Role service-fastd-mesh: allow fastd-exporter access from all gateways

This commit is contained in:
Julian Labus 2019-03-29 16:40:17 +01:00
parent f701d77dfd
commit 71d1889a49
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A

View file

@ -13,10 +13,12 @@ server {
allow 127.0.0.0/8; allow 127.0.0.0/8;
allow ::1/128; allow ::1/128;
{% for host in groups['ffmwu-monitoring'] %} {% for group in ['ffmwu-monitoring', 'ffmwu-gateways'] %}
{% for host in groups[group] %}
allow {{ lookup('dig', host, 'qtype=A') }}; allow {{ lookup('dig', host, 'qtype=A') }};
allow {{ lookup('dig', host, 'qtype=AAAA') }}; allow {{ lookup('dig', host, 'qtype=AAAA') }};
deny all;
{% endfor %} {% endfor %}
{% endfor %}
deny all;
} }
} }