salt.git/pillar/global, branch nsd

Manage backend firewall zone

2023-02-12T05:04:16+00:00

Configure backend firewall zones if applicable. Allow all UDP for
cluster traffic.

Signed-off-by: Georg Pfuetzenreuter

Refactor map/macro sourcing

2023-01-30T04:43:53+00:00

- move pillar macros and map to base directory
- move listener logic from macro to map
- update includes respectively

Signed-off-by: Georg Pfuetzenreuter

Set firewalld short zone names

2023-01-29T16:50:37+00:00

To match the SUSE defaults deployed by our AutoYaST configuration.

Signed-off-by: Georg Pfuetzenreuter

Allow IPv6-only interfaces + fixup

2023-01-29T16:38:29+00:00

- interfaces with no IPv4 address would cause a render failure
- repair if-clause needed for interfaces with only IPv4 addresses

Signed-off-by: Georg Pfuetzenreuter

Firewall interface mapping logic

2023-01-29T16:27:58+00:00

Detect which interfaces belong to which zones, and configure firewalld
accordingly.
Backend zone is currently only prepared and yet to be tested and
enabled.

Signed-off-by: Georg Pfuetzenreuter

Mine interfaces

2023-01-29T15:37:07+00:00

Needed for firewall interface-zone mapping logic.

Signed-off-by: Georg Pfuetzenreuter

Manage common firewalld rules

2023-01-29T14:49:48+00:00

Signed-off-by: Georg Pfuetzenreuter

Enable SSH banner

2023-01-29T13:15:40+00:00

Signed-off-by: Georg Pfuetzenreuter

Listeners macro: skip on empty mine

2023-01-28T01:14:37+00:00

Don't fail if mine does not contain information about the queried
minion.
In the future it would be nice to add another conditional to allow such
minions to fall-back to the locally executed network module for
masterless setups.

Signed-off-by: Georg Pfuetzenreuter

Listeners macro: use mined addresses

2023-01-28T00:32:23+00:00

The network module run on the Salt master, but the macro should fetch
minion addresses.

Signed-off-by: Georg Pfuetzenreuter