From 3ca728406720da6814f4bcb670639315e3170270 Mon Sep 17 00:00:00 2001 From: Egor Tensin Date: Tue, 8 Aug 2023 22:57:19 +0200 Subject: firewall: make SSH port go first in rules --- roles/firewall/templates/rules.v4 | 2 +- roles/firewall/templates/rules.v6 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/firewall/templates/rules.v4 b/roles/firewall/templates/rules.v4 index 7ea1162..38caa43 100644 --- a/roles/firewall/templates/rules.v4 +++ b/roles/firewall/templates/rules.v4 @@ -17,7 +17,7 @@ {% set ssh_port = hostvars[inventory_hostname].ansible_port %} # Open TCP ports: -{% set tcp_ports = firewall_ports_tcp + firewall_ports4_tcp + [ssh_port] %} +{% set tcp_ports = [ssh_port] + firewall_ports_tcp + firewall_ports4_tcp %} {% set tcp_ports = tcp_ports | unique %} {% for port in tcp_ports %} diff --git a/roles/firewall/templates/rules.v6 b/roles/firewall/templates/rules.v6 index 27bf58b..ab1ce6d 100644 --- a/roles/firewall/templates/rules.v6 +++ b/roles/firewall/templates/rules.v6 @@ -17,7 +17,7 @@ {% set ssh_port = hostvars[inventory_hostname].ansible_port %} # Open TCP ports: -{% set tcp_ports = firewall_ports_tcp + firewall_ports6_tcp + [ssh_port] %} +{% set tcp_ports = [ssh_port] + firewall_ports_tcp + firewall_ports6_tcp %} {% set tcp_ports = tcp_ports | unique %} {% for port in tcp_ports %} -- cgit v1.2.3