38 lines
824 B
Text
38 lines
824 B
Text
system_firewall_pkgs:
|
|
pkg.installed:
|
|
- pkgs:
|
|
- iptables
|
|
|
|
system_firewall_rules:
|
|
file.managed:
|
|
- name: /etc/iptables/rules-save
|
|
- source: salt://{{ tpldir }}/files/firewall_rules.v4.jinja
|
|
- template: jinja
|
|
- context:
|
|
STATE: {{ sls }}
|
|
ALLOWED_PORTS: [443, 25565]
|
|
- user: root
|
|
- group: root
|
|
- mode: '0600'
|
|
- makedirs: true
|
|
- require:
|
|
- system_firewall_pkgs
|
|
|
|
system_firewall_service_enable:
|
|
service.enabled:
|
|
- name: iptables
|
|
- require:
|
|
- system_firewall_pkgs
|
|
- system_firewall_rules
|
|
|
|
system_firewall_service_reload:
|
|
service.running:
|
|
- name: iptables
|
|
- enable: true
|
|
- reload: true
|
|
- watch:
|
|
- file: /etc/iptables/rules-save
|
|
- require:
|
|
- system_firewall_pkgs
|
|
- system_firewall_service_reload
|
|
|