.. _readme: firewalld-formula ================= |img_travis| |img_sr| .. |img_travis| image:: https://travis-ci.com/saltstack-formulas/firewalld-formula.svg?branch=master :alt: Travis CI Build Status :scale: 100% :target: https://travis-ci.com/saltstack-formulas/firewalld-formula .. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg :alt: Semantic Release :scale: 100% :target: https://github.com/semantic-release/semantic-release A SaltStack Formula to set up and configure Firewalld, a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces. .. contents:: **Table of Contents** General notes ------------- See the full `SaltStack Formulas installation and usage instructions `_. If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section `_. If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``, which contains the currently released version. This formula is versioned according to `Semantic Versioning `_. See `Formula Versioning Section `_ for more details. If you need (non-default) configuration, please pay attention to the ``pillar.example`` file and/or `Special notes`_ section. Contributing to this repo ------------------------- **Commit message formatting is significant!!** Please see `How to contribute `_ for more details. Special notes ------------- None TODO ---- * configure local pre-commit hooks (code syntax check based on file extension, check for ugly *utf-8 mac os white space*) Instructions ------------ 1. Add this repository as a `GitFS `_ backend in your Salt master config. 2. Configure your Pillar top file (``/srv/pillar/top.sls``), see pillar.example 3. Include this Formula within another Formula or simply define your needed states within the Salt top file (``/srv/salt/top.sls``). Additional resources -------------------- None Formula Dependencies -------------------- None Contributions ------------- Contributions are always welcome. All development guidelines you have to know are * write clean code (proper YAML+Jinja syntax, no trailing whitespaces, no empty lines with whitespaces, LF only) * set sane default settings * test your code * update README.rst doc Salt Compatibility ------------------ Tested with: * 2018.3.x (will probably work too with 2017.x.x) OS Compatibility ---------------- Tested with: * CentOS 7 * Debian 9 * Ubuntu 18.04 Available states ---------------- .. contents:: :local: ``firewalld`` ^^^^^^^^^^^^^ Manage firewalld Testing ------- Linux testing is done with ``kitchen-salt``. Requirements ^^^^^^^^^^^^ * Ruby * Docker .. code-block:: bash $ gem install bundler $ bundle install $ bin/kitchen test [platform] Where ``[platform]`` is the platform name defined in ``kitchen.yml``, e.g. ``debian-9-2019-2-py3``. ``bin/kitchen converge`` ^^^^^^^^^^^^^^^^^^^^^^^^ Creates the docker instance and runs the ``firewalld`` main state, ready for testing. ``bin/kitchen verify`` ^^^^^^^^^^^^^^^^^^^^^^ Runs the ``inspec`` tests on the actual instance. ``bin/kitchen destroy`` ^^^^^^^^^^^^^^^^^^^^^^^ Removes the docker instance. ``bin/kitchen test`` ^^^^^^^^^^^^^^^^^^^^ Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``. ``bin/kitchen login`` ^^^^^^^^^^^^^^^^^^^^^ Gives you SSH access to the instance for manual testing.