spinny: Remove iptables rules for tinc - ansible-debops-infrastructure - Unnamed repository; edit this file 'description' to name the repository.

commit 242f239004080ac85fdd741d9e5f2d13499dcfe6
parent 1c772987503fc895527df677c64676c6d4ed62a6
Author: Dionysis Grigoropoulos <dgrig@erethon.com>
Date:   Sat, 28 Apr 2018 20:54:47 +0300

spinny: Remove iptables rules for tinc

Diffstat:
ansible/inventory/host_vars/spinny/ferm.yml  | 22 ++--------------------

1 file changed, 2 insertions(+), 20 deletions(-)
diff --git a/ansible/inventory/host_vars/spinny/ferm.yml b/ansible/inventory/host_vars/spinny/ferm.yml
@@ -2,15 +2,6 @@
 
 ferm__host_rules:
   - type: 'accept'
-    filename: 'tinc'
-    name: 'tinc'
-    table: 'filter'
-    chain: 'INPUT'
-    dport: [ 655 ]
-    protocol: ['tcp', 'udp']
-    domain: 'ip'
-
-  - type: 'accept'
     filename: 'haproxy'
     name: 'haproxy'
     table: 'filter'
@@ -20,16 +11,6 @@ ferm__host_rules:
     domain: 'ip'
 
   - type: 'accept'
-    filename: 'haproxy_internal'
-    name: 'haproxy_internal'
-    table: 'filter'
-    chain: 'INPUT'
-    dport: [ 1936 ]
-    protocol: 'tcp'
-    domain: 'ip'
-    saddr: '192.168.166.0/24'
-
-  - type: 'accept'
     filename: 'openvpn'
     name: 'openvpn'
     table: 'filter'
@@ -61,7 +42,8 @@ ferm__host_rules:
   - type: 'custom'
     filename: 'vmnet_nat'
     rules: "domain ip table nat chain POSTROUTING {
-        outerface br0 {
+        outerface virbr0 {
             MASQUERADE;
         }
     }"
+    comment: 'Perform NAT for VMs'

	ansible-debops-infrastructure Unnamed repository; edit this file 'description' to name the repository.
	git clone git://git.erethon.com/ansible-debops-infrastructure
	Log \| Files \| Refs