Browse Source

Merge 7883127581 into 0cbeada0ab

pull/59/merge
Georg 5 months ago
parent
commit
74729be6d3
No account linked to committer's email address
2 changed files with 19 additions and 1 deletions
  1. +16
    -1
      firewalld/zones.sls
  2. +3
    -0
      pillar.example

+ 16
- 1
firewalld/zones.sls View File

# This state ensures that /etc/firewalld/zones/ exists. # This state ensures that /etc/firewalld/zones/ exists.
# #
{% from "firewalld/map.jinja" import firewalld with context %} {% from "firewalld/map.jinja" import firewalld with context %}
{%- set zones = firewalld.get('zones', {}) %}


directory_firewalld_zones: directory_firewalld_zones:
file.directory: # make sure this is a directory file.directory: # make sure this is a directory
# #
# This defines a zone configuration, see firewalld.zone (5) man page. # This defines a zone configuration, see firewalld.zone (5) man page.
# #
{% for k, v in salt['pillar.get']('firewalld:zones', {}).items() %}
{% for k, v in zones.items() %}
{% set z_name = v.name|default(k) %} {% set z_name = v.name|default(k) %}


/etc/firewalld/zones/{{ z_name }}.xml: /etc/firewalld/zones/{{ z_name }}.xml:
zone: {{ v|json }} zone: {{ v|json }}


{% endfor %} {% endfor %}

{%- if firewalld.get('purge_zones', False) %}
{%- set zone_names = zones.keys() %}
{%- for file in salt['file.find']('/etc/firewalld/zones', name='*.xml', print='name', type='f') %}

{%- if file.replace('.xml', '') not in zone_names %}
/etc/firewalld/zones/{{ file }}:
file.absent:
- watch_in:
- cmd: reload_firewalld
{%- endif %}

{%- endfor %}
{%- endif %}

+ 3
- 0
pillar.example View File

entries: entries:
- 2a01::1 - 2a01::1


# Delete zones not defined under "zones"
purge_zones: False

zones: zones:
public: public:
short: Public short: Public

Loading…
Cancel
Save