bundlewrap/bundles/vmhost/items.py

36 lines
1 KiB
Python
Raw Permalink Normal View History

files = {
'/usr/local/share/icinga/plugins/check_vm_status': {
'mode': '0755',
},
}
2022-03-11 12:58:38 +00:00
if node.has_bundle('nftables') and node.has_bundle('apt'):
# libvirt on debian depends on either iptables or firewalld. Since
# we're managing firewall rules using bundlewrap, we don't want either
2022-03-11 12:58:38 +00:00
# of those to interfere. So we install firewalld, then ensure it is
# never running. After that, we ensure the bundlewrap managed rules
# are active.
svc_systemd['firewalld'] = {
'running': False,
'enabled': False,
'masked': True,
'needs': {
'pkg_apt:firewalld',
},
'needed_by': {
'svc_systemd:nftables',
},
'triggers': {
'svc_systemd:nftables:reload',
},
}
2022-03-11 12:58:38 +00:00
if node.has_bundle('pacman'):
svc_systemd['libvirtd'] = {
'running': None, # triggered via .socket
}
2022-03-11 12:58:38 +00:00
svc_systemd['virtlogd'] = {
'running': None, # triggered via .socket
2022-03-11 12:58:38 +00:00
'enabled': None, # triggered via .socket
}