From 88ce30115fd04c6b6d273a79a625d67cf348f855 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sun, 30 Jun 2019 13:52:11 +0200
Subject: [PATCH] fix nginx iptables

---
 tasks/nginx.yml | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/tasks/nginx.yml b/tasks/nginx.yml
index 656e2b4..4e2714c 100644
--- a/tasks/nginx.yml
+++ b/tasks/nginx.yml
@@ -40,11 +40,8 @@
     - name: Open ports in iptables
       iptables_raw:
         name: allow_matrix_nginx_proxy
-        state: present
+        state: "{{ 'present' if matrix_nginx_iptables_enabled else 'absent' }}"
         rules: '-A OUTPUT -m state --state NEW -p tcp -d {{ matrix_nginx_proxy_ip }} --dport {{ matrix_nginx_proxy_port }} -j ACCEPT'
-      when:
-        - matrix_nginx_iptables_enabled | bool
-        - (not matrix_nginx_server == inventory_hostname or not matrix_nginx_server == "localhost")
   delegate_to: "{{ matrix_nginx_server }}"
   become: True
   become_user: root