Add default ACL for common services

2024-02-12 12:09:52 +01:00 · 2024-02-12 12:09:52 +01:00 · 7e86b414b0
parent 1264ba8579
commit 7e86b414b0
2 changed files with 9 additions and 0 deletions
--- a/example/squid.nomad.hcl
+++ b/example/squid.nomad.hcl
@ -194,6 +194,12 @@ _EOT
        mode        = "file"
      }

+      artifact {
+        source      = "https://git.lapiole.org/dani/ansible-roles/raw/branch/master/roles/squid/files/acl/service_various.domains"
+        destination = "local/lists/white/services.list"
+        mode        = "file"
+      }
+
      artifact {
        source      = "https://git.lapiole.org/dani/ansible-roles/raw/branch/master/roles/squid/files/acl/software_various.domains"
        destination = "local/lists/white/various.list"
--- a/variables.yml
+++ b/variables.yml
@ -75,6 +75,9 @@ squid:
    various:
      url: https://git.lapiole.org/dani/ansible-roles/raw/branch/master/roles/squid/files/acl/software_various.domains
      category: white
+    services:
+      url: https://git.lapiole.org/dani/ansible-roles/raw/branch/master/roles/squid/files/acl/service_various.domains
+      category: white
    whitelist:
      content: |
        {{- if keyExists "[[ .consul.kv.root ]]service/[[ .instance ]]/lists/white" }}