ansible_port: Add ssh port switch to network roles

author: Romain Gonçalves <me@rgoncalves.se> 2021-12-30 15:39:08 +0000
committer: Romain Gonçalves <me@rgoncalves.se> 2021-12-30 15:50:40 +0000
commit: 6b106cce38106e7beb9db623a9d98784cb8bbc86 (patch)
tree: a7ec7381526c44dd778ab3a911e55b654c1746eb /roles/pf
parent: d39f2e2ac88b107014c373b380eb76adae0f91ee (diff)
download: rules-6b106cce38106e7beb9db623a9d98784cb8bbc86.tar.gz
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/pf/tasks/main.yml b/roles/pf/tasks/main.yml
index 3924a89..e5b8af8 100644
--- a/roles/pf/tasks/main.yml
+++ b/roles/pf/tasks/main.yml
@@ -12,6 +12,6 @@
 
 - name: test ssh connection on new pf rule
   wait_for:
-    port: 22
+    port: "{{ ansible_port }}"
     delay: 2
     state: started
diff --git a/roles/pf/templates/pf.conf.j2 b/roles/pf/templates/pf.conf.j2
index 6bc936a..1b51fe7 100644
--- a/roles/pf/templates/pf.conf.j2
+++ b/roles/pf/templates/pf.conf.j2
@@ -8,7 +8,7 @@ set skip on { lo wg0 }
 block all
 
 # force ssh if not present below
-pass in quick on egress proto tcp to port 22
+pass in quick on egress proto tcp to port {{ ansible_port }}
 
 # host services
 {% for service in __services %}
author	Romain Gonçalves <me@rgoncalves.se>	2021-12-30 15:39:08 +0000
committer	Romain Gonçalves <me@rgoncalves.se>	2021-12-30 15:50:40 +0000
commit	6b106cce38106e7beb9db623a9d98784cb8bbc86 (patch)
tree	a7ec7381526c44dd778ab3a911e55b654c1746eb /roles/pf
parent	d39f2e2ac88b107014c373b380eb76adae0f91ee (diff)
download	rules-6b106cce38106e7beb9db623a9d98784cb8bbc86.tar.gz