mirror of
https://github.com/bpg/terraform-provider-proxmox.git
synced 2025-07-04 21:14:05 +00:00
98e1cff7fe
* refactoring existing cluster / firewall API for better composition * add basic security groups API fix linter errors * add rules API * fix after renaming resourceVirtualEnvironmentClusterIPSet * fix linter errors * make linter happy * even more refactoring * tidy up datasources * in refactoring spree * update examples * fix firewall resource/datasource & client error handling * add ipset(s) datasource * update docs * add security group resource with rules * docs * fix security group update, TODO: rule update * fix after rebase * add rule update, extract common rule schema, refactor group * fix linter errors * bump linter for ci * make alias and ipset reusable * make security group reusable * refactor datasources * add security group datasources * fix linter errors * update docs TODO: documentation for group datasources * add sg docs, update doc index * minor cleanup * fix examples & tests * stub for firewall-level options and rules * extract firewall interface * add firewall options and rules on the cluster level TODO: issues with rule list management * refactor all resources format AGAIN, now more flat, without complex subresources * sort out hierarchy of APIs and remove duplication in API wrappers * bring back security group * finally, working rules * restore cluster firewall option * add containers support * add options * move rules back under security group, update docs * fix vm_id / container_id attrs * add examples * cleanup * more cleanup Release-As: 0.17.0-rc1
132 lines
3.1 KiB
Go
132 lines
3.1 KiB
Go
/*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
package firewall
|
|
|
|
import (
|
|
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
|
|
)
|
|
|
|
const (
|
|
mkRuleAction = "action"
|
|
mkRuleComment = "comment"
|
|
mkRuleDPort = "dport"
|
|
mkRuleDest = "dest"
|
|
mkRuleEnable = "enable"
|
|
mkRuleIFace = "iface"
|
|
mkRuleLog = "log"
|
|
mkRuleMacro = "macro"
|
|
mkRulePos = "pos"
|
|
mkRuleProto = "proto"
|
|
mkRuleSource = "source"
|
|
mkRuleSPort = "sport"
|
|
mkRuleType = "type"
|
|
)
|
|
|
|
func RuleSchema() map[string]*schema.Schema {
|
|
return map[string]*schema.Schema{
|
|
mkRulePos: {
|
|
Type: schema.TypeInt,
|
|
Description: "Rule position",
|
|
Computed: true,
|
|
},
|
|
mkRuleAction: {
|
|
Type: schema.TypeString,
|
|
Description: "Rule action ('ACCEPT', 'DROP', 'REJECT')",
|
|
Required: true,
|
|
},
|
|
mkRuleType: {
|
|
Type: schema.TypeString,
|
|
Description: "Rule type ('in', 'out')",
|
|
Required: true,
|
|
},
|
|
mkRuleComment: {
|
|
Type: schema.TypeString,
|
|
Description: "Rule comment",
|
|
Computed: true,
|
|
},
|
|
mkRuleDest: {
|
|
Type: schema.TypeString,
|
|
Description: "Packet destination address",
|
|
Computed: true,
|
|
},
|
|
mkRuleDPort: {
|
|
Type: schema.TypeString,
|
|
Description: "TCP/UDP destination port.",
|
|
Computed: true,
|
|
},
|
|
mkRuleEnable: {
|
|
Type: schema.TypeBool,
|
|
Description: "Enable rule",
|
|
Computed: true,
|
|
},
|
|
mkRuleIFace: {
|
|
Type: schema.TypeString,
|
|
Description: "Network interface name.",
|
|
Computed: true,
|
|
},
|
|
mkRuleLog: {
|
|
Type: schema.TypeString,
|
|
Description: "Log level for this rule",
|
|
Computed: true,
|
|
},
|
|
mkRuleMacro: {
|
|
Type: schema.TypeString,
|
|
Description: "Use predefined standard macro",
|
|
Computed: true,
|
|
},
|
|
mkRuleProto: {
|
|
Type: schema.TypeString,
|
|
Description: "Packet protocol.",
|
|
Computed: true,
|
|
},
|
|
mkRuleSource: {
|
|
Type: schema.TypeString,
|
|
Description: "Packet source address.",
|
|
Computed: true,
|
|
},
|
|
mkRuleSPort: {
|
|
Type: schema.TypeString,
|
|
Description: "TCP/UDP source port.",
|
|
Computed: true,
|
|
},
|
|
}
|
|
}
|
|
|
|
//
|
|
// func baseRuleToMap(baseRule *firewall.BaseRule, rule map[string]interface{}) {
|
|
// if baseRule.Comment != nil {
|
|
// rule[mkRuleComment] = *baseRule.Comment
|
|
// }
|
|
// if baseRule.Dest != nil {
|
|
// rule[mkRuleDest] = *baseRule.Dest
|
|
// }
|
|
// if baseRule.DPort != nil {
|
|
// rule[mkRuleDPort] = *baseRule.DPort
|
|
// }
|
|
// if baseRule.Enable != nil {
|
|
// rule[mkRuleEnable] = *baseRule.Enable
|
|
// }
|
|
// if baseRule.IFace != nil {
|
|
// rule[mkRuleIFace] = *baseRule.IFace
|
|
// }
|
|
// if baseRule.Log != nil {
|
|
// rule[mkRuleLog] = *baseRule.Log
|
|
// }
|
|
// if baseRule.Macro != nil {
|
|
// rule[mkRuleMacro] = *baseRule.Macro
|
|
// }
|
|
// if baseRule.Proto != nil {
|
|
// rule[mkRuleProto] = *baseRule.Proto
|
|
// }
|
|
// if baseRule.Source != nil {
|
|
// rule[mkRuleSource] = *baseRule.Source
|
|
// }
|
|
// if baseRule.SPort != nil {
|
|
// rule[mkRuleSPort] = *baseRule.SPort
|
|
// }
|
|
// }
|