Eliminate need for dummy addresses in when running under test

author Tom Hughes <tom@compton.nu>

Sat, 4 Mar 2023 14:44:05 +0000 (14:44 +0000)

committer Tom Hughes <tom@compton.nu>

Sat, 4 Mar 2023 14:44:05 +0000 (14:44 +0000)
author Tom Hughes <tom@compton.nu>
Sat, 4 Mar 2023 14:44:05 +0000 (14:44 +0000)
committer Tom Hughes <tom@compton.nu>
Sat, 4 Mar 2023 14:44:05 +0000 (14:44 +0000)
diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb

index 8101a9b89141757902c86ef4d838722abfb8fd11..a299a67cdd2adec0d37bc98cc7b76b54be0fe46a 100644 (file)
--- a/cookbooks/networking/recipes/default.rb
+++ b/cookbooks/networking/recipes/default.rb
@@ -400,9 +400,6 @@ search(:node, "networking:interfaces").collect do |n|
    end
  end
  
-hosts["inet"] << "127.0.0.1" if hosts["inet"].empty?
-hosts["inet6"] << "::1" if hosts["inet6"].empty?
-
  if node[:networking][:firewall][:engine] == "shorewall"
    package "shorewall"
  
diff --git a/cookbooks/networking/templates/default/nftables.conf.erb b/cookbooks/networking/templates/default/nftables.conf.erb

index 63f45a0c837eb33dd6cc6c07534193950ef5ee0b..65d090db31d3cd6ed2b19b3ded337c516402e745 100644 (file)
--- a/cookbooks/networking/templates/default/nftables.conf.erb
+++ b/cookbooks/networking/templates/default/nftables.conf.erb
@@ -10,12 +10,16 @@ flush ruleset
  table inet filter {
    set ip-osm-addresses {
      type ipv4_addr
+<%- unless Array(@hosts["inet"]).empty? %>
      elements = { <%= Array(@hosts["inet"]).sort.join(", ") %> }
+<%- end %>
    }
  
    set ip6-osm-addresses {
      type ipv6_addr
+<%- unless Array(@hosts["inet"]).empty? %>
      elements = { <%= Array(@hosts["inet6"]).sort.join(", ") %> }
+<%- end %>
    }
  
    set ip-blacklist {
author	Tom Hughes <tom@compton.nu>
	Sat, 4 Mar 2023 14:44:05 +0000 (14:44 +0000)
committer	Tom Hughes <tom@compton.nu>
	Sat, 4 Mar 2023 14:44:05 +0000 (14:44 +0000)
cookbooks/networking/recipes/default.rb		patch \| blob \| history
cookbooks/networking/templates/default/nftables.conf.erb		patch \| blob \| history