ExternalMirrors
/
firewalld-formula
mirror of https://github.com/saltstack-formulas/firewalld-formula
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 14 Wiki Activity
Browse Source

refactor: split default maps into separate files 

While the default maps are mostly empty this sets the groundwork for
distribution specific defaults. The layout is based on the formula
template.

BREAKING CHANGE: `map.jinja` has been upgraded from using `pillar.get`
to `config.get`.
tags/v1.0.0
Steven Daniele 4 years ago
parent
94d2b0b97c
commit
afcf5e7700
No account linked to committer's email address
6 changed files with 176 additions and 34 deletions
Unified View Show Diff Stats
  1. +12
    -13
      firewalld/defaults.yaml
  2. +20
    -10
      firewalld/map.jinja
  3. +35
    -0
      firewalld/osarchmap.yaml
  4. +31
    -11
      firewalld/osfamilymap.yaml
  5. +45
    -0
      firewalld/osfingermap.yaml
  6. +33
    -0
      firewalld/osmap.yaml

+ 12
- 13
firewalld/defaults.yaml View File

# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# vim: ft=yaml # vim: ft=yaml
--- ---
default:
firewalld:
enabled: true
package: firewalld
service: firewalld
config: /etc/firewalld.conf
firewalld:
enabled: true
package: firewalld
service: firewalld
config: /etc/firewalld.conf


ipset:
manage: false
pkg: ipset
ipset:
manage: false
pkg: ipset


backend:
manage: false
pkg: nftables
backend:
manage: false
pkg: nftables


ipsets: {}
ipsets: {}

+ 20
- 10
firewalld/map.jinja View File



{#- Start with defaults from defaults.yaml #} {#- Start with defaults from defaults.yaml #}
{% import_yaml "firewalld/defaults.yaml" as default_settings %} {% import_yaml "firewalld/defaults.yaml" as default_settings %}
{% import_yaml "firewalld/osarchmap.yaml" as osarchmap %}
{% import_yaml "firewalld/osfamilymap.yaml" as osfamilymap %} {% import_yaml "firewalld/osfamilymap.yaml" as osfamilymap %}
{% import_yaml "firewalld/osmap.yaml" as osmap %}
{% import_yaml "firewalld/osfingermap.yaml" as osfingermap %}


{% set platform_defaults = salt['grains.filter_by'](default_settings,
default='default',
merge=salt['grains.filter_by'](osfamilymap, grain='os_family',
merge=salt['pillar.get']('firewalld:lookup')
{% set _config = salt['config.get']('firewalld', default={}) %}

{% set defaults = salt['grains.filter_by'](default_settings,
default='firewalld',
merge=salt['grains.filter_by'](osarchmap, grain='osarch',
merge=salt['grains.filter_by'](osfamilymap, grain='os_family',
merge=salt['grains.filter_by'](osmap, grain='os',
merge=salt['grains.filter_by'](osfingermap, grain='osfinger',
merge=salt['grains.filter_by'](_config, default='lookup')
)
)
)
) )
) %} ) %}


{#- Merge in salt:lookup pillar #}
{% set firewalld = salt['pillar.get'](
'firewalld',
default=platform_defaults.firewalld,
merge=True)
%}
{% set firewalld = salt['grains.filter_by'](
{'defaults': defaults},
default='defaults',
merge=_config
) %}

+ 35
- 0
firewalld/osarchmap.yaml View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
#
# Setup variables using grains['osarch'] based logic.
# You just need to add the key:values for an `osarch` that differ
# from `defaults.yaml`.
# Only add an `osarch` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `osarch` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osarch: {}
---
amd64:
arch: amd64

x86_64:
arch: amd64

386:
arch: 386

arm64:
arch: arm64

armv6l:
arch: armv6l

armv7l:
arch: armv7l

ppc64le:
arch: ppc64le

s390x:
arch: s390x

+ 31
- 11
firewalld/osfamilymap.yaml View File

# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# # vim: ft=yaml
# os_family defaults
# only add key:values here that differ from whats in defaults.yaml
# vim: ft=yaml
#
# Setup variables using grains['os_family'] based logic.
# You just need to add the key:values for an `os_family` that differ
# from `defaults.yaml` + `osarch.yaml`.
# Only add an `os_family` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `os_family` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osfamilymap: {}
--- ---
Debian:
firewalld: {}
RedHat:
firewalld: {}
Arch:
firewalld: {}
Suse:
firewalld: {}
Debian: {}

RedHat: {}

Suse: {}

Gentoo: {}

Arch: {}

Alpine: {}

FreeBSD: {}

OpenBSD: {}

Solaris: {}

Windows: {}

MacOS: {}

+ 45
- 0
firewalld/osfingermap.yaml View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
#
# Setup variables using grains['osfinger'] based logic.
# You just need to add the key:values for an `osfinger` that differ
# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`.
# Only add an `osfinger` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `os_finger` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osfingermap: {}
---
# os: Debian
Debian-10: {}
Debian-9: {}
Debian-8: {}

# os: Ubuntu
Ubuntu-18.04: {}
Ubuntu-16.04: {}

# os: Fedora
Fedora-31: {}
Fedora-30: {}

# os: CentOS
CentOS Linux-8: {}
CentOS Linux-7: {}
CentOS-6: {}

# os: Amazon
Amazon Linux-2: {}
Amazon Linux AMI-2018: {}

# os: SUSE
Leap-15: {}

# os: FreeBSD
FreeBSD-12: {}

# os: Windows
Windows-8.1: {}

# os: Gentoo
Gentoo-2: {}

+ 33
- 0
firewalld/osmap.yaml View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
#
# Setup variables using grains['os'] based logic.
# You just need to add the key:values for an `os` that differ
# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`.
# Only add an `os` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `os` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osmap: {}
---
# os_family: Debian
Ubuntu: {}
Raspbian: {}

# os_family: RedHat
Fedora: {}
CentOS: {}
Amazon: {}

# os_family: Suse
SUSE: {}
openSUSE: {}

# os_family: Gentoo
Funtoo: {}

# os_family: Arch
Manjaro: {}

# os_family: Solaris
SmartOS: {}

Write Preview
Loading…
Cancel
Save