From 77685f5b787c56bcb1c4d9f1e058e25312fa62fe Mon Sep 17 00:00:00 2001
From: Tim Serong <tserong@suse.com>
Date: Wed, 29 Apr 2015 13:12:38 +1000
Subject: [PATCH] packaging: add SuSEfirewall2 service files

This adds SuSEfirewall2 service files for Ceph MON, OSD and MDS, for use
on SLES and openSUSE.  The MON template opens port 6789 and the OSD/MDS
template opens the range 6800-7300 as per
http://ceph.com/docs/master/rados/configuration/network-config-ref/

Signed-off-by: Tim Serong <tserong@suse.com>
---
 ceph.spec.in                  | 10 ++++++++++
 src/susefirewall-ceph-mon     |  5 +++++
 src/susefirewall-ceph-osd-mds |  5 +++++
 3 files changed, 20 insertions(+)
 create mode 100644 src/susefirewall-ceph-mon
 create mode 100644 src/susefirewall-ceph-osd-mds

diff --git a/ceph.spec.in b/ceph.spec.in
index 3faae3e7a5f53..6856bd6fac4c9 100644
--- a/ceph.spec.in
+++ b/ceph.spec.in
@@ -506,6 +506,12 @@ install -m 0644 -D src/rgw/logrotate.conf $RPM_BUILD_ROOT%{_sysconfdir}/logrotat
 chmod 0644 $RPM_BUILD_ROOT%{_docdir}/ceph/sample.ceph.conf
 chmod 0644 $RPM_BUILD_ROOT%{_docdir}/ceph/sample.fetch_config
 
+# firewall templates
+%if 0%{?suse_version}
+install -m 0644 -D src/susefirewall-ceph-mon %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ceph-mon
+install -m 0644 -D src/susefirewall-ceph-osd-mds %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ceph-osd-mds
+%endif
+
 # udev rules
 %if 0%{?rhel} >= 7 || 0%{?fedora}
 install -m 0644 -D udev/50-rbd.rules $RPM_BUILD_ROOT/usr/lib/udev/rules.d/50-rbd.rules
@@ -635,6 +641,10 @@ fi
 %endif
 %config %{_sysconfdir}/bash_completion.d/ceph
 %config(noreplace) %{_sysconfdir}/logrotate.d/ceph
+%if 0%{?suse_version}
+%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ceph-mon
+%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ceph-osd-mds
+%endif
 %{_mandir}/man8/ceph-deploy.8*
 %{_mandir}/man8/ceph-disk.8*
 %{_mandir}/man8/ceph-mon.8*
diff --git a/src/susefirewall-ceph-mon b/src/susefirewall-ceph-mon
new file mode 100644
index 0000000000000..7a28e73a74025
--- /dev/null
+++ b/src/susefirewall-ceph-mon
@@ -0,0 +1,5 @@
+## Name: Ceph MON
+## Description: Open port for Ceph Monitor
+
+# space separated list of allowed TCP ports
+TCP="6789"
diff --git a/src/susefirewall-ceph-osd-mds b/src/susefirewall-ceph-osd-mds
new file mode 100644
index 0000000000000..0109fde41be05
--- /dev/null
+++ b/src/susefirewall-ceph-osd-mds
@@ -0,0 +1,5 @@
+## Name: Ceph OSD/MDS
+## Description: Open ports for Ceph OSDs and Metadata Servers (max: 166 per node)
+
+# space separated list of allowed TCP ports
+TCP="6800:7300"
-- 
2.39.5