kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests Releases Activity

bw/nfs close ports no longer needed for nfs4

Browse source
This commit is contained in:
Sophie Schiller 2025-04-05 20:15:50 +02:00
parent d584fd88d7
commit c905b7dc13
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
bundles/nfs-server/metadata.py
View file

@ -33,7 +33,10 @@ def firewall(metadata):
ips.add(share_target) ips.add(share_target)
rules = {} rules = {}
for port in ('111', '2049', '1110', '4045', '35295'): ports = ('111', '2049', '1110', '4045', '35295')
if metadata.get('nfs-server/version', 3) == 4:
ports = ('111', '2049')
for port in ports:
for proto in ('/tcp', '/udp'): for proto in ('/tcp', '/udp'):
rules[port + proto] = atomic(ips) rules[port + proto] = atomic(ips)

6
nodes/sophie/vmhost.py
View file

@ -13,6 +13,11 @@ nodes['sophie.vmhost'] = {
'debian-bookworm', 'debian-bookworm',
}, },
'metadata': { 'metadata': {
'apt': {
'packages': {
'irqbalance': {},
},
},
'groups': { 'groups': {
'nas': {}, 'nas': {},
}, },
@ -54,6 +59,7 @@ nodes['sophie.vmhost'] = {
}, },
}, },
'nfs-server': { 'nfs-server': {
'version': 4,
'shares': { 'shares': {
'/srv/nas': { '/srv/nas': {
'172.19.164.0/24': 'ro,all_squash,anonuid=65534,anongid=65534,no_subtree_check', '172.19.164.0/24': 'ro,all_squash,anonuid=65534,anongid=65534,no_subtree_check',