fixes iptables-restore error

sapcc · Dec 13, 2017 · f5b1dea · f5b1dea
1 parent 207b043
commit f5b1dea
Showing 1 changed file with 10 additions and 12 deletions.
diff --git a/pkg/templates/node.go b/pkg/templates/node.go
@@ -224,18 +224,16 @@ storage:
     - path: /var/lib/iptables/rules-save
       filesystem: root
       mode: 0644
-      contents:
-        inline: |-
-          *nat
-          :PREROUTING ACCEPT [0:0]
-          :INPUT ACCEPT [0:0]
-          :OUTPUT ACCEPT [0:0]
-          :POSTROUTING ACCEPT [0:0]
-          -A POSTROUTING -p tcp ! -d {{ .ClusterCIDR }} -m addrtype ! --dst-type LOCAL -j MASQUERADE --to-ports 32000-65000
-          -A POSTROUTING -p udp ! -d {{ .ClusterCIDR }} -m addrtype ! --dst-type LOCAL -j MASQUERADE --to-ports 32000-65000
-          -A POSTROUTING -p icmp ! -d {{ .ClusterCIDR }} -m addrtype ! --dst-type LOCAL -j MASQUERADE
-          COMMIT
-
+      contents: |
+        *nat
+        :PREROUTING ACCEPT [0:0]
+        :INPUT ACCEPT [0:0]
+        :OUTPUT ACCEPT [0:0]
+        :POSTROUTING ACCEPT [0:0]
+        -A POSTROUTING -p tcp ! -d {{ .ClusterCIDR }} -m addrtype ! --dst-type LOCAL -j MASQUERADE --to-ports 32000-65000
+        -A POSTROUTING -p udp ! -d {{ .ClusterCIDR }} -m addrtype ! --dst-type LOCAL -j MASQUERADE --to-ports 32000-65000
+        -A POSTROUTING -p icmp ! -d {{ .ClusterCIDR }} -m addrtype ! --dst-type LOCAL -j MASQUERADE
+        COMMIT
     - path: /etc/sysctl.d/10-enable-icmp-redirects
       filesystem: root
       mode: 0644