dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity

gw1/squid: Allow proxy access from kube network 

Since we use the proxy when PXE booting to speed up Live OS image and
RPM package downloads, we need to allow machines using it to access the
kickstart files which are now hosted on the PXE server.  Virtual
machines on the Kubernetes network (_pyrocufflink.black_ also need
access to those kickstarts, so we need to mark that subnet as trusted.
unifi-restore
Dustin 2025-07-12 16:12:59 -05:00
parent fefa85c83b
commit 6359a140ac
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
host_vars/gw1.pyrocufflink.blue/squid.yml
View File

@ -12,6 +12,7 @@ squid_acl:
- 'src fe80::/10 # RFC 4291 link-local (directly plugged) machines' - 'src fe80::/10 # RFC 4291 link-local (directly plugged) machines'
trusted: trusted:
- src 172.30.0.0/26 - src 172.30.0.0/26
- src 172.30.0.160/27
- src 172.30.0.211/32 - src 172.30.0.211/32
- src 172.30.0.214/32 - src 172.30.0.214/32
- src 172.31.1.0/24 - src 172.31.1.0/24