diff options
author | Georg Pfuetzenreuter | 2023-02-05 19:19:27 +0100 |
---|---|---|
committer | Georg Pfuetzenreuter | 2023-02-05 19:19:27 +0100 |
commit | e3e4caaabe9795c56468e67c3b9105b2a5f53145 (patch) | |
tree | 2da614fa93887977bcdbcec85868ca1e8875b839 /pillar/role | |
parent | 119e97805df0c1491d47e63609325624f4f08baf (diff) | |
download | salt-e3e4caaabe9795c56468e67c3b9105b2a5f53145.tar.gz salt-e3e4caaabe9795c56468e67c3b9105b2a5f53145.tar.bz2 salt-e3e4caaabe9795c56468e67c3b9105b2a5f53145.zip |
web-proxy: IPv6 listener brackets
Add logic to wrap IPv6 listening addresses in brackets, to prevent nginx
from failing to start.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Diffstat (limited to 'pillar/role')
-rw-r--r-- | pillar/role/web-proxy.sls | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/pillar/role/web-proxy.sls b/pillar/role/web-proxy.sls index 2adc81c..398ecf0 100644 --- a/pillar/role/web-proxy.sls +++ b/pillar/role/web-proxy.sls @@ -1,4 +1,4 @@ -{%- from slspath ~ '/../map.jinja' import listen_ips -%} +{%- from slspath ~ '/../map.jinja' import listen_ips, listen_ips4, listen_ips6 -%} nginx: snippets: @@ -23,9 +23,14 @@ nginx: - fastcgi_param: SCRIPT_FILENAME $document_root$fastcgi_script_name {%- if listen_ips | length %} listen: - {%- for ip in listen_ips %} - - listen: {{ ip }}:443 ssl http2 + {%- for ip4 in listen_ips4 %} + - listen: {{ ip4 }}:443 ssl http2 {%- endfor %} + {%- if listen_ips6 | length %} + {%- for ip6 in listen_ips6 %} + - listen: '[{{ ip6 }}]:443 ssl http2' + {%- endfor %} + {%- endif %} {%- endif %} firewalld: |