From 5e02090bc6037ac2e30190d97c3717c3fee01f96 Mon Sep 17 00:00:00 2001
From: Georg Pfuetzenreuter
Date: Sun, 5 Feb 2023 14:29:25 +0100
Subject: web-proxy: add firewall configuration

Allow internal http and https to pass on web proxies.
To-do: logic for web proxies directly attached to the internet.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
---
 pillar/role/web-proxy.sls | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/pillar/role/web-proxy.sls b/pillar/role/web-proxy.sls
index 1b7497c..2adc81c 100644
--- a/pillar/role/web-proxy.sls
+++ b/pillar/role/web-proxy.sls
@@ -28,4 +28,9 @@ nginx:
       {%- endfor %}
     {%- endif %}
 
-
+firewalld:
+  zones:
+    internal:
+      services:
+        - http
+        - https
-- 
cgit v1.2.3