bundlewrap/bundles/vmhost/items.py

files = {
    '/usr/local/share/icinga/plugins/check_vm_status': {
        'mode': '0755',
    },
}

if node.has_bundle('nftables'):
    # libvirt on debian depends on either iptables or firewalld. Since
    # we're managing firewall rules using bundlewrap, we don't want either
    # of thos to interfere. So we install firewalld, then ensure it is
    # never running. After that, we ensure the bundlewrap managed rules
    # are active.
    svc_systemd['firewalld'] = {
        'running': False,
        'enabled': False,
        'masked': True,
        'needs': {
            'pkg_apt:firewalld',
        },
        'needed_by': {
            'svc_systemd:nftables',
        },
        'triggers': {
            'svc_systemd:nftables:reload',
        },
    }
bundles/vmhost: add QEMU VM STATUS check 2020-11-21 19:58:55 +00:00			`files = {`
			`'/usr/local/share/icinga/plugins/check_vm_status': {`
			`'mode': '0755',`
			`},`
			`}`
modify nodes and bundles for new nftables syntax 2021-06-03 11:59:15 +00:00
			`if node.has_bundle('nftables'):`
			`# libvirt on debian depends on either iptables or firewalld. Since`
			`# we're managing firewall rules using bundlewrap, we don't want either`
			`# of thos to interfere. So we install firewalld, then ensure it is`
			`# never running. After that, we ensure the bundlewrap managed rules`
			`# are active.`
			`svc_systemd['firewalld'] = {`
			`'running': False,`
			`'enabled': False,`
			`'masked': True,`
			`'needs': {`
			`'pkg_apt:firewalld',`
			`},`
			`'needed_by': {`
			`'svc_systemd:nftables',`
			`},`
			`'triggers': {`
			`'svc_systemd:nftables:reload',`
			`},`
			`}`