feat(server): Firewall

[ssiyad]

frappe/agent#421

This no longer depends on Agent. Instead, setup, teardown and sync happens through Ansible.

[codecov]

Codecov Report

❌ Patch coverage is 52.00000% with 12 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.96%. Comparing base (f7e1dd0) to head (8d8e624).
⚠️ Report is 101 commits behind head on develop.

Files with missing lines	Patch %	Lines
press/press/doctype/server/server.py	53.33%	7 Missing ⚠️
press/agent.py	50.00%	5 Missing ⚠️

❌ Your patch check has failed because the patch coverage (52.00%) is below the target coverage (75.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #4649      +/-   ##
===========================================
- Coverage    51.05%   50.96%   -0.10%     
===========================================
  Files          843      842       -1     
  Lines        67233    67386     +153     
  Branches       283      283              
===========================================
+ Hits         34327    34342      +15     
- Misses       32878    33016     +138     
  Partials        28       28              

Flag	Coverage Δ
dashboard	72.86% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This PR introduces firewall management functionality for servers, enabling administrators to configure and manage iptables-based firewall rules directly through the Frappe Press interface. The feature includes a warning banner indicating it's under development and not suitable for production use.

Changes:

• Added new Server Firewall Rule child doctype to store firewall rules with source, destination, protocol, and action fields
• Implemented firewall management methods in a mixin class (ServerFirewall) with setup, teardown, and sync operations
• Created Vue.js components for the dashboard UI to manage firewall rules with enable/disable toggle and rule addition/removal

Reviewed changes

Copilot reviewed 18 out of 19 changed files in this pull request and generated 17 comments.

Show a summary per file

File	Description
press/press/doctype/server_firewall_rule/server_firewall_rule.py	New doctype for storing individual firewall rules
press/press/doctype/server_firewall_rule/server_firewall_rule.json	Schema definition for firewall rule fields
press/press/doctype/server/firewall.py	Core firewall logic including validation, transformation, and Ansible playbook execution
press/press/doctype/server/server.py	Integration with Server doctype through mixin inheritance and lifecycle hooks
press/press/doctype/server/server.json	Added firewall fields to Server schema
press/press/doctype/server/server.js	Added firewall setup/teardown buttons in server UI
dashboard/src/objects/server.js	Added firewall tab to server navigation
dashboard/src/components/server/ServerFirewall.vue	Main UI component for managing firewall rules
dashboard/src/components/server/ServerFirewallDialog.vue	Dialog component for adding new firewall rules
press/playbooks/firewall_*.yml	Ansible playbooks for firewall operations
press/playbooks/roles/firewall_*/tasks/main.yml	Ansible tasks implementing iptables chain management
press/playbooks/roles/firewall_*/defaults/main.yml	Default variables for firewall chain names

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.