4 files changed, 15 insertions, 11 deletions

diff --git a/inventory/host_vars/ch-apps/whawty.yml b/inventory/host_vars/ch-apps/whawty.yml
index 63d15eb9..2e95cd1d 100644
--- a/inventory/host_vars/ch-apps/whawty.yml
+++ b/inventory/host_vars/ch-apps/whawty.yml
@@ -14,7 +14,7 @@ whawty_auth_instances:
       - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsY3QIaN/S05EHZ9IF6GWgXG0wAh5qAxgQAq7ZLtNP8 whawty-auth-sync-chaos-at-home@ch-http-proxy
       - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHoyvg0McwpPFAT642lm9MIGG2/6Hi+hFe8IvmroDar whawty-auth-sync-chaos-at-home@ch-pan
     ldap:
-      port: 3636
+      port: 636
       hostnames:
       - ldap.chaos-at-home.org
       tls:
diff --git a/roles/apps/whawty/auth/instance/templates/listener.yml.j2 b/roles/apps/whawty/auth/instance/templates/listener.yml.j2
index 12a83905..2ac01cb3 100644
--- a/roles/apps/whawty/auth/instance/templates/listener.yml.j2
+++ b/roles/apps/whawty/auth/instance/templates/listener.yml.j2
@@ -1,6 +1,6 @@
 https:
   listen:
-  - ":{{ whawty_auth_instances[whawty_auth_instance].port }}"
+  - ":1080"
   tls:
     certificate: /tls/publish-crt.pem
     certificate-key: /tls/publish-key.pem
@@ -9,16 +9,16 @@ https:
 {% if 'ldap' in whawty_auth_instances[whawty_auth_instance] %}
 {%   if 'tls' in  whawty_auth_instances[whawty_auth_instance].ldap %}
 ldaps:
-{%   else %}
-ldap:
-{%   endif %}
   listen:
-  - ":{{ whawty_auth_instances[whawty_auth_instance].ldap.port }}"
-{%   if 'tls' in  whawty_auth_instances[whawty_auth_instance].ldap %}
+  - ":1636"
   tls:
     certificate: /tls/ldap-crt.pem
     certificate-key: /tls/ldap-key.pem
     min-protocol-version: "TLSv1.3"
     prefer-server-ciphers: true
+{%   else %}
+ldap:
+  listen:
+  - ":1389"
 {%   endif %}
 {% endif %}
diff --git a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
index 4b75a346..7c1d3be5 100644
--- a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
+++ b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2
@@ -22,13 +22,17 @@ containers:
   - name: store
     mountPath: /store
   ports:
-  - containerPort: {{ whawty_auth_instances[whawty_auth_instance].port }}
+  - containerPort: 1080
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].port }}
 {% if whawty_auth_instances[whawty_auth_instance].publish.zone.publisher == inventory_hostname %}
     hostIP: "127.0.0.1"
 {% endif %}
 {% if 'ldap' in  whawty_auth_instances[whawty_auth_instance] %}
-  - containerPort: {{ whawty_auth_instances[whawty_auth_instance].ldap.port }}
+{%   if 'tls' in  whawty_auth_instances[whawty_auth_instance].ldap %}
+  - containerPort: 1636
+{%   else %}
+  - containerPort: 1389
+{%   endif %}
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].ldap.port }}
 {% endif %}
 {% if 'sync' in whawty_auth_instances[whawty_auth_instance] %}
@@ -44,7 +48,7 @@ containers:
     mountPath: /store
     readOnly: true
   ports:
-  - containerPort: {{ whawty_auth_instances[whawty_auth_instance].sync.port }}
+  - containerPort: 2222
     hostPort: {{ whawty_auth_instances[whawty_auth_instance].sync.port }}
 {% endif %}
 volumes:
diff --git a/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2 b/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2
index 65a11d80..b86eda36 100644
--- a/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2
+++ b/roles/apps/whawty/auth/instance/templates/sync-sshd_config.j2
@@ -1,4 +1,4 @@
-Port {{ whawty_auth_instances[whawty_auth_instance].sync.port }}
+Port 2222
 ListenAddress 0.0.0.0
 ListenAddress ::