initial commit

app/Services/Hosting/Firewall/FirewallService.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Services\Hosting\Firewall;
+
+use App\Models\Customer;
+use App\Models\VmFirewallRule;
+use App\Services\Hosting\Proxmox\ProxmoxClient;
+
+class FirewallService
+{
+    public function __construct(private readonly ProxmoxClient $proxmox) {}
+
+    public function syncToProxmox(Customer $vm): void
+    {
+        if (! $vm->vmid) {
+            return;
+        }
+
+        $rules = $vm->firewallRules()->where('is_active', true)->orderBy('sort_order')->get();
+        $payload = $rules->map(fn (VmFirewallRule $r) => [
+            'type' => $r->direction === 'out' ? 'out' : 'in',
+            'action' => $r->action,
+            'proto' => $r->protocol,
+            'dport' => $r->port,
+            'source' => $r->source,
+            'enable' => 1,
+        ])->all();
+
+        if ($payload !== []) {
+            $this->proxmox->setFirewallRules((int) $vm->vmid, $payload);
+        }
+    }
+}