From 03f9a74f8d376612ed0c8afddb39496370a1e724 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Fri, 29 Mar 2019 00:31:26 +0100
Subject: [PATCH] iptables: use datacenter==phx2 for vpn-detection

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 roles/base/templates/iptables/iptables | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/base/templates/iptables/iptables b/roles/base/templates/iptables/iptables
index a9d586de53..ff907e0b61 100644
--- a/roles/base/templates/iptables/iptables
+++ b/roles/base/templates/iptables/iptables
@@ -103,7 +103,7 @@
 {% if proxy_tcp_ports is defined %}
 {% for port in proxy_tcp_ports %}
 {% for proxy in (groups['proxies'] + groups['proxies-internal']) %}
-{% if hostvars[proxy]['vpn'] %}
+{% if hostvars[proxy]['datacenter'] == "phx2" %}
 -A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
 {% else %}
 -A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT