Manage common firewalld rules

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
author: Georg Pfuetzenreuter 2023-01-29 15:49:48 +0100
committer: Georg Pfuetzenreuter 2023-01-29 15:49:48 +0100
commit: e395f7f0a3ab7b4542588ee77499fdd511d4fc28 (patch)
tree: f1185d411bd32d04cef591519f2f395f152684fd
parent: e62080ae5bbd8a530a794cd43b91e15d188d84dd (diff)
download: salt-e395f7f0a3ab7b4542588ee77499fdd511d4fc28.tar.gz
salt-e395f7f0a3ab7b4542588ee77499fdd511d4fc28.tar.bz2
salt-e395f7f0a3ab7b4542588ee77499fdd511d4fc28.zip
2 files changed, 13 insertions, 0 deletions
diff --git a/pillar/global/init.sls b/pillar/global/init.sls
index 349bd93..a7669ae 100644
--- a/pillar/global/init.sls
+++ b/pillar/global/init.sls
@@ -11,6 +11,14 @@ managed_header_pound: |
 {%- if grains['os'] == 'SUSE' %}
 zypper:
   refreshdb_force: False
+
+firewalld:
+  zones:
+    internal:
+      ports:
+        - comment: node_exporter
+          port: 9200
+          protocol: tcp
 {%- endif %}
 
 mine_functions:
diff --git a/pillar/global/ssh.sls b/pillar/global/ssh.sls
index 5d0e59f..8c18a86 100644
--- a/pillar/global/ssh.sls
+++ b/pillar/global/ssh.sls
@@ -30,3 +30,8 @@ sshd_config:
   Subsystem: sftp /usr/lib/ssh/sftp-server
   Banner: /etc/ssh/banner
 
+firewalld:
+  zones:
+    internal:
+      services:
+        - ssh
author	Georg Pfuetzenreuter	2023-01-29 15:49:48 +0100
committer	Georg Pfuetzenreuter	2023-01-29 15:49:48 +0100
commit	e395f7f0a3ab7b4542588ee77499fdd511d4fc28 (patch)
tree	f1185d411bd32d04cef591519f2f395f152684fd
parent	e62080ae5bbd8a530a794cd43b91e15d188d84dd (diff)
download	salt-e395f7f0a3ab7b4542588ee77499fdd511d4fc28.tar.gz salt-e395f7f0a3ab7b4542588ee77499fdd511d4fc28.tar.bz2 salt-e395f7f0a3ab7b4542588ee77499fdd511d4fc28.zip