from bundlewrap.metadata import atomic

defaults = {
    'apt': {
        'packages': {
            'nfs-kernel-server': {
                'needed_by': {
                    'action:nfs_reload_shares',
                    'svc_systemd:nfs-server',
                },
            },
        },
    },
    'sysctl': {
        'options': {
            'fs.nfs.nlm_udpport': 4045,
            'fs.nfs.nlm_tcpport': 4045,
        },
        'reload_triggers': {
            'svc_systemd:nfs-server:restart',
        },
    },
}


@metadata_reactor.provides(
    'firewall/port_rules',
)
def firewall(metadata):
    ips = set()
    for share_items in metadata.get('nfs-server/shares', {}).values():
        for share_target in share_items:
            ips.add(share_target)

    rules = {}
    for port in ('111', '2049', '1110', '4045', '35295'):
        for proto in ('/tcp', '/udp'):
            rules[port + proto] = atomic(ips)

    return {
        'firewall': {
            'port_rules': rules,
        },
    }