Firewall Module - Allow Minions to connect to salt

2025-12-12 12:12:59 +01:00 · 2018-06-19 10:10:03 -04:00
parent 4d140bc31f
commit 73841b0bc3
1 changed files with 21 additions and 19 deletions
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -1,4 +1,3 @@
-{% set minions = salt['pillar.get']('firewall.minions', {}) %}
 # Default Rules for everyone

 # Keep localhost in the game
@@ -53,6 +52,7 @@ enable_reject_policy:

 # Rules if you are a Master
 {% if grains['role'] == 'so-master' %}
+{% set minions = salt['pillar.get']('firewall.minions', {}) %}
 {% for ip in minions.get('minion_ips', []) %}

 enable_salt_minions_4505:
@@ -74,7 +74,9 @@ enable_reject_policy:
    - source: {{ ip }}
    - dport: 4506
    - save: True
+
 {% endfor %}
+
 {% endif %}

 # Rules if you are a Storage Node