bundlewrap/bundles/nfs-server/metadata.py

45 lines
1 KiB
Python
Raw Normal View History

from bundlewrap.metadata import atomic
2020-11-12 18:59:02 +00:00
defaults = {
'apt': {
'packages': {
2022-02-19 19:09:53 +00:00
'nfs-kernel-server': {
'needed_by': {
2022-02-18 21:18:44 +00:00
'action:nfs_reload_shares',
'svc_systemd:nfs-server',
},
2022-02-18 21:18:44 +00:00
},
2020-11-12 18:59:02 +00:00
},
},
'sysctl': {
'options': {
'fs.nfs.nlm_udpport': 4045,
'fs.nfs.nlm_tcpport': 4045,
},
'reload_triggers': {
'svc_systemd:nfs-server:restart',
},
},
2020-11-12 18:59:02 +00:00
}
@metadata_reactor.provides(
'firewall/port_rules',
)
def firewall(metadata):
ips = set()
for share_items in metadata.get('nfs-server/shares', {}).values():
for share_target in share_items:
ips.add(share_target)
rules = {}
for port in ('111', '2049', '1110', '4045', '35295'): # TODO find out if we need more ports
for proto in ('', '/udp'):
rules[port + proto] = atomic(ips)
return {
'firewall': {
'port_rules': rules,
},
}