modify nodes and bundles for new nftables syntax

2021-06-03 13:59:15 +02:00 · 2021-06-03 13:59:15 +02:00 · d569b00960
commit d569b00960
parent ecb67d012b
30 changed files with 172 additions and 126 deletions
--- a/bundles/postfix/files/main.cf
+++ b/bundles/postfix/files/main.cf
@ -18,7 +18,7 @@ alias_maps = hash:/etc/aliases
 relayhost = ${node.metadata['postfix']['relayhost']}
 % endif

-% if node.has_bundle('postfixadmin') or node.has_bundle('iptables'):
+% if node.has_bundle('postfixadmin') or node.has_bundle('nftables'):
 inet_interfaces = all
 % else:
 inet_interfaces = 127.0.0.1
--- a/bundles/postfix/metadata.py
+++ b/bundles/postfix/metadata.py
@ -100,11 +100,11 @@ def letsencrypt(metadata):


@metadata_reactor.provides(
-    'iptables/port_rules/25',
-    'iptables/port_rules/587',
-    'iptables/port_rules/2525',
+    'firewall/port_rules/25',
+    'firewall/port_rules/587',
+    'firewall/port_rules/2525',
 )
-def iptables(metadata):
+def firewall(metadata):
    if node.has_bundle('postfixadmin'):
        default = {'*'}
    else:
@ -119,7 +119,7 @@ def iptables(metadata):
        rules['2525'] = atomic(metadata.get('postfix/restrict-to', default))

    return {
-        'iptables': {
+        'firewall': {
            'port_rules': rules,
        },
    }