From d87058c555a9445fb2ddbb0b257f0528175323d3 Mon Sep 17 00:00:00 2001
From: Alexander Klimov <alexander.klimov@netways.de>
Date: Tue, 30 Sep 2014 10:59:30 +0200
Subject: [PATCH] Profile `icingaweb2_dev': add Exec[iptables-allow-http]

refs #6842
---
 .vagrant-puppet/profiles/icingaweb2_dev/manifests/init.pp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.vagrant-puppet/profiles/icingaweb2_dev/manifests/init.pp b/.vagrant-puppet/profiles/icingaweb2_dev/manifests/init.pp
index cb0085bd5..55f3edfb6 100644
--- a/.vagrant-puppet/profiles/icingaweb2_dev/manifests/init.pp
+++ b/.vagrant-puppet/profiles/icingaweb2_dev/manifests/init.pp
@@ -93,4 +93,12 @@ class icingaweb2_dev {
   icingaweb2::config::module { [ 'backends', 'config', 'instances' ]:
     source  => 'puppet:///modules/icingaweb2_dev',
   }
+
+  package { 'iptables':
+    ensure => latest
+  }
+  -> exec { 'iptables-allow-http':
+    unless  => 'grep -Fxqe "-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT" /etc/sysconfig/iptables',
+    command => '/sbin/iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT && /sbin/iptables-save > /etc/sysconfig/iptables'
+  }
 }