Cacher does not allow access from connected qubes

unman commented 9 months ago

configuration still retains iptables commands, not recognised in debian-12

ben-grande commented 9 months ago

https://github.com/unman/shaker/blob/ffc57008cae7e02ace6078d790af8bcaf7909fc1/cacher/configure.sls#L5-L14

For mail reading:

/rw/config/rc.local:
     ...
        /sbin/iptables -I INPUT -p tcp --dport 8082 -j ACCEPT

/rw/config/qubes-firewall-user-script:
    ...
    - text: /sbin/iptables -I INPUT -p tcp --dport 8082 -j ACCEPT

Would you accept a PR for:

Conversion to nftables; and
Modification to use drop configuration (rc.local.d/.rc, qubes-firewall.d/.conf).

The use of drop-in configuration is intended to avoid appending the code multiple times in case the user did modify the files.

ben-grande commented 8 months ago

Changed from iptables to nftables in b00d7f5fb533a765a9b6abadc14181a1c3a607f6

Any desire in migrating the files to the drop-in configuration directories?

tlaurion commented 7 months ago

@unman ping

unman commented 7 months ago

This is fixed in the versions packaged for 4.2 Closing.

unman / shaker

Cacher does not allow access from connected qubes #30