roles/firewall: make bastion_ip a variable

2023-08-23 21:14:39 -04:00 · 2023-08-23 21:14:39 -04:00 · e32301fa3c
commit e32301fa3c
parent 97fc92ff56
2 changed files with 3 additions and 1 deletions
--- a/roles/firewall/defaults/main.yml
+++ b/roles/firewall/defaults/main.yml
@ -6,3 +6,5 @@
 local_subnet: 192.168.0.0/24

 sshd_port: 2500
+
+bastion_ip: "{{ host_vars[groups['bastion'][0]]['local_ip'] }}"
--- a/roles/firewall/tasks/main.yml
+++ b/roles/firewall/tasks/main.yml
@ -14,7 +14,7 @@

 - name: Set default sources (fleet server)
  set_fact:
-    default_firewall_src: "{{ host_vars[groups['bastion'][0]]['local_ip'] }}"
+    default_firewall_src: "{{ bastion_ip }}"
  when: "fleet" in group_names

 - name: Allow service ports