diff options
Diffstat (limited to 'roles/pf/templates/pf.conf.j2')
| -rw-r--r-- | roles/pf/templates/pf.conf.j2 | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/roles/pf/templates/pf.conf.j2 b/roles/pf/templates/pf.conf.j2 index 0d2429f..154098e 100644 --- a/roles/pf/templates/pf.conf.j2 +++ b/roles/pf/templates/pf.conf.j2 @@ -1,5 +1,5 @@ +{% import 'macros.j2' as macros with context %} -{# pf ~~ templates/pf.conf.j2 #} # pf ~~ /etc/pf.conf # managed by Ansible @@ -15,16 +15,13 @@ pass in quick on egress proto {{ service["proto"] }} to port {{ service["port"] {% endfor %} # redirection -{% for h in groups["all"] %} -{% set h = hostvars[h] %} -{##} +{% call(h) macros.loop_valid_hosts("servers") %} {% if h.services is defined %} {% for service in h.services if h.ansible_host != global.dcontroller and service.public is defined and service.public %} pass in on egress proto {{ service.proto }} from any to any port {{ service.port }} rdr-to {{ h.ip.in }} {% endfor %} {% endif %} -{##} -{% endfor %} +{% endcall %} {# {% if hypervisor is defined and vms is defined %} @@ -42,4 +39,3 @@ pass out quick on egress inet from (tun0:network) nat-to (egress:0) # output network pass out quick inet pass in proto { icmp, icmp6 } all - |