summaryrefslogtreecommitdiffstats
path: root/pillar/global/init.sls
Commit message (Collapse)AuthorAgeFilesLines
* Manage backend firewall zoneimport-denc-webclusterGeorg Pfuetzenreuter2023-02-121-0/+4
| | | | | | | Configure backend firewall zones if applicable. Allow all UDP for cluster traffic. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Refactor map/macro sourcingGeorg Pfuetzenreuter2023-01-301-1/+1
| | | | | | | | - move pillar macros and map to base directory - move listener logic from macro to map - update includes respectively Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Set firewalld short zone namesGeorg Pfuetzenreuter2023-01-291-2/+2
| | | | | | To match the SUSE defaults deployed by our AutoYaST configuration. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Firewall interface mapping logicGeorg Pfuetzenreuter2023-01-291-0/+7
| | | | | | | | | Detect which interfaces belong to which zones, and configure firewalld accordingly. Backend zone is currently only prepared and yet to be tested and enabled. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Mine interfacesGeorg Pfuetzenreuter2023-01-291-0/+1
| | | | | | Needed for firewall interface-zone mapping logic. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Manage common firewalld rulesGeorg Pfuetzenreuter2023-01-291-0/+8
| | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Mine IPv6 addressesGeorg Pfuetzenreuter2023-01-281-0/+1
| | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Mine IP addressesGeorg Pfuetzenreuter2023-01-281-0/+3
| | | | | | Add Salt mine configuration to collect minion IP addresses. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Manage common SSH serverGeorg Pfuetzenreuter2023-01-261-0/+1
| | | | Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* mta.postfix->global.mta pillar; remove mta profileGeorg Pfuetzenreuter2023-01-261-1/+1
| | | | | | | This is more a MTA configuration for system email on all hosts instead of a dedicated email server role. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
* Move common to global pillarGeorg Pfuetzenreuter2023-01-261-0/+13
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>