dogeystamp/homeserver-iac
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

roles/firewall: make bastion_ip a variable

Browse Source
This commit is contained in:
dogeystamp 2023-08-23 21:14:39 -04:00
parent 97fc92ff56
commit e32301fa3c
Signed by: dogeystamp
GPG Key ID: 7225FE3592EFFA38
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/firewall/defaults/main.yml
View File

@ -6,3 +6,5 @@
local_subnet: 192.168.0.0/24 local_subnet: 192.168.0.0/24
sshd_port: 2500 sshd_port: 2500
bastion_ip: "{{ host_vars[groups['bastion'][0]]['local_ip'] }}"

2
roles/firewall/tasks/main.yml
View File

@ -14,7 +14,7 @@
- name: Set default sources (fleet server) - name: Set default sources (fleet server)
set_fact: set_fact:
default_firewall_src: "{{ host_vars[groups['bastion'][0]]['local_ip'] }}" default_firewall_src: "{{ bastion_ip }}"
when: "fleet" in group_names when: "fleet" in group_names
- name: Allow service ports - name: Allow service ports