Skip to content

S
servers-config
Commit d49f9cc1 authored by Pietro Albini's avatar Pietro Albini
Browse files
Options

lxd-container: expose ports on ipv4

parent a9be0e38
Hide whitespace changes
Inline Side-by-side
Showing with 21 additions and 0 deletions
playbooks/roadhouse.yml
View file @ d49f9cc1
...@@ -34,6 +34,9 @@ ...@@ -34,6 +34,9 @@
ip: 10.0.0.2 ip: 10.0.0.2
image: debian/jessie/amd64 image: debian/jessie/amd64
expose_ports:
- 2222
- role: lxd-container - role: lxd-container
name: bromuro name: bromuro
......
roles/lxd-container/tasks/networking.yml
View file @ d49f9cc1
...@@ -11,3 +11,14 @@ ...@@ -11,3 +11,14 @@
notify: notify:
- lxd.restart-bridge - lxd.restart-bridge
- "lxd-container.restart-{{ name }}" - "lxd-container.restart-{{ name }}"
- name: "Expose {{ name }} ports"
template:
src: firewall.sh.j2
dest: "/usr/local/share/firewall.d/lxd-container-{{ name }}.sh"
mode: 0700
when: expose_ports
notify:
- common.reload-firewall
roles/lxd-container/templates/firewall.sh.j2 0 → 100644
View file @ d49f9cc1
#!/bin/bash
{% for port in expose_ports %}
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport {{ port }} -j DNAT --to-destination {{ ip }}:{{ port }}
{% endfor %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment