fixes.
This commit is contained in:
parent
48201c92cb
commit
2f0343cfa5
GPG key ID:
5E8401339C7F5037
1 changed files with 1 additions and 17 deletions
|
|
@ -22,11 +22,7 @@
|
|||
# We use this only for Graylog at the time of writing.
|
||||
#
|
||||
/ @param swamid_testing Set this to true if your SP is registered in swamid-testing.
|
||||
#
|
||||
# @param front_clients
|
||||
# Hiera field, defined at common.yaml, with the the frontend IP prefixes that require access
|
||||
# to port 443. Defaults to empty string.
|
||||
#
|
||||
|
||||
class soc::sso(
|
||||
$hostname,
|
||||
$email,
|
||||
|
|
@ -36,7 +32,6 @@ class soc::sso(
|
|||
$x_remote_user = false,
|
||||
$swamid_testing = false,
|
||||
$single_user = false,
|
||||
$front_clients = '',
|
||||
$satosa = true,
|
||||
$satosa_certbot = false,
|
||||
$translog = 'INFO',
|
||||
|
|
@ -189,17 +184,6 @@ class soc::sso(
|
|||
# NFT Rules
|
||||
#
|
||||
|
||||
if 'wg0' in $facts['networking']['interfaces'].keys {
|
||||
if $front_clients != '' {
|
||||
$front_clients_exposed = hiera_array($front_clients,[])
|
||||
sunet::nftables::docker_expose { 'clients_https' :
|
||||
allow_clients => $front_clients_exposed,
|
||||
port => 443,
|
||||
iif => 'wg0',
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sunet::nftables::docker_expose { 'apache_sso_https' :
|
||||
allow_clients => ['0.0.0.0/0'],
|
||||
port => 443,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue