iptables: also remove ansible_facts in prod iptables template

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
2019-03-29 00:25:04 +01:00 · 2019-03-29 00:25:04 +01:00 · a8ab545e11
commit a8ab545e11
parent 63489a3ccb
1 changed files with 2 additions and 2 deletions
--- a/roles/base/templates/iptables/iptables
+++ b/roles/base/templates/iptables/iptables
@ -104,9 +104,9 @@
 {% for port in proxy_tcp_ports %}
 {% for proxy in (groups['proxies'] + groups['proxies-internal']) %}
 {% if hostvars[proxy]['vpn'] %}
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_facts']['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
+-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
 {% else %}
-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_facts']['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
+-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
 {% endif %}
 {% endfor %}
 {% endfor %}