From 850d860d5931ce6068270f7cb25f5eace08c946f Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Sun, 21 Mar 2021 11:12:18 +0100
Subject: [PATCH] bundles/powerdns: add iptables config

---
 bundles/powerdns/metadata.py | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/bundles/powerdns/metadata.py b/bundles/powerdns/metadata.py
index e37b762..958fc46 100644
--- a/bundles/powerdns/metadata.py
+++ b/bundles/powerdns/metadata.py
@@ -165,3 +165,17 @@ def hosts_entries_for_all_dns_servers(metadata):
             'entries': entries,
         },
     }
+
+
+@metadata_reactor.provides(
+    'iptables/port_rules',
+)
+def iptables(metadata):
+    return {
+        'iptables': {
+            'port_rules': {
+                '53': atomic(metadata.get('powerdns/restrict-to', set('*'))),
+                '53/udp': atomic(metadata.get('powerdns/restrict-to', set('*'))),
+            },
+        },
+    }