kosmos/chef
8
3
Fork 0
Code Issues 34 Pull Requests 3 Projects 2 Activity

Deploy zerotier-3 on DO

Browse Source 
Changes the firewall config to allow the control UI to be reached from
all connected networks.
This commit is contained in:
Basti
2022-02-10 15:34:28 -06:00
parent a1f723d52e
commit 935eff3b84
4 changed files with 80 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
site-cookbooks/kosmos_zerotier/attributes/default.rb
View File

@@ -3,4 +3,4 @@ node.default['kosmos_zerotier']['server_port'] = 9993
node.default['ztncui']['version'] = '0.6.6'
node.default['ztncui']['checksum'] = 'fa83679266a571c10e13b11293ebfb9d1c3515019f2af1e7dd066b5a37411018'
node.default['ztncui']['http_all_interfaces'] = true
node.default['ztncui']['http_allow_access_from'] = '10.1.1.0/24'
node.default['ztncui']['http_allow_access_from'] = ['10.1.1.0/24','10.2.2.0/24']

14
site-cookbooks/kosmos_zerotier/recipes/zncui.rb
View File

@@ -28,11 +28,13 @@ end
include_recipe 'kosmos-base::firewall'
if node['ztncui']['http_allow_access_from']
firewall_rule 'zncui_http' do
port 3000
protocol :tcp
command :allow
source node['ztncui']['http_allow_access_from']
if ip_addresses = node['ztncui']['http_allow_access_from']
ip_addresses.each_with_index do |ip_address, i|
firewall_rule "zncui_http_#{i}" do
port 3000
protocol :tcp
command :allow
source ip_address
end
end
end