rc/servers
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Rework service handling

Browse source 
Allow running playbooks without NetBox access. Mainly to bootstrap
NetBox itself.

Would prefer not to access network from filter plugins, so maybe do
that at some point also.
This commit is contained in:
Timotej Lazar 2024-06-19 13:33:32 +02:00
parent 38c3464279
commit 29598ef4bb
5 changed files with 34 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/ceph/templates/nftables.conf.j2
View file

@ -54,7 +54,7 @@ table inet filter {
ip saddr @allowed accept # TODO remove exceptions
ip6 saddr @allowed/6 accept # TODO remove exceptions
{% for service in cluster.custom_fields.services %}
{% for service in cluster_services %}
{% set prefixes = service | allowed_prefixes %}
{% set prefixes4 = prefixes | selectattr('family.value', '==', 4) | map('string') %}
{% set prefixes6 = prefixes | selectattr('family.value', '==', 6) | map('string') %}