42 lines
1.1 KiB
Plaintext
42 lines
1.1 KiB
Plaintext
|
# == State: firewalld._service
|
||
|
#
|
||
|
# This state ensures that /etc/firewalld/services/ exists.
|
||
|
#
|
||
|
/etc/firewalld/services:
|
||
|
file.directory: # make sure this is a directory
|
||
|
- user: root
|
||
|
- group: root
|
||
|
- mode: 750
|
||
|
- require:
|
||
|
- pkg: firewalld # make sure package is installed
|
||
|
- watch_in:
|
||
|
- service: firewalld # restart service
|
||
|
|
||
|
|
||
|
# == Define: firewalld._service
|
||
|
#
|
||
|
# This defines a service configuration, see firewalld.service (5) man page.
|
||
|
# You usually don't need this, you can simply add ports to zone.
|
||
|
|
||
|
{% for k, v in salt['pillar.get']('firewalld:services', {}).items() %}
|
||
|
{% set s_name = v.name|default(k) %}
|
||
|
|
||
|
/etc/firewalld/services/{{ s_name }}.xml:
|
||
|
file:
|
||
|
- managed
|
||
|
- name: /etc/firewalld/services/{{ s_name }}.xml
|
||
|
- user: root
|
||
|
- group: root
|
||
|
- mode: 644
|
||
|
- source: salt://firewalld/files/service.xml
|
||
|
- template: jinja
|
||
|
- require:
|
||
|
- pkg: firewalld # make sure package is installed
|
||
|
- watch_in:
|
||
|
- service: firewalld # restart service
|
||
|
- context:
|
||
|
name: {{ s_name }}
|
||
|
service: {{ v }}
|
||
|
|
||
|
{% endfor %}
|