apps/whawty/auth: revamp port configuration

author: Christian Pointner <equinox@spreadspace.org> 2024-02-01 00:16:50 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2024-02-01 00:16:50 +0100
commit: 293a33b6cd9c15a9955a3c1ca4c365c7423a0393 (patch)
tree: 1dca1d3f7081e85ed060a7dc5a2341d16b07b515 /roles/apps/whawty
parent: apps/whawty/auth: add ldap listener (diff)
3 files changed, 14 insertions, 10 deletions
diff --git a/roles/apps/whawty/auth/instance/templates/listener.yml.j2 b/roles/apps/whawty/auth/instance/templates/listener.yml.j2
index 12a83905..2ac01cb3 100644
--- a/roles/apps/whawty/auth/instance/templates/listener.yml.j2
+++ b/roles/apps/whawty/auth/instance/templates/listener.yml.j2
@@ -1,6 +1,6 @@
 https:
   listen:
-  - ":{{ whawty_auth_instances[whawty_auth_instance].port }}"
+  - ":1080"
   tls:
     certificate: /tls/publish-crt.pem
     certificate-key: /tls/publish-key.pem
@@ -9,16 +9,16 @@ https:
 {% if 'ldap' in whawty_auth_instances[whawty_auth_instance] %}
 {%   if 'tls' in  whawty_auth_instances[whawty_auth_instance].ldap %}
 ldaps:
-{%   else %}
-ldap:
-{%   endif %}
   listen:
-  - ":{{ whawty_auth_instances[whawty_auth_instance].ldap.port }}"
-{%   if 'tls' in  whawty_auth_instances[whawty_auth_instance].ldap %}
+  - ":1636"
   tls:
     certificate: /tls/ldap-crt.pem
     certificate-key: /tls/ldap-key.pem
     min-protocol-version: "TLSv1.3"
     prefer-server-ciphers: true
+{%   else %}
+ldap:
+  listen:
+  - ":1389"
 {%   endif %}
 {% endif %}
diff --git a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
index 4b75a346..7c1d3be5 100644
--- a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
+++ b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
@@ -22,13 +22,17 @@ containers:
   - name: store
     mountPath: /store
   ports:
-  - containerPort: {{ whawty_auth_instances[whawty_auth_instance].port }}
+  - containerPort: 1080
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].port }}
 {% if whawty_auth_instances[whawty_auth_instance].publish.zone.publisher == inventory_hostname %}
     hostIP: "127.0.0.1"
 {% endif %}
 {% if 'ldap' in  whawty_auth_instances[whawty_auth_instance] %}
-  - containerPort: {{ whawty_auth_instances[whawty_auth_instance].ldap.port }}
+{%   if 'tls' in  whawty_auth_instances[whawty_auth_instance].ldap %}
+  - containerPort: 1636
+{%   else %}
+  - containerPort: 1389
+{%   endif %}
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].ldap.port }}
 {% endif %}
 {% if 'sync' in whawty_auth_instances[whawty_auth_instance] %}
@@ -44,7 +48,7 @@ containers:
     mountPath: /store
     readOnly: true
   ports:
-  - containerPort: {{ whawty_auth_instances[whawty_auth_instance].sync.port }}
+  - containerPort: 2222
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].sync.port }}
 {% endif %}
 volumes:
diff --git a/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2 b/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2
index 65a11d80..b86eda36 100644
--- a/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2
+++ b/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2
@@ -1,4 +1,4 @@
-Port {{ whawty_auth_instances[whawty_auth_instance].sync.port }}
+Port 2222
 ListenAddress 0.0.0.0
 ListenAddress ::
author	Christian Pointner <equinox@spreadspace.org>	2024-02-01 00:16:50 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2024-02-01 00:16:50 +0100
commit	293a33b6cd9c15a9955a3c1ca4c365c7423a0393 (patch)
tree	1dca1d3f7081e85ed060a7dc5a2341d16b07b515 /roles/apps/whawty
parent	apps/whawty/auth: add ldap listener (diff)