From 509e70d1ffbfaaba34339e56f082b06430f448d9 Mon Sep 17 00:00:00 2001
From: AkDk7 <joerg@pannbacker.email>
Date: Thu, 13 Feb 2025 17:12:45 +0100
Subject: [PATCH] Changed position of variable and naming for better
 expandebility of traefik options

---
 roles/custom/matrix-synapse-admin/defaults/main.yml   | 10 +++++-----
 roles/custom/matrix-synapse-admin/templates/labels.j2 |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml
index 44c661a7e..73afbd7fa 100644
--- a/roles/custom/matrix-synapse-admin/defaults/main.yml
+++ b/roles/custom/matrix-synapse-admin/defaults/main.yml
@@ -49,6 +49,11 @@ matrix_synapse_admin_container_labels_traefik_priority: 0
 matrix_synapse_admin_container_labels_traefik_entrypoints: web-secure
 matrix_synapse_admin_container_labels_traefik_tls: "{{ matrix_synapse_admin_container_labels_traefik_entrypoints != 'web' }}"
 matrix_synapse_admin_container_labels_traefik_tls_certResolver: default  # noqa var-naming
+# This setting is to define a list ip addresses to allow access to synapse-admin.
+# Each IP address should be in CIDR format, e.g. xxx.xxx.xxx.xxx/xx.
+# For more information, see: https://doc.traefik.io/traefik/middlewares/http/ipallowlist/
+# If the list is empty, all IP addresses are allowed.
+matrix_synapse_admin_container_labels_traefik_ipallowlist_sourcerange: []  # noqa var-naming
 
 # Controls which additional headers to attach to all HTTP responses.
 # To add your own headers, use `matrix_synapse_admin_container_labels_traefik_additional_response_headers_custom`
@@ -216,8 +221,3 @@ matrix_synapse_admin_config_asManagedUsers_custom: []  # noqa var-naming
 # WARNING: you want to use matrix_synapse_admin_config_asManagedUsers_custom instead of this variable.
 matrix_synapse_admin_config_asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers_auto + matrix_synapse_admin_config_asManagedUsers_custom }}"  # noqa var-naming
 
-# This setting is to define a list ip addresses to allow access to synapse-admin.
-# Each IP address should be in CIDR format, e.g. xxx.xxx.xxx.xxx/xx.
-# For more information, see: https://doc.traefik.io/traefik/middlewares/http/ipallowlist/
-# If the list is empty, all IP addresses are allowed.
-matrix_synapse_admin_container_labels_traefik_ipallowlist: []
diff --git a/roles/custom/matrix-synapse-admin/templates/labels.j2 b/roles/custom/matrix-synapse-admin/templates/labels.j2
index 1c665cfc8..eeb29756e 100644
--- a/roles/custom/matrix-synapse-admin/templates/labels.j2
+++ b/roles/custom/matrix-synapse-admin/templates/labels.j2
@@ -9,8 +9,8 @@ traefik.http.services.matrix-synapse-admin.loadbalancer.server.port=80
 
 {% set middlewares = [] %}
 
-{% if matrix_synapse_admin_container_labels_traefik_ipallowlist is defined and matrix_synapse_admin_container_labels_traefik_ipallowlist | length > 0 %}
-traefik.http.middlewares.matrix-synapse-admin-ipallowlist.ipallowlist.sourcerange={{ matrix_synapse_admin_container_labels_traefik_ipallowlist | join(',') }}
+{% if matrix_synapse_admin_container_labels_traefik_ipallowlist_sourcerange | length > 0 %}
+traefik.http.middlewares.matrix-synapse-admin-ipallowlist.ipallowlist.sourcerange={{ matrix_synapse_admin_container_labels_traefik_ipallowlist_sourcerange | join(',') }}
 {% set middlewares = middlewares + ['matrix-synapse-admin-ipallowlist'] %}
 {% endif %}