From 59699afb4402b518c9bd2103384affd382761ea2 Mon Sep 17 00:00:00 2001
From: Jon <jonathon.lockwood@networkedweb.com>
Date: Wed, 29 Nov 2023 19:35:01 +0930
Subject: [PATCH] feat(firewall): allow hosts external IP

!12
---
 templates/iptables-kubernetes.rules.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/templates/iptables-kubernetes.rules.j2 b/templates/iptables-kubernetes.rules.j2
index 439d81d..4219535 100644
--- a/templates/iptables-kubernetes.rules.j2
+++ b/templates/iptables-kubernetes.rules.j2
@@ -166,6 +166,12 @@
 
 {%- if Kubernetes_Master | default(false) | bool -%}
 
+  {%- if host_external_ip is defined -%}
+
+    {%- set data.firewall_rules = data.firewall_rules + ['-I kubernetes-api -s ' + host_external_ip + ' -m comment --comment "hosts configured external IP" -j ACCEPT'] -%}
+
+  {%- endif -%}
+
   {%- for api_client in kubernetes_config.cluster.access | default([]) -%}
 
     {%- if api_client is regex('^[a-z]')  and ':' not in api_client -%} {#- Convert DNs name to IP Address -#}