summaryrefslogtreecommitdiffstats
path: root/pillar
diff options
context:
space:
mode:
authorGeorg Pfuetzenreuter2023-04-30 16:07:21 +0200
committerGeorg Pfuetzenreuter2023-04-30 16:07:21 +0200
commitb685f16c914b9fa05bda7c69ce9e157d04262d09 (patch)
tree5cc9a630225f45241ab42504885d0b1d28c53e07 /pillar
parentf90197f791dbedced8867309b0bb7c57c596ff04 (diff)
downloadsalt-b685f16c914b9fa05bda7c69ce9e157d04262d09.tar.gz
salt-b685f16c914b9fa05bda7c69ce9e157d04262d09.tar.bz2
salt-b685f16c914b9fa05bda7c69ce9e157d04262d09.zip
Add manage_firewall conditional
Allow us to enroll machines in Salt which do not yet have their firewall configuration imported without having their rules overwritten. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Diffstat (limited to 'pillar')
-rw-r--r--pillar/cluster/denc/web-proxy.sls1
-rw-r--r--pillar/id/dericom02_rigel_lysergic_dev.sls1
-rw-r--r--pillar/id/derimisc01_rigel_lysergic_dev.sls2
-rw-r--r--pillar/id/deriweb01_rigel_lysergic_dev.sls1
-rw-r--r--pillar/id/moni_lysergic_dev.sls2
-rw-r--r--pillar/id/themis_lysergic_dev.sls1
6 files changed, 8 insertions, 0 deletions
diff --git a/pillar/cluster/denc/web-proxy.sls b/pillar/cluster/denc/web-proxy.sls
index 61fd653..0bdeec7 100644
--- a/pillar/cluster/denc/web-proxy.sls
+++ b/pillar/cluster/denc/web-proxy.sls
@@ -212,6 +212,7 @@ nginx:
- error_log: /var/log/nginx/libsso_public.error.log
- access_log: /var/log/nginx/libsso_public.access.log combined
+manage_firewall: True
firewalld:
zones:
public:
diff --git a/pillar/id/dericom02_rigel_lysergic_dev.sls b/pillar/id/dericom02_rigel_lysergic_dev.sls
index 4cc5145..2462239 100644
--- a/pillar/id/dericom02_rigel_lysergic_dev.sls
+++ b/pillar/id/dericom02_rigel_lysergic_dev.sls
@@ -267,6 +267,7 @@ profile:
host: 'chillnet\.matterbridge\.dericom02\.rigel\.lysergic\.dev'
root: {{ mediapath }}chill
+manage_firewall: True
firewalld:
zones:
web:
diff --git a/pillar/id/derimisc01_rigel_lysergic_dev.sls b/pillar/id/derimisc01_rigel_lysergic_dev.sls
index 1c6928d..98c2919 100644
--- a/pillar/id/derimisc01_rigel_lysergic_dev.sls
+++ b/pillar/id/derimisc01_rigel_lysergic_dev.sls
@@ -12,3 +12,5 @@ tor:
hostname: cr36xbvmgjwnfw4sly4kuc6c3ozhesjre3y5pggq5xdkkmbrq6dz4fad.onion
hs_ed25519_public_key: PT0gZWQyNTUxOXYxLXB1YmxpYzogdHlwZTAgPT0AAAAUd+uGrDJs0tuSXjiqC8LbsnJJMSbx15jQ7calMDGHhw==
hs_ed25519_secret_key: ${'secret_tor:hidden_services:irc:key'}
+
+manage_firewall: True
diff --git a/pillar/id/deriweb01_rigel_lysergic_dev.sls b/pillar/id/deriweb01_rigel_lysergic_dev.sls
index a0ed675..1be2ab9 100644
--- a/pillar/id/deriweb01_rigel_lysergic_dev.sls
+++ b/pillar/id/deriweb01_rigel_lysergic_dev.sls
@@ -441,3 +441,4 @@ nginx:
- sub_filter_types: application/xml
- sub_filter: takahe.rigel.lysergic.dev:8000 exhausted.life
+manage_firewall: True
diff --git a/pillar/id/moni_lysergic_dev.sls b/pillar/id/moni_lysergic_dev.sls
index 2ebf296..60c3e5c 100644
--- a/pillar/id/moni_lysergic_dev.sls
+++ b/pillar/id/moni_lysergic_dev.sls
@@ -108,3 +108,5 @@ prometheus:
require_tls: false
smarthost: 'zz0.email:465'
send_resolved: yes
+
+manage_firewall: True
diff --git a/pillar/id/themis_lysergic_dev.sls b/pillar/id/themis_lysergic_dev.sls
index 67a7757..52186a6 100644
--- a/pillar/id/themis_lysergic_dev.sls
+++ b/pillar/id/themis_lysergic_dev.sls
@@ -142,6 +142,7 @@ profile:
pwd: ${'secret_privatebin:model_options:pwd'}
opt[12]: true
+manage_firewall: True
firewalld:
zones:
backend: