44 lines
1,013 B
Python
44 lines
1,013 B
Python
from bundlewrap.metadata import atomic
|
|
|
|
defaults = {
|
|
'apt': {
|
|
'packages': {
|
|
'nfs-kernel-server': {
|
|
'needed_by': {
|
|
'action:nfs_reload_shares',
|
|
'svc_systemd:nfs-server',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'sysctl': {
|
|
'options': {
|
|
'fs.nfs.nlm_udpport': 4045,
|
|
'fs.nfs.nlm_tcpport': 4045,
|
|
},
|
|
'reload_triggers': {
|
|
'svc_systemd:nfs-server:restart',
|
|
},
|
|
},
|
|
}
|
|
|
|
|
|
@metadata_reactor.provides(
|
|
'firewall/port_rules',
|
|
)
|
|
def firewall(metadata):
|
|
ips = set()
|
|
for share_items in metadata.get('nfs-server/shares', {}).values():
|
|
for share_target in share_items:
|
|
ips.add(share_target)
|
|
|
|
rules = {}
|
|
for port in ('111', '2049', '1110', '4045', '35295'):
|
|
for proto in ('/tcp', '/udp'):
|
|
rules[port + proto] = atomic(ips)
|
|
|
|
return {
|
|
'firewall': {
|
|
'port_rules': rules,
|
|
},
|
|
}
|