From 0f808d6afb383c56abfa439fde0fab46374ea2d7 Mon Sep 17 00:00:00 2001
From: Imran Iqbal <iqbalmy@hotmail.com>
Date: Sat, 9 Nov 2019 07:13:38 +0000
Subject: [PATCH] fix(yamllint): fix all errors

```bash
firewalld-formula$ yamllint -s .
./pillar.example
  2:1       warning  missing document start "---"  (document-start)
  3:12      warning  truthy value should be one of [false, true]  (truthy)
  12:13     warning  truthy value should be one of [false, true]  (truthy)
  15:89     error    line too long (108 > 88 characters)  (line-length)
  19:13     warning  truthy value should be one of [false, true]  (truthy)
  30:89     error    line too long (363 > 88 characters)  (line-length)
  96:89     error    line too long (170 > 88 characters)  (line-length)
  108:15    error    wrong indentation: expected 12 but found 14  (indentation)
  115:13    error    empty value in block mapping  (empty-values)
  116:2     error    syntax error: found character '%' that cannot start any token
  152:89    error    line too long (112 > 88 characters)  (line-length)

./firewalld/defaults.yaml
  3:1       warning  missing document start "---"  (document-start)
```
---
 firewalld/defaults.yaml |  1 +
 pillar.example          | 48 +++++++++++++++++++++++++++++------------
 2 files changed, 35 insertions(+), 14 deletions(-)

diff --git a/firewalld/defaults.yaml b/firewalld/defaults.yaml
index 1334058..bbabd6e 100644
--- a/firewalld/defaults.yaml
+++ b/firewalld/defaults.yaml
@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
+---
 firewalld:
   enabled: true
   package: firewalld
diff --git a/pillar.example b/pillar.example
index 0969b97..6d78533 100644
--- a/pillar.example
+++ b/pillar.example
@@ -1,6 +1,9 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
 # FirewallD pillar examples:
 firewalld:
-  enabled: True
+  enabled: true
   IndividualCalls: 'no'
   LogDenied: 'off'
   AutomaticHelpers: 'system'
@@ -9,25 +12,30 @@ firewalld:
   RFC3964_IPv4: 'yes'
 
   ipset:
-    manage: True
+    manage: true
     pkg: ipset
 
-  # ipset:                          # Deprecated. Support for this format will be removed in future releases
-  # ipsetpackag: ipset              # Deprecated. Will be removed in future releases
+  # ipset:              # Deprecated. Will be removed in future releases
+  # ipsetpackag: ipset  # Deprecated. Will be removed in future releases
 
   backend:
-    manage: True
+    manage: true
     pkg: nftables
 
-  # installbackend: True            # Deprecated. Will be removed in future releases
-  # backendpackage: nftables        # Deprecated. Will be removed in future releases
+  # installbackend: true      # Deprecated. Will be removed in future releases
+  # backendpackage: nftables  # Deprecated. Will be removed in future releases
 
   default_zone: public
 
   services:
     sshcustom:
       short: sshcustom
-      description: SSH on port 3232 and 5252. Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.
+      description: >-
+        SSH on port 3232 and 5252. Secure Shell (SSH) is a protocol for logging
+        into and executing commands on remote machines. It provides secure
+        encrypted communications. If you plan on accessing your machine
+        remotely via SSH over a firewalled interface, enable this option. You
+        need the openssh-server package installed for this option to be useful.
       ports:
         tcp:
           - 3232
@@ -93,7 +101,10 @@ firewalld:
   zones:
     public:
       short: Public
-      description: "For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted."
+      description: >-
+        For use in public areas. You do not trust the other computers on
+        networks to not harm your computer. Only selected incoming connections
+        are accepted.
       services:
         - http
         - zabbixcustom
@@ -105,7 +116,7 @@ firewalld:
       rich_rules:
         - family: ipv4
           source:
-              address: 8.8.8.8/24
+            address: 8.8.8.8/24
           accept: true
         - family: ipv4
           ipset:
@@ -113,14 +124,14 @@ firewalld:
           reject:
             type: icmp-port-unreachable
       ports:
-{% if grains['id'] == 'salt.example.com' %}
+        # {%- if grains['id'] == 'salt.example.com' %}
         - comment: salt-master
           port: 4505
           protocol: tcp
         - comment: salt-python
           port: 4506
           protocol: tcp
-{% endif %}
+        # {%- endif %}
         - comment: zabbix-agent
           port: 10050
           protocol: tcp
@@ -149,8 +160,17 @@ firewalld:
         table: filter
         chain: FORWARD
         priority: "0"
-        args: "-i iintern -o iextern -s 192.168.1.0/24 -m conntrack --ctstate NEW,RELATED,ESTABLISHED -j ACCEPT"
+        args: >-
+          -i iintern
+          -o iextern
+          -s 192.168.1.0/24
+          -m conntrack
+          --ctstate NEW,RELATED,ESTABLISHED
+          -j ACCEPT
     passthrough:
       MYPASSTHROUGH:
         ipv: ipv4
-        args: "-t raw -A MYCHAIN -j DROP"
+        args: >-
+          -t raw
+          -A MYCHAIN
+          -j DROP