share NFS mounts on RHEL/CentOS with puppet, using augeas to manage exports file

puppet NFS

# modules/nfs/manifests/init.pp

class nfs_server {
    file { "destroy_exports":
        path => "/etc/exports.puppet",
        ensure => present,
        source  => "puppet://$servername/modules/nfs/empty",
    }

    package { "portmap":
        ensure => latest,
    }

    package { "nfs-utils":
        ensure => latest,
    }

    service { "portmap":
        ensure => running,
        enable => true,
        require => Package["portmap"],
    }

    service { "nfslock":
        ensure => running,
        enable => true,
        require => [
            Package["nfs-utils"],
            Service["portmap"],
        ],
    }

    service { "nfs":
        ensure => running,
        enable => true,
        require => Service["nfslock"],
    }

    file { "exports":
        path => "/etc/exports",
        ensure => present,
        backup => main,
        mode => 644,
        owner => root,
        group => root,
        source => [
            "file:///etc/exports.puppet",
            "puppet://$servername/modules/nfs/empty",
        ],
        require => File["destroy_exports"],
        notify => Service["nfs"],
    }
}

define nfs_share ($share, $host = "*", $options = "rw,sync") {
    include nfs_server
    # work around puppet's lack of loops
    $options_set = generate("/opt/puppet/modules/nfs/files/nfs_hack.pl", $share, $host, $options)
    augeas { "share_${share}_${host}_$options":
        incl => "/etc/exports.puppet",
        changes => [
            "set dir[.= \"$share\"] $share",
            "remove dir[.= \"$share\"]/client[.= \"$host\"]",
            "set dir[.= \"$share\"]/client[.= \"$host\"] $host",
            split ($options_set, "\n"),
        ],
        lens => "Exports.lns",
        load_path => "/usr/share/augeas/lenses/dist",
        require => File["destroy_exports"],
        notify => File["exports"],
    }
}

# to use:
include nfs_server
nfs_share { "srv":
    share => "/srv",
    host => "10.99.99.0/24",
    options => "ro,async,no_root_squash,no_subtree_check",
}

--- SNIP ---

# modules/nfs/files/empty
# should be relatively empty

--- SNIP ---

#!/usr/bin/perl -w
# modules/nfs/files/nfs_hack.pl
use strict;

my $share = shift;
my $host = shift;
my $options = shift;
print "set dir[.= \"$share\"]/client[.= \"$host\"]/option[.= \"$_\"] $_\n"
    for split m/,/, $options;