From 223b6b3b3b78608edb2c9adfce0cdc3abe054432 Mon Sep 17 00:00:00 2001
From: Steven Hardy <shardy@redhat.com>
Date: Wed, 18 Sep 2013 10:06:20 +0100
Subject: [PATCH] F18 WordPress_NoKey fixes

The security group properties must be strings or we get validation
errors, and firewall-cmd rule addition should be permanent

Change-Id: Ia03947690ff8142b6e700c808a898283c7b8d095
---
 cfn/F18/WordPress_NoKey.yaml | 27 +++++++++++++++------------
 hot/F18/WordPress_NoKey.yaml | 29 +++++++++++++++--------------
 2 files changed, 30 insertions(+), 26 deletions(-)

diff --git a/cfn/F18/WordPress_NoKey.yaml b/cfn/F18/WordPress_NoKey.yaml
index 305a9b68..052166f3 100644
--- a/cfn/F18/WordPress_NoKey.yaml
+++ b/cfn/F18/WordPress_NoKey.yaml
@@ -41,18 +41,18 @@ Resources:
     Properties:
       GroupDescription: 'Enable HTTP access via port 80 plus SSH access'
       SecurityGroupIngress:
-      - IpProtocol: icmp
-        FromPort: -1
-        ToPort: -1
-        CidrIp: 0.0.0.0/0
-      - IpProtocol: tcp
-        FromPort: 80
-        ToPort: 80
-        CidrIp: 0.0.0.0/0
-      - IpProtocol: tcp
-        FromPort: 22
-        ToPort : 22
-        CidrIp : 0.0.0.0/0
+      - IpProtocol: 'icmp'
+        FromPort: '-1'
+        ToPort: '-1'
+        CidrIp: '0.0.0.0/0'
+      - IpProtocol: 'tcp'
+        FromPort: '80'
+        ToPort: '80'
+        CidrIp: '0.0.0.0/0'
+      - IpProtocol: 'tcp'
+        FromPort: '22'
+        ToPort : '22'
+        CidrIp : '0.0.0.0/0'
   WikiDatabase:
     Type: AWS::EC2::Instance
     Metadata:
@@ -88,6 +88,9 @@ Resources:
               '
             - 'firewall-cmd --add-service=http
 
+              '
+            - 'firewall-cmd --permanent --add-service=http
+
               '
             - '# Setup MySQL root password and create a user
 
diff --git a/hot/F18/WordPress_NoKey.yaml b/hot/F18/WordPress_NoKey.yaml
index a8f12c48..c3c1a09a 100644
--- a/hot/F18/WordPress_NoKey.yaml
+++ b/hot/F18/WordPress_NoKey.yaml
@@ -21,7 +21,7 @@ parameters:
     constraints:
       - allowed_values: [ F18-i386-cfntools, F18-x86_64-cfntools ]
         description: >
-          Image ID bust be either F18-i386-cfntools or F18-x86_64-cfntools
+          Image ID must be either F18-i386-cfntools or F18-x86_64-cfntools
   DBName:
     type: string
     description: WordPress database name
@@ -72,18 +72,18 @@ resources:
     properties:
       GroupDescription: 'Enable HTTP access via port 80 plus SSH access'
       SecurityGroupIngress:
-        - IpProtocol: icmp
-          FromPort: -1
-          ToPort: -1
-          CidrIp: 0.0.0.0/0
-        - IpProtocol: tcp
-          FromPort: 80
-          ToPort: 80
-          CidrIp: 0.0.0.0/0
-        - IpProtocol: tcp
-          FromPort: 22
-          ToPort : 22
-          CidrIp : 0.0.0.0/0
+        - IpProtocol: 'icmp'
+          FromPort: '-1'
+          ToPort: '-1'
+          CidrIp: '0.0.0.0/0'
+        - IpProtocol: 'tcp'
+          FromPort: '80'
+          ToPort: '80'
+          CidrIp: '0.0.0.0/0'
+        - IpProtocol: 'tcp'
+          FromPort: '22'
+          ToPort : '22'
+          CidrIp : '0.0.0.0/0'
 
   wordpress_instance:
     # Use an AWS resource type and switch to native compute instance as
@@ -115,6 +115,7 @@ resources:
 
             /opt/aws/bin/cfn-init
             firewall-cmd --add-service=http
+            firewall-cmd --permanent --add-service=http
 
             # Setup MySQL root password and create a user
             mysqladmin -u root password $db_rootpassword
@@ -146,4 +147,4 @@ outputs:
       str_replace:
         template: http://$host/wordpress
         params:
-          host: { get_attr: [wordpress_instance, PublicIp] }
\ No newline at end of file
+          host: { get_attr: [wordpress_instance, PublicIp] }