Skip to content
GitLab
Commit ba769530 authored by godog's avatar godog
Browse files

net-overlay: allow vpn traffic to containers ports

parent 356ce8a4
Pipeline #3831 passed with stage
in 4 minutes and 43 seconds
Hide whitespace changes
Inline Side-by-side
roles/net-overlay/templates/firewall/11net-overlay.j2
View file @ ba769530
......@@ -26,6 +26,11 @@ add_rule4 -A base-input -i {{ tinc_net }} -j vpn-{{ tinc_net }}-input
{% for port in services[s].get('ports', []) %}
add_rule -A vpn-{{ tinc_net }}-input -p tcp --dport {{ port }} -j ACCEPT
{% endfor %}
{% for container in services[s].get('containers', []) %}
{% if 'port' in container %}
add_rule -A vpn-{{ tinc_net }}-input -p tcp --dport {{ container.port }} -j ACCEPT
{% endif %}
{% endfor %}
{% for ep in services[s].get('public_endpoints', []) %}
add_rule -A vpn-{{ tinc_net }}-input -p tcp --dport {{ ep.port }} -j ACCEPT
{% endfor %}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment