diff --git a/templates/iptables.conf.j2 b/templates/iptables.conf.j2
index 086270fd8c34a37b3ee0becf9cbcdc52d071648d..2e2a1b637cf65d88391bd6f76cc8e711c4b78735 100644
--- a/templates/iptables.conf.j2
+++ b/templates/iptables.conf.j2
@@ -3,14 +3,14 @@
 :INPUT DROP [0:0]
 :FORWARD DROP [0:0]
 :OUTPUT DROP [0:0]
-{% if 'docker_elk' in groups and inventory_hostname in groups.docker_elk %}
+{% if inventory_hostname in groups.docker_elk | default([]) %}
 :DOCKER-USER - [0:0]
 {% endif %}
 :LOGGING - [0:0]
-{% if 'docker_elk' in groups and inventory_hostname in groups.docker_elk %}
+{% if inventory_hostname in groups.docker_elk | default([]) %}
 ## DOCKER-USER chain
 # Autoriser les logs entrants des serveurs en maintenance
-{% for host in groups.full_maintenance %}
+{% for host in groups.full_maintenance | default([]) %}
 -A DOCKER-USER -s {{ hostvars[host].ansible_host }} -p tcp -m tcp --dport {{ logstash_port }} -m state --state NEW,ESTABLISHED -j ACCEPT
 {% endfor %}
 -A DOCKER-USER -p tcp -m tcp --dport {{ logstash_port }} -j LOGGING
@@ -22,29 +22,29 @@
 -A INPUT -i lo -j ACCEPT
 # ICMP (Ping)
 -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
-{% if inventory_hostname in groups.docker_nagios %}
+{% if inventory_hostname in groups.docker_nagios | default([]) %}
 -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
 {% endif %}
 # SSH
 -A INPUT -p tcp -m tcp --dport {{ default_sshd_port }} -j ACCEPT
-{% if inventory_hostname in groups.gitlab %}
+{% if inventory_hostname in groups.gitlab | default([]) %}
 -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
 # REGISTRY
 -A INPUT -p tcp -m tcp --dport 5050 -j ACCEPT
 {% endif %}
 # WEB
-{% if inventory_hostname in groups.odoo_server | union(groups.owncloud_server) | union(groups.gitlab) %}
+{% if inventory_hostname in groups.odoo_server | default([]) | union(groups.owncloud_server | default([])) | union(groups.gitlab | default([])) %}
 -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
 -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
 {% endif %}
-{% if 'docker_gitlab' in groups and inventory_hostname in groups.docker_nagios %}
+{% if inventory_hostname in groups.docker_nagios | default([]) %}
 -A INPUT -s 192.168.239.0/24 -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
 {% endif %}
 # NRPE
-{% for host in groups.docker_nagios %}
+{% for host in groups.docker_nagios | default([]) %}
 -A INPUT -s {{ hostvars[host].ansible_host }} -p tcp -m tcp --dport 5666 -m state --state NEW,ESTABLISHED -j ACCEPT
 {% endfor %}
-{% if inventory_hostname in groups.docker_nagios %}
+{% if inventory_hostname in groups.docker_nagios | default([]) %}
 -A INPUT -s 192.168.239.0/24 -p tcp -m tcp --dport 5666 -m state --state NEW,ESTABLISHED -j ACCEPT
 {% endif %}
 {% if inventory_hostname == "CGScop" %}
@@ -61,7 +61,7 @@
 -A OUTPUT -o lo -j ACCEPT
 # ICMP (Ping)
 -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
-{% if inventory_hostname in groups.docker_nagios %}
+{% if inventory_hostname in groups.docker_nagios | default([]) %}
 -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
 {% endif %}
 {% if inventory_hostname == "ICCFinance_Pilotage" %}
@@ -72,14 +72,14 @@
 -A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT
 {% endif %}
 -A OUTPUT -p tcp -m tcp --dport {{ default_sshd_port }} -j ACCEPT
-{% for host in groups.gitlab | union(groups.docker_gitlab | default([])) %}
+{% for host in groups.gitlab | default([]) | union(groups.docker_gitlab | default([])) %}
 -A OUTPUT -d {{ hostvars[host].ansible_host }} -p tcp -m tcp --dport 22 -j ACCEPT
 -A OUTPUT -d {{ hostvars[host].ansible_host }} -p tcp -m tcp --dport 5050 -j ACCEPT
 {% endfor %}
 # WEB
 -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
 -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
-{% if inventory_hostname in groups.gitlab %}
+{% if inventory_hostname in groups.gitlab | default([]) %}
 # Plesk WebHooks
 -A OUTPUT -p tcp -m tcp --dport 8443 -j ACCEPT
 {% endif %}
@@ -98,14 +98,14 @@
 -A OUTPUT -p udp -m udp --dport 67 -j ACCEPT
 # GPG
 -A OUTPUT -p udp -m udp --dport 11371 -j ACCEPT
-{% if inventory_hostname in groups.full_maintenance %}
+{% if inventory_hostname in groups.full_maintenance | default([]) %}
 # Log Server
 {% for host in groups.docker_elk | default([]) %}
 -A OUTPUT -d {{ hostvars[host].ansible_host }} -p tcp -m tcp --dport {{ logstash_port }} -j ACCEPT
 {% endfor %}
 -A OUTPUT -d {{ logstash_public_ip }} -p tcp -m tcp --dport {{ logstash_port }} -j ACCEPT
 {% endif %}
-{% if inventory_hostname in groups.odoo_server %}
+{% if inventory_hostname in groups.odoo_server | default([]) %}
 # IMAP
 -A OUTPUT -p tcp -m tcp --dport 993 -j ACCEPT
 {% endif %}