WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(k3s): fixed invalid ip6 FW rule

Browse source
This commit is contained in:
NaeiKinDus 2025-02-26 00:00:00 +00:00
parent ab41f3ffc0
commit 5cb62c1ca3
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ansible_collections/nullified/infrastructure/roles/k3s/templates/nftables.d/k3s_servers.nft.j2
View file

@ -3,7 +3,7 @@ table inet filter {
chain input { chain input {
# operators access # operators access
{%+ if k3s_nft_operators4 %}ip saddr { {{ k3s_nft_operators4 | join(', ') }} } tcp dport { 6443 } accept{%- endif +%} {%+ if k3s_nft_operators4 %}ip saddr { {{ k3s_nft_operators4 | join(', ') }} } tcp dport { 6443 } accept{%- endif +%}
{%+ if k3s_nft_operators6 %}ip saddr { {{ k3s_nft_operators6 | join(', ') }} } tcp dport { 6443 } accept{%- endif +%} {%+ if k3s_nft_operators6 %}ip6 saddr { {{ k3s_nft_operators6 | join(', ') }} } tcp dport { 6443 } accept{%- endif +%}
# required only for HA with embedded etcd # required only for HA with embedded etcd
{%+ if k3s_nft_servers4 %}ip saddr { {{ k3s_nft_servers4 | join(',') }} } tcp dport { 2379, 2380 } accept{%- endif +%} {%+ if k3s_nft_servers4 %}ip saddr { {{ k3s_nft_servers4 | join(',') }} } tcp dport { 2379, 2380 } accept{%- endif +%}