Wrapp in if clause for nftables
This commit is contained in:
parent
20755e1361
commit
b132b363cd
2 changed files with 27 additions and 21 deletions
|
@ -334,14 +334,17 @@ define sunetdrive::app_type (
|
|||
compose_filename => 'docker-compose.yml',
|
||||
description => 'Nextcloud application',
|
||||
}
|
||||
sunet::misc::ufw_allow { 'https':
|
||||
from => '0.0.0.0/0',
|
||||
port => 443,
|
||||
}
|
||||
sunet::nftables::docker_expose { 'https':
|
||||
allow_clients => ['any'],
|
||||
port => 443,
|
||||
iif => 'ens3',
|
||||
if $::facts['sunet_nftables_enabled'] == 'yes' {
|
||||
sunet::nftables::docker_expose { 'https':
|
||||
allow_clients => ['any'],
|
||||
port => 443,
|
||||
iif => 'ens3',
|
||||
}
|
||||
} else {
|
||||
sunet::misc::ufw_allow { 'https':
|
||||
from => '0.0.0.0/0',
|
||||
port => 443,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -65,19 +65,22 @@ class sunetdrive::proxysql (
|
|||
content => template('sunetdrive/proxysql/my.cnf.erb'),
|
||||
mode => '0644',
|
||||
}
|
||||
sunet::misc::ufw_allow { 'stats_ports':
|
||||
from => $tug_office,
|
||||
port => 6080,
|
||||
}
|
||||
sunet::nftables::docker_expose { 'stats_ports':
|
||||
allow_clients => $tug_office,
|
||||
port => 6080,
|
||||
iif => 'ens3',
|
||||
}
|
||||
sunet::nftables::docker_expose { 'proxysql':
|
||||
allow_clients => ['any'],
|
||||
port => 6032,
|
||||
iif => 'ens3',
|
||||
if $::facts['sunet_nftables_enabled'] == 'yes' {
|
||||
sunet::nftables::docker_expose { 'stats_ports':
|
||||
allow_clients => $tug_office,
|
||||
port => 6080,
|
||||
iif => 'ens3',
|
||||
}
|
||||
sunet::nftables::docker_expose { 'proxysql':
|
||||
allow_clients => ['any'],
|
||||
port => 6032,
|
||||
iif => 'ens3',
|
||||
}
|
||||
} else {
|
||||
sunet::misc::ufw_allow { 'stats_ports':
|
||||
from => $tug_office,
|
||||
port => 6080,
|
||||
}
|
||||
}
|
||||
|
||||
sunet::docker_compose { 'drive_proxysql_docker_compose':
|
||||
|
|
Loading…
Add table
Reference in a new issue