matrix-puppet/manifests/lb.pp

class matrix::lb (
) {
  $ips = lookup('sourceips', undef, undef, undef)
  $ips.each | String $ip | {
    if $::facts['sunet_nftables_enabled'] == 'yes' {
      sunet::nftables::allow { "nft_testip${ip}_ingress":
      port   =>   8443,
      from   =>   $ip,
      }
      sunet::nftables::allow { "nft_testip${ip}_kubeapi":
      port   =>   16443,
      from   =>   $ip,
      }
    }
  }
}
First lb class skeleton 2024-10-30 12:28:39 +00:00			`class matrix::lb (`
			`) {`
Open fw to test source 2024-10-30 13:04:58 +00:00			`$ips = lookup('sourceips', undef, undef, undef)`
			`$ips.each \| String $ip \| {`
			`if $::facts['sunet_nftables_enabled'] == 'yes' {`
Fix resource an debug cleanup 2024-10-30 20:32:31 +00:00			`sunet::nftables::allow { "nft_testip${ip}_ingress":`
Open fw to test source 2024-10-30 13:04:58 +00:00			`port => 8443,`
			`from => $ip,`
			`}`
Fix resource an debug cleanup 2024-10-30 20:32:31 +00:00			`sunet::nftables::allow { "nft_testip${ip}_kubeapi":`
Add port to fw 2024-10-30 15:00:12 +00:00			`port => 16443,`
			`from => $ip,`
			`}`
Open fw to test source 2024-10-30 13:04:58 +00:00			`}`
			`}`
First lb class skeleton 2024-10-30 12:28:39 +00:00			`}`