Skip to content

Commit 2151f62

Browse files
authored
Merge pull request #719 from nickjones33/ipallowlist
Traefik IPWhiteList deprecated - Use IPAllowList Instead
2 parents 06d7508 + 3d3bd76 commit 2151f62

File tree

4 files changed

+17
-7
lines changed

4 files changed

+17
-7
lines changed

roles/bitwarden/defaults/main.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ bitwarden_data_directory: "{{ docker_home }}/bitwarden"
55
bitwarden_port_a: "19080"
66
bitwarden_port_b: "3012"
77
bitwarden_hostname: "bitwarden"
8-
bitwarden_ip_whitelist: "0.0.0.0/0"
8+
bitwarden_ip_allowlist: "0.0.0.0/0"
99

1010
# Keep this token secret, this is password to access admin area of your server!
1111
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,

roles/bitwarden/tasks/main.yml

+8-3
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
---
22
- name: Start Bitwarden
33
block:
4+
- name: Check for Deprecated IP Whitelist setting
5+
ansible.builtin.fail:
6+
msg: "Use bitwarden_ip_allowlist instead of bitwarden_ip_whitelist! Read https://traefik.io/blog/announcing-traefik-proxy-v2-11/ for more information."
7+
when: bitwarden_ip_whitelist is defined
8+
49
- name: Create Bitwarden Directories
510
ansible.builtin.file:
611
path: "{{ item }}"
@@ -31,16 +36,16 @@
3136
traefik.http.routers.bitwarden.tls.domains[0].main: "{{ ansible_nas_domain }}"
3237
traefik.http.routers.bitwarden.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
3338
traefik.http.routers.bitwarden.service: "bitwarden"
34-
traefik.http.routers.bitwarden.middlewares: "bitwarden-ipwhitelist@docker"
39+
traefik.http.routers.bitwarden.middlewares: "bitwarden-ipallowlist@docker"
3540
traefik.http.services.bitwarden.loadbalancer.server.port: "80"
3641
traefik.http.routers.bitwarden-ws.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`) && Path(`/notifications/hub`)"
3742
traefik.http.routers.bitwarden-ws.tls.certresolver: "letsencrypt"
3843
traefik.http.routers.bitwarden-ws.tls.domains[0].main: "{{ ansible_nas_domain }}"
3944
traefik.http.routers.bitwarden-ws.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
4045
traefik.http.routers.bitwarden-ws.service: "bitwarden-ws"
41-
traefik.http.routers.bitwarden-ws.middlewares: "bitwarden-ipwhitelist@docker"
46+
traefik.http.routers.bitwarden-ws.middlewares: "bitwarden-ipallowlist@docker"
4247
traefik.http.services.bitwarden-ws.loadbalancer.server.port: "3012"
43-
traefik.http.middlewares.bitwarden-ipwhitelist.ipwhitelist.sourcerange: "{{ bitwarden_ip_whitelist }}"
48+
traefik.http.middlewares.bitwarden-ipallowlist.ipallowlist.sourcerange: "{{ bitwarden_ip_allowlist }}"
4449
memory: "{{ bitwarden_memory }}"
4550
restart_policy: unless-stopped
4651

roles/portainer/defaults/main.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ portainer_data_directory: "{{ docker_home }}/portainer/config"
88
# network
99
portainer_port: "9000"
1010
portainer_hostname: "portainer"
11-
portainer_ip_whitelist: "0.0.0.0/0"
11+
portainer_ip_allowlist: "0.0.0.0/0"
1212

1313
# docker
1414
portainer_container_name: "portainer"

roles/portainer/tasks/main.yml

+7-2
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
---
22
- name: Start Portainer
33
block:
4+
- name: Check for Deprecated IP Whitelist setting
5+
ansible.builtin.fail:
6+
msg: "Use portainer_ip_allowlist instead of portainer_ip_whitelist! Read https://traefik.io/blog/announcing-traefik-proxy-v2-11/ for more information."
7+
when: portainer_ip_whitelist is defined
8+
49
- name: Create Portainer Directories
510
ansible.builtin.file:
611
path: "{{ item }}"
@@ -28,8 +33,8 @@
2833
traefik.http.routers.portainer.tls.domains[0].main: "{{ ansible_nas_domain }}"
2934
traefik.http.routers.portainer.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
3035
traefik.http.services.portainer.loadbalancer.server.port: "9443"
31-
traefik.http.routers.portainer.middlewares: "portainer-ipwhitelist@docker"
32-
traefik.http.middlewares.portainer-ipwhitelist.ipwhitelist.sourcerange: "{{ portainer_ip_whitelist }}"
36+
traefik.http.routers.portainer.middlewares: "portainer-ipallowlist@docker"
37+
traefik.http.middlewares.portainer-ipallowlist.ipallowlist.sourcerange: "{{ portainer_ip_allowlist }}"
3338
when: portainer_enabled is true
3439

3540
- name: Stop Portainer

0 commit comments

Comments
 (0)