diff options
| author | Georg Pfuetzenreuter | 2023-04-30 16:07:21 +0200 |
|---|---|---|
| committer | Georg Pfuetzenreuter | 2023-04-30 16:07:21 +0200 |
| commit | b685f16c914b9fa05bda7c69ce9e157d04262d09 (patch) | |
| tree | 5cc9a630225f45241ab42504885d0b1d28c53e07 /pillar | |
| parent | f90197f791dbedced8867309b0bb7c57c596ff04 (diff) | |
| download | salt-b685f16c914b9fa05bda7c69ce9e157d04262d09.tar.gz salt-b685f16c914b9fa05bda7c69ce9e157d04262d09.tar.bz2 salt-b685f16c914b9fa05bda7c69ce9e157d04262d09.zip | |
Add manage_firewall conditional
Allow us to enroll machines in Salt which do not yet have their firewall
configuration imported without having their rules overwritten.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Diffstat (limited to 'pillar')
| -rw-r--r-- | pillar/cluster/denc/web-proxy.sls | 1 | ||||
| -rw-r--r-- | pillar/id/dericom02_rigel_lysergic_dev.sls | 1 | ||||
| -rw-r--r-- | pillar/id/derimisc01_rigel_lysergic_dev.sls | 2 | ||||
| -rw-r--r-- | pillar/id/deriweb01_rigel_lysergic_dev.sls | 1 | ||||
| -rw-r--r-- | pillar/id/moni_lysergic_dev.sls | 2 | ||||
| -rw-r--r-- | pillar/id/themis_lysergic_dev.sls | 1 |
6 files changed, 8 insertions, 0 deletions
diff --git a/pillar/cluster/denc/web-proxy.sls b/pillar/cluster/denc/web-proxy.sls index 61fd653..0bdeec7 100644 --- a/pillar/cluster/denc/web-proxy.sls +++ b/pillar/cluster/denc/web-proxy.sls @@ -212,6 +212,7 @@ nginx: - error_log: /var/log/nginx/libsso_public.error.log - access_log: /var/log/nginx/libsso_public.access.log combined +manage_firewall: True firewalld: zones: public: diff --git a/pillar/id/dericom02_rigel_lysergic_dev.sls b/pillar/id/dericom02_rigel_lysergic_dev.sls index 4cc5145..2462239 100644 --- a/pillar/id/dericom02_rigel_lysergic_dev.sls +++ b/pillar/id/dericom02_rigel_lysergic_dev.sls @@ -267,6 +267,7 @@ profile: host: 'chillnet\.matterbridge\.dericom02\.rigel\.lysergic\.dev' root: {{ mediapath }}chill +manage_firewall: True firewalld: zones: web: diff --git a/pillar/id/derimisc01_rigel_lysergic_dev.sls b/pillar/id/derimisc01_rigel_lysergic_dev.sls index 1c6928d..98c2919 100644 --- a/pillar/id/derimisc01_rigel_lysergic_dev.sls +++ b/pillar/id/derimisc01_rigel_lysergic_dev.sls @@ -12,3 +12,5 @@ tor: hostname: cr36xbvmgjwnfw4sly4kuc6c3ozhesjre3y5pggq5xdkkmbrq6dz4fad.onion hs_ed25519_public_key: PT0gZWQyNTUxOXYxLXB1YmxpYzogdHlwZTAgPT0AAAAUd+uGrDJs0tuSXjiqC8LbsnJJMSbx15jQ7calMDGHhw== hs_ed25519_secret_key: ${'secret_tor:hidden_services:irc:key'} + +manage_firewall: True diff --git a/pillar/id/deriweb01_rigel_lysergic_dev.sls b/pillar/id/deriweb01_rigel_lysergic_dev.sls index a0ed675..1be2ab9 100644 --- a/pillar/id/deriweb01_rigel_lysergic_dev.sls +++ b/pillar/id/deriweb01_rigel_lysergic_dev.sls @@ -441,3 +441,4 @@ nginx: - sub_filter_types: application/xml - sub_filter: takahe.rigel.lysergic.dev:8000 exhausted.life +manage_firewall: True diff --git a/pillar/id/moni_lysergic_dev.sls b/pillar/id/moni_lysergic_dev.sls index 2ebf296..60c3e5c 100644 --- a/pillar/id/moni_lysergic_dev.sls +++ b/pillar/id/moni_lysergic_dev.sls @@ -108,3 +108,5 @@ prometheus: require_tls: false smarthost: 'zz0.email:465' send_resolved: yes + +manage_firewall: True diff --git a/pillar/id/themis_lysergic_dev.sls b/pillar/id/themis_lysergic_dev.sls index 67a7757..52186a6 100644 --- a/pillar/id/themis_lysergic_dev.sls +++ b/pillar/id/themis_lysergic_dev.sls @@ -142,6 +142,7 @@ profile: pwd: ${'secret_privatebin:model_options:pwd'} opt[12]: true +manage_firewall: True firewalld: zones: backend: |