12..0849cc1 100644 (file)
--- a/modules/munin-node/manifests/init.pp
+++ b/modules/munin-node/manifests/init.pp
@@ -1,13 +1,13 @@
-define activate_munin_check($ensure=present, $script=$name) {
+define activate_munin_check($ensure=present, $script = none) {
     case $script {
-        "": { $base = $name }
-        default: { $base = $script }
+        none: { $link = $name }
+        default: { $link = $script }
     }
 
     case $ensure {
         present: {
             file { "/etc/munin/plugins/$name":
-                     ensure => "/usr/share/munin/plugins/$base",
+                     ensure => "/usr/share/munin/plugins/$link",
                      notify => Exec["munin-node restart"];
             }
         }
@@ -76,9 +76,9 @@ class munin-node {
         refreshonly => true,
     }
     ferm::rule { "dsa-munin":
-        description     => "Allow munin-node from spohr.debian.org",
-        rule            => "proto tcp dport 4949 saddr $HOST_MUNIN ACCEPT",
-       prio            => "02"
-   }
+            domain          => "(ip ip6)",
+            description     => "Allow munin from munin master",
+            rule            => "proto tcp mod state state (NEW) dport (munin) @subchain 'munin' { saddr (\$HOST_MUNIN) ACCEPT; }"
+    }
 }