Browse Source

Fix failing test on ubuntu trusty

pull/16/head
Bruno Binet 7 years ago
parent
commit
6f989c46df
3 changed files with 11 additions and 5 deletions
  1. +5
    -1
      iptables/map.jinja
  2. +5
    -3
      iptables/rules.sls
  3. +1
    -1
      iptables/service.sls

+ 5
- 1
iptables/map.jinja View File

@@ -1,15 +1,19 @@

{% set service = salt['grains.filter_by']({
'Debian': {
'pkgs': ['iptables','netfilter-persistent' ],
'pkgs': ['iptables','netfilter-persistent'],
'service': 'netfilter-persistent',
'providers': ['iptables-restore'],
},
'RedHat': {
'pkgs': ['iptables'],
'service': 'iptables',
'providers': [],
},
}, merge=salt['grains.filter_by']({
'trusty': {
'pkgs': ['iptables','iptables-persistent'],
'service': 'iptables-persistent',
'providers': [],
},
}, grain='oscodename', merge=salt['pillar.get']('iptables:service'))) %}

+ 5
- 3
iptables/rules.sls View File

@@ -1,17 +1,19 @@
{% from "iptables/map.jinja" import service with context %}
{%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %}

{%- if grains.os_family == 'Debian' and service.get('provider') == "iptables-restore" %}
{%- if 'iptables-restore' in service.providers and service.get('provider') == "iptables-restore" %}

{%- set meta_rules = [] %}
{%- for service_name, service in pillar.items() %}
{%- if service.get('_support', {}).get('iptables', {}).get('enabled', False) %}
{%- for service_name, meta_service in pillar.items() %}
{%- if meta_service is mapping %}
{%- if meta_service.get('_support', {}).get('iptables', {}).get('enabled', False) %}

{%- set grains_fragment_file = service_name+'/meta/iptables.yml' %}
{%- macro load_grains_file() %}{% include grains_fragment_file %}{% endmacro %}
{%- set grains_yaml = load_grains_file()|load_yaml %}
{%- set meta_rules = meta_rules + grains_yaml.iptables.rules %}

{%- endif %}
{%- endif %}
{%- endfor %}
/etc/iptables/rules.v4.tmp:

+ 1
- 1
iptables/service.sls View File

@@ -9,7 +9,7 @@ iptables_packages:
pkg.installed:
- names: {{ service.pkgs }}

{%- if grains.os_family == 'Debian' %}
{%- if 'iptables-restore' in service.providers %}
/usr/share/netfilter-persistent/plugins.d/15-ip4tables:
file.managed:
- source: salt://iptables/files/ip4tables

Loading…
Cancel
Save