Browse Source
Refactor backend format, add backward compatibility, simple pkg testing
See https://github.com/saltstack-formulas/firewalld-formula/pull/21#pullrequestreview-146958098tags/v0.6.2
Javier Bértoli
6 years ago
6 changed files with 53 additions and 5 deletions
+ 28
- 2
firewalld/backend.sls
View File
| # | # | ||||
| {% from "firewalld/map.jinja" import firewalld with context %} | {% from "firewalld/map.jinja" import firewalld with context %} | ||||
| {%- if salt['pillar.get']('firewalld:installbackend') %} | |||||
| {% set backend_manage = firewalld.backend.manage %} | |||||
| {% set backend_pkg = firewalld.backend.pkg %} | |||||
| # Backward compatibility setting and deprecation notices | |||||
| ### Manage setting (old firewalld:installbackend) | |||||
| {% if firewalld.installbackend is defined %} | |||||
| firewalld-installbackend-deprecated: | |||||
| test.show_notification: | |||||
| - text: | | |||||
| 'firewalld:installbackend' is deprecated. Set 'firewalld:backend:manage' instead. | |||||
| See firewalld/pillar.example for more information | |||||
| {% set backend_manage = firewalld.installbackend %} | |||||
| {% endif %} | |||||
| ### Package setting (old firewalld:backendpackage) | |||||
| {% if firewalld.backendpackage is defined %} | |||||
| firewalld-backendpackage-deprecated: | |||||
| test.show_notification: | |||||
| - text: | | |||||
| 'firewalld:backendpackage' is deprecated. Use 'firewalld:backend:pkg' instead | |||||
| See firewalld/pillar.example for more information | |||||
| {% set backend_pkg = firewalld.backendpackage %} | |||||
| {% endif %} | |||||
| {%- if backend_manage %} | |||||
| package_backend: | package_backend: | ||||
| pkg.installed: | pkg.installed: | ||||
| - name: {{ firewalld.backendpackage }} | |||||
| - name: {{ backend_pkg }} | |||||
| {%- endif %} | {%- endif %} |
+ 2
- 2
firewalld/defaults.yaml
View File
| config: /etc/firewalld.conf | config: /etc/firewalld.conf | ||||
| ipset: | ipset: | ||||
| manage: true | |||||
| manage: false | |||||
| pkg: ipset | pkg: ipset | ||||
| backend: | backend: | ||||
| manage: true | |||||
| manage: false | |||||
| pkg: nftables | pkg: nftables | ||||
| ipsets: {} | ipsets: {} |
+ 2
- 1
pillar.example
View File
| manage: True | manage: True | ||||
| pkg: ipset | pkg: ipset | ||||
| installbackend: False | |||||
| installbackend: True | |||||
| backendpackage: nftables | |||||
| default_zone: public | default_zone: public | ||||
| services: | services: |
+ 3
- 0
test/integration/default/backend_spec.rb
View File
| describe package('nftables') do | |||||
| it { should be_installed } | |||||
| end |
+ 15
- 0
test/integration/default/firewalld_spec.rb
View File
| describe package('firewalld') do | |||||
| it { should be_installed } | |||||
| end | |||||
| describe service('firewalld') do | describe service('firewalld') do | ||||
| it { should be_enabled } | |||||
| it { should be_running } | it { should be_running } | ||||
| end | end | ||||
| describe service('iptables') do | |||||
| it { should_not be_enabled } | |||||
| it { should_not be_running } | |||||
| end | |||||
| describe service('ip6tables') do | |||||
| it { should_not be_enabled } | |||||
| it { should_not be_running } | |||||
| end |
+ 3
- 0
test/integration/default/ipset_spec.rb
View File
| describe package('ipset') do | |||||
| it { should be_installed } | |||||
| end |
Loading…