Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

this is the last fix before fing hardcoding the ips

Browse source
This commit is contained in:
Stephen Smoogen 2020-04-09 18:10:11 +00:00 committed by Pierre-Yves Chibon
parent 264360cac8
commit 3800b05f64
1 changed files with 0 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
roles/base/templates/iptables/iptables
View file

@ -103,11 +103,7 @@
{% if proxy_tcp_ports is defined %} {% if proxy_tcp_ports is defined %}
{% for port in proxy_tcp_ports %} {% for port in proxy_tcp_ports %}
{% for proxy in (groups['proxies'] + groups['proxies_internal']) %} {% for proxy in (groups['proxies'] + groups['proxies_internal']) %}
{% if hostvars[proxy].datacenter == 'phx2' %}
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
{% else %}
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT -A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
{% endif %}
{% endfor %} {% endfor %}
# nagios # nagios
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars['noc01.phx2.fedoraproject.org']['ansible_eth0']['ipv4']['address'] }} -j ACCEPT -A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars['noc01.phx2.fedoraproject.org']['ansible_eth0']['ipv4']['address'] }} -j ACCEPT