Saltstack Official FirewallD Formula

10 роки тому
6 роки тому
10 роки тому
10 роки тому
6 роки тому
10 роки тому
10 роки тому
10 роки тому
10 роки тому
10 роки тому
10 роки тому
10 роки тому
10 роки тому
6 роки тому
10 роки тому
10 роки тому
6 роки тому
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153
  1. .. _readme:
  2. firewalld-formula
  3. =================
  4. |img_travis| |img_sr|
  5. .. |img_travis| image:: https://travis-ci.com/saltstack-formulas/firewalld-formula.svg?branch=master
  6. :alt: Travis CI Build Status
  7. :scale: 100%
  8. :target: https://travis-ci.com/saltstack-formulas/firewalld-formula
  9. .. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg
  10. :alt: Semantic Release
  11. :scale: 100%
  12. :target: https://github.com/semantic-release/semantic-release
  13. A SaltStack Formula to set up and configure Firewalld, a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces.
  14. .. contents:: **Table of Contents**
  15. General notes
  16. -------------
  17. See the full `SaltStack Formulas installation and usage instructions
  18. <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html>`_.
  19. If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section
  20. <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#writing-formulas>`_.
  21. If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``,
  22. which contains the currently released version. This formula is versioned according to `Semantic Versioning <http://semver.org/>`_.
  23. See `Formula Versioning Section <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#versioning>`_ for more details.
  24. If you need (non-default) configuration, please pay attention to the ``pillar.example`` file and/or `Special notes`_ section.
  25. Contributing to this repo
  26. -------------------------
  27. **Commit message formatting is significant!!**
  28. Please see `How to contribute <https://github.com/saltstack-formulas/.github/blob/master/CONTRIBUTING.rst>`_ for more details.
  29. Special notes
  30. -------------
  31. None
  32. TODO
  33. ----
  34. * configure local pre-commit hooks (code syntax check based on file extension, check for ugly *utf-8 mac os white space*)
  35. Instructions
  36. ------------
  37. 1. Add this repository as a `GitFS <http://docs.saltstack.com/topics/tutorials/gitfs.html>`_ backend in your Salt master config.
  38. 2. Configure your Pillar top file (``/srv/pillar/top.sls``), see pillar.example
  39. 3. Include this Formula within another Formula or simply define your needed states within the Salt top file (``/srv/salt/top.sls``).
  40. Additional resources
  41. --------------------
  42. None
  43. Formula Dependencies
  44. --------------------
  45. None
  46. Contributions
  47. -------------
  48. Contributions are always welcome. All development guidelines you have to know are
  49. * write clean code (proper YAML+Jinja syntax, no trailing whitespaces, no empty lines with whitespaces, LF only)
  50. * set sane default settings
  51. * test your code
  52. * update README.rst doc
  53. Salt Compatibility
  54. ------------------
  55. Tested with:
  56. * 2018.3.x (will probably work too with 2017.x.x)
  57. OS Compatibility
  58. ----------------
  59. Tested with:
  60. * CentOS 7
  61. * Debian 9
  62. * Ubuntu 18.04
  63. Available states
  64. ----------------
  65. .. contents::
  66. :local:
  67. ``firewalld``
  68. ^^^^^^^^^^^^^
  69. Manage firewalld
  70. Testing
  71. -------
  72. Linux testing is done with ``kitchen-salt``.
  73. Requirements
  74. ^^^^^^^^^^^^
  75. * Ruby
  76. * Docker
  77. .. code-block:: bash
  78. $ gem install bundler
  79. $ bundle install
  80. $ bin/kitchen test [platform]
  81. Where ``[platform]`` is the platform name defined in ``kitchen.yml``,
  82. e.g. ``debian-9-2019-2-py3``.
  83. ``bin/kitchen converge``
  84. ^^^^^^^^^^^^^^^^^^^^^^^^
  85. Creates the docker instance and runs the ``firewalld`` main state, ready for testing.
  86. ``bin/kitchen verify``
  87. ^^^^^^^^^^^^^^^^^^^^^^
  88. Runs the ``inspec`` tests on the actual instance.
  89. ``bin/kitchen destroy``
  90. ^^^^^^^^^^^^^^^^^^^^^^^
  91. Removes the docker instance.
  92. ``bin/kitchen test``
  93. ^^^^^^^^^^^^^^^^^^^^
  94. Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.
  95. ``bin/kitchen login``
  96. ^^^^^^^^^^^^^^^^^^^^^
  97. Gives you SSH access to the instance for manual testing.