Wrapp in if clause for nftables

2023-02-17 17:03:49 +01:00 · 2023-02-17 17:03:49 +01:00 · b132b363cd
commit b132b363cd
parent 20755e1361
2 changed files with 27 additions and 21 deletions
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@ -334,15 +334,18 @@ define sunetdrive::app_type (
      compose_filename => 'docker-compose.yml',
      description      => 'Nextcloud application',
    }
-    sunet::misc::ufw_allow { 'https':
+    if $::facts['sunet_nftables_enabled'] == 'yes' {
      from => '0.0.0.0/0',
      port => 443,
    }
      sunet::nftables::docker_expose { 'https':
        allow_clients => ['any'],
        port          => 443,
        iif           => 'ens3',
      }
    } else {
      sunet::misc::ufw_allow { 'https':
        from => '0.0.0.0/0',
        port => 443,
      }
    }
  }
 }
--- a/manifests/proxysql.pp
+++ b/manifests/proxysql.pp
@ -65,10 +65,7 @@ class sunetdrive::proxysql (
    content => template('sunetdrive/proxysql/my.cnf.erb'),
    mode    => '0644',
  }
-  sunet::misc::ufw_allow { 'stats_ports':
+  if $::facts['sunet_nftables_enabled'] == 'yes' {
    from => $tug_office,
    port => 6080,
  }
    sunet::nftables::docker_expose { 'stats_ports':
      allow_clients => $tug_office,
      port          => 6080,
@ -79,6 +76,12 @@ class sunetdrive::proxysql (
      port          => 6032,
      iif           => 'ens3',
    }
  } else {
    sunet::misc::ufw_allow { 'stats_ports':
      from => $tug_office,
      port => 6080,
    }
  }
  sunet::docker_compose { 'drive_proxysql_docker_compose':
    content          => template('sunetdrive/proxysql/docker-compose_proxysql.yml.erb'),