.. _readme:

firewalld-formula

|img_travis| |img_sr|

.. |img_travis| image:: https://travis-ci.com/saltstack-formulas/firewalld-formula.svg?branch=master :alt: Travis CI Build Status :scale: 100% :target: https://travis-ci.com/saltstack-formulas/firewalld-formula .. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg :alt: Semantic Release :scale: 100% :target: https://github.com/semantic-release/semantic-release

A SaltStack Formula to set up and configure Firewalld, a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces.

.. contents:: Table of Contents

General notes

See the full SaltStack Formulas installation and usage instructions <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html>_.

If you are interested in writing or contributing to formulas, please pay attention to the Writing Formula Section <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#writing-formulas>_.

If you want to use this formula, please pay attention to the FORMULA file and/or git tag, which contains the currently released version. This formula is versioned according to Semantic Versioning <http://semver.org/>_.

See Formula Versioning Section <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#versioning>_ for more details.

If you need (non-default) configuration, please pay attention to the pillar.example file and/or Special notes_ section.

Contributing to this repo

Commit message formatting is significant!!

Please see How to contribute <https://github.com/saltstack-formulas/.github/blob/master/CONTRIBUTING.rst>_ for more details.

Special notes

None

TODO

• configure local pre-commit hooks (code syntax check based on file extension, check for ugly utf-8 mac os white space)

Instructions

1. Add this repository as a GitFS <http://docs.saltstack.com/topics/tutorials/gitfs.html>_ backend in your Salt master config.

2. Configure your Pillar top file (/srv/pillar/top.sls), see pillar.example

3. Include this Formula within another Formula or simply define your needed states within the Salt top file (/srv/salt/top.sls).

Additional resources

None

Formula Dependencies

None

Contributions

Contributions are always welcome. All development guidelines you have to know are

• write clean code (proper YAML+Jinja syntax, no trailing whitespaces, no empty lines with whitespaces, LF only)
• set sane default settings
• test your code
• update README.rst doc

Salt Compatibility

Tested with:

• 2018.3.x (will probably work too with 2017.x.x)

OS Compatibility

Tested with:

• CentOS 7
• Debian 9
• Ubuntu 18.04

Available states

.. contents:: :local:

firewalld ^^^^^^^^^^^^^

Manage firewalld

Testing

Linux testing is done with kitchen-salt.

Requirements ^^^^^^^^^^^^

• Ruby
• Docker

.. code-block:: bash

$ gem install bundler $ bundle install $ bin/kitchen test [platform]

Where [platform] is the platform name defined in kitchen.yml, e.g. debian-9-2019-2-py3.

bin/kitchen converge ^^^^^^^^^^^^^^^^^^^^^^^^

Creates the docker instance and runs the firewalld main state, ready for testing.

bin/kitchen verify ^^^^^^^^^^^^^^^^^^^^^^

Runs the inspec tests on the actual instance.

bin/kitchen destroy ^^^^^^^^^^^^^^^^^^^^^^^

Removes the docker instance.

bin/kitchen test ^^^^^^^^^^^^^^^^^^^^

Runs all of the stages above in one go: i.e. destroy + converge + verify + destroy.

bin/kitchen login ^^^^^^^^^^^^^^^^^^^^^

Gives you SSH access to the instance for manual testing.