From 62f7080db9d5848b07807642dede498e6c58918c Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Sun, 21 Mar 2021 11:24:21 +0100
Subject: [PATCH] bundles/nfs-server: add iptables config

---
 bundles/nfs-server/metadata.py | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/bundles/nfs-server/metadata.py b/bundles/nfs-server/metadata.py
index 64a4bcd..df22834 100644
--- a/bundles/nfs-server/metadata.py
+++ b/bundles/nfs-server/metadata.py
@@ -1,3 +1,5 @@
+from bundlewrap.metadata import atomic
+
 defaults = {
     'apt': {
         'packages': {
@@ -5,3 +7,25 @@ defaults = {
         },
     },
 }
+
+
+@metadata_reactor.provides(
+    'iptables/port_rules',
+)
+def iptables(metadata):
+    ips = set()
+
+    for share_items in metadata.get('nfs-server/shares', {}).values():
+        for share_target in share_items:
+            ips.add(share_target.split('(', 2)[0])
+
+    return {
+        'iptables': {
+            'port_rules': {
+                '111': atomic(ips),
+                '111/udp': atomic(ips),
+                '2049': atomic(ips),
+                '35295': atomic(ips),
+            },
+        },
+    }