common.yaml:
lookup_options:
firewall::rules: { merge: {strategy: deep, merge_hash_arrays: true, knockout_prefix: "--", sort_merge_arrays: true}}
firewall::rules
http_allow: { action: 'ACCEPT', proto: 'tcp', source: 'net', dest: '$FW', port: '80', order: '50', comment: 'http access' }
ssh_all: { action: 'ACCEPT', proto: 'tcp', source: 'net', dest: '$FW', port: '22', sport: '-', original_dest: '-', order: '50', comment: 'all ssh access' }
example.com.yaml:
firewall::rules
--ssh_all:
ssh_admins: { action: 'ACCEPT', proto: 'tcp', source: 'net:123.456.768', dest: '$FW', port: '22', sport: '-', original_dest: '-', order: '50', comment: 'admin ssh access' }
should result in a merged yaml:
firewall::rules
http_allow: { action: 'ACCEPT', proto: 'tcp', source: 'net', dest: '$FW', port: '80', order: '50', comment: 'http access' }
ssh_admins: { action: 'ACCEPT', proto: 'tcp', source: 'net:123.456.768', dest: '$FW', port: '22', sport: '-', original_dest: '-', order: '50', comment: 'admin ssh access' }
↧