I assume you are using the firewalld-formula from the official repository?
Please be informed that a "SaltStack Formula" is a "ready-to-use state that you configure using pillars". So, your YAML declaration must NOT be a state declaration, but instead a pillar declaration.
Let me illustrate:
I'll assume you have your state files in /srv/salt and your pillar files in /srv/pillar.
To use the firewalld-formula, you need to create a "pillar" file. Use the provided pillar.example file and save it as /srv/pillar/firewalld/<target-host>.sls, and refer to it from /srv/pillar/top.sls. For example:
# /srv/pillar/top.sls
base:
# ... other references we skip ...
'target-host':
- firewalld.<target-host>
Note: By naming the pillar file <target-host>.sls, we can easily make different pillars for different hosts.
Then, we 'activate' the formula by referencing the firewalld-formula from /srv/salt/top.sls (or other state files under /srv/salt/ using the include: directive).
I'll assume that you cloned the firewalld-formula repo in this way:
cd /srv/salt
git clone https://github.com/saltstack-formulas/firewalld-formula.git
ln -s firewalld-formula/firewalld firewalld
Note: The symlink allows us to refer to the state as firewalld instead of firewalld-formula.firewalld.
Now, edit the /srv/salt/top.sls file to invoke the firewalld state:
# /srv/salt/top.sls
base:
# ... other references ...
'target-host':
- firewalld
Aaand, you're done.
Alternatively, you may use a common state instead and let the Jinja renderer and the Pillar system take care of the 'targeting' details. Let's say your top.sls file has the following:
# /srv/salt/top.sls
base:
'*':
# ...other states...
- hardening
# ...more states...
Edit the hardening state file as such:
# /srv/salt/hardening/init.sls
# ...various states we skip
include:
# ... possible other includes ...
{% if pillar.get('firewalld', false) -%}
# The following will be included *only* if pillar for the minion has the 'firewalld' key defined
- firewalld
{% endif -%}
