It seems I got it fixed by adding another template named customip.template.yml and adding it to app.yml.
I organized the content of the template like the following
run:
- file:
path: /tmp/add-custom-ips
chmod: +x
contents: |
#!/bin/bash -e
# Add list of custom ips
echo "1.2.3.4" > /tmp/custom-ips
# Make into nginx commands and escape for inclusion into sed append command
CONTENTS=$(</tmp/custom-ips sed 's/^/set_real_ip_from /' | sed 's/$/;/' | tr '\n' '\\' | sed 's/\\/\\n/g')
echo custom IPs:
echo $(echo | sed "/^/a $CONTENTS")
# Insert into discourse.conf
sed -i "/sendfile on;/a $CONTENTS\nreal_ip_header X-Forwarded-For;\nreal_ip_recursive on;" /etc/nginx/conf.d/discourse.conf
# Clean up
rm /tmp/custom-ips
- exec: "/tmp/add-custom-ips"
- exec: "rm /tmp/add-custom-ips"
I don’t know to what extent my solution is correct and well organized. but it seems it just worked for me.