Sebastian Kippe
935eff3b84
Changes the firewall config to allow the control UI to be reached from all connected networks.
41 lines
951 B
Ruby
41 lines
951 B
Ruby
#
|
|
# Cookbook:: kosmos_zerotier
|
|
# Recipe:: zncui
|
|
#
|
|
|
|
package_path = "/opt/ztncui_#{node['ztncui']['version']}_amd64.deb"
|
|
|
|
remote_file package_path do
|
|
source "https://s3-us-west-1.amazonaws.com/key-networks/deb/ztncui/1/x86_64/ztncui_#{node['ztncui']['version']}_amd64.deb"
|
|
checksum node['ztncui']['checksum']
|
|
action :create_if_missing
|
|
end
|
|
|
|
dpkg_package 'ztncui' do
|
|
source package_path
|
|
end
|
|
|
|
service "ztncui" do
|
|
action [:enable, :start]
|
|
end
|
|
|
|
template '/opt/key-networks/ztncui/.env' do
|
|
source 'ztncui.env.erb'
|
|
mode '0644'
|
|
variables http_all_interfaces: node['ztncui']['http_all_interfaces']
|
|
notifies :restart, 'service[ztncui]', :delayed
|
|
end
|
|
|
|
include_recipe 'kosmos-base::firewall'
|
|
|
|
if ip_addresses = node['ztncui']['http_allow_access_from']
|
|
ip_addresses.each_with_index do |ip_address, i|
|
|
firewall_rule "zncui_http_#{i}" do
|
|
port 3000
|
|
protocol :tcp
|
|
command :allow
|
|
source ip_address
|
|
end
|
|
end
|
|
end
|