microdevops.com-Dedicated, VPS, Cloud Server Setup, Support, Backup, Monitoring, Inventory. Configuration Management, Infrastructure as Code, DevOps. Docker, Repository, Registry Management. Pipeline Automation, CI, App Deployment to Environments, Kubernetes.

Blog

Company

declarative ufw error checking

pexels-conny-querales-araujo-de-bonaguro-5794871

With the transition to the ufw state instead of ufw_simple we got several important goodies:

  • time of firewall state application
  • hard reset of manually added rules
  • no need to delete old rules

But, one unpleasant moment appeared: if the pillars contain an error, the firewall may remain in an inferior state after use.

A way was found within the state to check for errors in the pillars (https://github.com/sysadmws/sysadmws-formula/blob/master/ufw/init.sls#L1), now the state is executed only if there are no errors.

Post Views: 335
Share this post