From a8ab545e110a27917ca1d9bd271e44ec1cd52055 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Fri, 29 Mar 2019 00:25:04 +0100
Subject: [PATCH] iptables: also remove ansible_facts in prod iptables template

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 roles/base/templates/iptables/iptables | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/base/templates/iptables/iptables b/roles/base/templates/iptables/iptables
index b43e8f5597..a9d586de53 100644
--- a/roles/base/templates/iptables/iptables
+++ b/roles/base/templates/iptables/iptables
@@ -104,9 +104,9 @@
 {% for port in proxy_tcp_ports %}
 {% for proxy in (groups['proxies'] + groups['proxies-internal']) %}
 {% if hostvars[proxy]['vpn'] %}
--A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_facts']['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
+-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
 {% else %}
--A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_facts']['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
+-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
 {% endif %}
 {% endfor %}
 {% endfor %}