salt/pillar/global/map.jinja

{%- from slspath ~ '/macros.jinja' import firewall_interfaces -%}
{%- set firewall_interfaces = firewall_interfaces -%}
{%- set minion = grains['id'] -%}

{#- START Interface mapping logic -#}

{%- set public = [] -%}
{%- set internal = [] -%}
{%- set backend = [] -%}

{%- set internal6s = ('2a01:4f8:11e:2200') -%}
{%- set backend6s = ('fd29:8e45:f292:ff80') -%}
{#- to-do: get rid of illegal backend4s -#}
{%- set backend4s = ('172.168.100') -%}
{%- set excluded_interfaces = ('lo') -%}
{%- set interfaces = salt.saltutil.runner('mine.get', tgt=minion, fun='network.interfaces', tgt_type='glob') -%}

{%- if minion in interfaces -%}{%- for interface, ifconfig in interfaces[minion].items() -%}
{%- if not interface.startswith(excluded_interfaces) -%}

{%- for inetconf in ifconfig['inet'] -%}
{%- set ip4 = inetconf['address'] -%}

{%- if salt['network.is_private'](ip4) -%}

{%- if not interface in internal -%}
{%- do internal.append(interface) -%}
{%- endif -%}

{%- elif ip4.startswith(backend4s) -%}

{%- if not interface in backend -%}
{%- do backend.append(interface) -%}
{%- endif -%}

{%- else -%}

{%- if not interface in public -%}
{%- do public.append(interface) -%}
{%- endif -%}

{%- endif %}

{%- endfor %}

{%- if 'inet6' in interface -%}
{%- for inet6conf in ifconfig['inet6'] -%}
{%- set ip6 = inet6conf['address'] -%}

{%- if ip6.startswith(internal6s) -%}

{%- if not interface in internal -%}
{%- do internal.append(interface) -%}
{%- endif -%}

{%- elif ip6.startswith(backend6s) -%}

{%- if not interface in backend -%}
{%- do backend.append(interface) -%}
{%- endif -%}

{%- endif -%}

{%- endfor -%}
{%- endif -%}

{%- endif -%}
{%- endfor -%}{%- endif -%}

{#- END Interface mapping logic -#}