LibertaCasa/salt
LibertaCasa/salt
9
1
Fork 0
Code Issues 5 Pull Requests Releases Activity
096bb24769
salt/pillar/global/map.jinja
Georg Pfuetzenreuter 84c1d63776
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Details
Allow IPv6-only interfaces + fixup 
- interfaces with no IPv4 address would cause a render failure
- repair if-clause needed for interfaces with only IPv4 addresses

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-01-29 17:38:29 +01:00

74 lines
1.7 KiB
Django/Jinja
Raw Blame History

{%- from slspath ~ '/macros.jinja' import firewall_interfaces -%}
{%- set firewall_interfaces = firewall_interfaces -%}
{%- set minion = grains['id'] -%}
{#- START Interface mapping logic -#}
{%- set public = [] -%}
{%- set internal = [] -%}
{%- set backend = [] -%}
{%- set internal6s = ('2a01:4f8:11e:2200') -%}
{%- set backend6s = ('fd29:8e45:f292:ff80') -%}
{#- to-do: get rid of illegal backend4s -#}
{%- set backend4s = ('172.168.100') -%}
{%- set excluded_interfaces = ('lo') -%}
{%- set interfaces = salt.saltutil.runner('mine.get', tgt=minion, fun='network.interfaces', tgt_type='glob') -%}
{%- if minion in interfaces -%}{%- for interface, ifconfig in interfaces[minion].items() -%}
{%- if not interface.startswith(excluded_interfaces) -%}
{%- if 'inet' in ifconfig -%}
{%- for inetconf in ifconfig['inet'] -%}
{%- set ip4 = inetconf['address'] -%}
{%- if salt['network.is_private'](ip4) -%}
{%- if not interface in internal -%}
{%- do internal.append(interface) -%}
{%- endif -%}
{%- elif ip4.startswith(backend4s) -%}
{%- if not interface in backend -%}
{%- do backend.append(interface) -%}
{%- endif -%}
{%- else -%}
{%- if not interface in public -%}
{%- do public.append(interface) -%}
{%- endif -%}
{%- endif %}
{%- endfor %}
{%- endif %}
{%- if 'inet6' in ifconfig -%}
{%- for inet6conf in ifconfig['inet6'] -%}
{%- set ip6 = inet6conf['address'] -%}
{%- if ip6.startswith(internal6s) -%}
{%- if not interface in internal -%}
{%- do internal.append(interface) -%}
{%- endif -%}
{%- elif ip6.startswith(backend6s) -%}
{%- if not interface in backend -%}
{%- do backend.append(interface) -%}
{%- endif -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{%- endif -%}
{%- endfor -%}{%- endif -%}
{#- END Interface mapping logic -#}
Reference in New Issue View Git Blame Copy Permalink