helper-open-ports.sh

#!/usr/bin/env bash
# sh doesn't support arrays
# Helper script that
# 1. SSH-es into remote hosts
# 1. Runs firewall-cmd on remote hosts to open up ports needed
set -e

FW_COMMON="--zone=public --permanent"

APPLICATION=("192.168.1.169")
#INGESTION=("192.168.1.121")
#REDIS=("192.168.1.121")
#INGESTION=("192.168.1.162" "192.168.1.154")
#POSTGRES=("192.168.1.172" "192.168.1.193")
#REDIS=("192.168.1.183" "192.168.1.106")
#ELASTICSEARCH=("192.168.1.184" "192.168.1.117" "192.168.1.173")
INGESTION=("192.168.1.169")
POSTGRES=("192.168.1.169")
REDIS=("192.168.1.169")
ELASTICSEARCH=("192.168.1.169")

runthis () {
  #firewall-cmd $@
  echo ============================
  echo "${1}"
  # shellcheck disable=SC2029
  ssh root@"${1}" "firewall-cmd ${2}"
  echo "${2}"
}

fw-reload () {
  ssh root@"${1}" "firewall-cmd --reload"
  echo "${1}": Reloading
  echo ============================
}

fw_app() {
  for i in "${APPLICATION[@]}"; do
    echo APPLICATION
    runthis "${i}" "--add-service=https ${FW_COMMON}"
    runthis "${i}" "--add-port=8000/tcp ${FW_COMMON}"
    fw-reload "${i}"
  done
}

fw_ingestion() {
  for i in "${INGESTION[@]}"; do
    echo INGESTION
    runthis "${i}" "--add-port=8000/tcp ${FW_COMMON}"
    fw-reload "${i}"
  done
}

fw_postgres() {
  for i in "${POSTGRES[@]}"; do
    echo POSTGRES
    runthis "${i}" "--add-port=5432/tcp ${FW_COMMON}"
    fw-reload "${i}"
  done
}

fw_redis() {
  for i in "${REDIS[@]}"; do
    echo REDIS
    runthis "${i}" "--add-port=6379/tcp ${FW_COMMON}"
    fw-reload "${i}"
  done
}

fw_es() {
  for i in "${ELASTICSEARCH[@]}"; do
    echo ELASTICSEARCH
    runthis "${i}" "--add-port=9200/tcp --add-port=9300/tcp ${FW_COMMON}"
    fw-reload "${i}"
  done
}

fw_app
fw_ingestion
fw_postgres
fw_redis
fw_es