diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2022-09-06 02:07:23 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2022-09-06 02:07:23 +0200 |
| commit | 081c0f926cba1636a6655d51b60809fb2610bc89 (patch) | |
| tree | 521ed46ae8c49a06fa260dfe8b781179b0eb2e85 /inventory/host_vars/ch-gw-lan.yml | |
| parent | replace some more ipaddr() filter calls (cont'd) (diff) | |
replace some more ipaddr() filter calls (cont'd)
Diffstat (limited to 'inventory/host_vars/ch-gw-lan.yml')
| -rw-r--r-- | inventory/host_vars/ch-gw-lan.yml | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/inventory/host_vars/ch-gw-lan.yml b/inventory/host_vars/ch-gw-lan.yml index 2aa27ab0..ee6a6c38 100644 --- a/inventory/host_vars/ch-gw-lan.yml +++ b/inventory/host_vars/ch-gw-lan.yml @@ -27,12 +27,12 @@ network: interfaces: "{{ install.interfaces }}" primary: &_network_primary_ name: svc0 - address: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + address: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets[inventory_hostname]) }}" gateway: "{{ network_zones.svc.gateway }}" interfaces: - *_network_primary_ - name: lan0 - address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + address: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) }}" base_sysctl_config_user: @@ -52,19 +52,19 @@ dhcp_server_interfaces: nftables_base_rules: public-services: | define nic_lan = lan0 - define public_ipv4 = {{ network_zones.magenta.prefix | ipaddr(network_zones.magenta.offsets['ch-router']) | ipaddr('address') }} + define public_ipv4 = {{ network_zones.magenta.prefix | ansible.utils.ipaddr(network_zones.magenta.offsets['ch-router']) | ansible.utils.ipaddr('address') }} table ip nat { chain public-services-prerouting { type nat hook prerouting priority -100; policy accept; - iif $nic_lan ip daddr $public_ipv4 tcp dport { 222 } dnat to {{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-router']) | ipaddr('address') }} comment "ssh-router" + iif $nic_lan ip daddr $public_ipv4 tcp dport { 222 } dnat to {{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets['ch-router']) | ansible.utils.ipaddr('address') }} comment "ssh-router" {% for name, svc in network_services.items() %} iif $nic_lan ip daddr $public_ipv4 tcp dport { {{ svc.ports | join(', ') }} } dnat to {{ svc.addr }} comment "{{ name }}" {% endfor %} } chain public-services-output { type nat hook output priority -100; policy accept; - ip daddr $public_ipv4 tcp dport { 222 } dnat to {{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-router']) | ipaddr('address') }} comment "ssh-router" + ip daddr $public_ipv4 tcp dport { 222 } dnat to {{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets['ch-router']) | ansible.utils.ipaddr('address') }} comment "ssh-router" {% for name, svc in network_services.items() %} ip daddr $public_ipv4 tcp dport { {{ svc.ports | join(', ') }} } dnat to {{ svc.addr }} comment "{{ name }}" {% endfor %} |