Manage common firewalld rules

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-01-29 15:49:48 +01:00 · 2023-01-29 15:49:48 +01:00 · e395f7f0a3
commit e395f7f0a3
parent e62080ae5b
2 changed files with 13 additions and 0 deletions
--- a/pillar/global/init.sls
+++ b/pillar/global/init.sls
@ -11,6 +11,14 @@ managed_header_pound: |
 {%- if grains['os'] == 'SUSE' %}
 zypper:
  refreshdb_force: False
 firewalld:
  zones:
    internal:
      ports:
        - comment: node_exporter
          port: 9200
          protocol: tcp
 {%- endif %}
 mine_functions:
--- a/pillar/global/ssh.sls
+++ b/pillar/global/ssh.sls
@ -30,3 +30,8 @@ sshd_config:
  Subsystem: sftp /usr/lib/ssh/sftp-server
  Banner: /etc/ssh/banner
 firewalld:
  zones:
    internal:
      services:
        - ssh