diff options
Diffstat (limited to 'pillar/global')
-rw-r--r-- | pillar/global/init.sls | 2 | ||||
-rw-r--r-- | pillar/global/macros.jinja | 26 | ||||
-rw-r--r-- | pillar/global/map.jinja | 73 | ||||
-rw-r--r-- | pillar/global/ssh.sls | 2 |
4 files changed, 2 insertions, 101 deletions
diff --git a/pillar/global/init.sls b/pillar/global/init.sls index 16ab652..5b174bf 100644 --- a/pillar/global/init.sls +++ b/pillar/global/init.sls @@ -1,4 +1,4 @@ -{%- from slspath ~ '/map.jinja' import firewall_interfaces, public, internal, backend %} +{%- from slspath ~ '/../map.jinja' import firewall_interfaces, public, internal, backend %} include: - role.salt.common diff --git a/pillar/global/macros.jinja b/pillar/global/macros.jinja deleted file mode 100644 index 1d3eade..0000000 --- a/pillar/global/macros.jinja +++ /dev/null @@ -1,26 +0,0 @@ -{%- macro listeners() -%} -{%- set listen_ips = [] -%} -{%- set minion = grains['id'] -%} -{%- set legal6s = ('fd29', '2a01:4f8:11e:2200') -%} -{%- set ip4s = salt.saltutil.runner('mine.get', tgt=minion, fun='network.ip_addrs', tgt_type='glob') -%} -{%- set ip6s = salt.saltutil.runner('mine.get', tgt=minion, fun='network.ip_addrs6', tgt_type='glob') -%} -{%- if minion in ip4s -%}{%- for ip in ip4s[minion] -%} -{%- if salt['network.is_private'](ip) -%} -{%- do listen_ips.append(ip) -%} -{%- endif -%} -{%- endfor -%}{%- endif -%} -{%- if minion in ip6s -%}{%- for ip in ip6s[minion] -%} -{%- if ip.startswith(legal6s) -%} -{%- do listen_ips.append(ip) -%} -{%- endif -%} -{%- endfor -%}{%- endif -%} -{%- for ip in listen_ips %} -- {{ ip }} -{%- endfor %} -{%- endmacro -%} - -{%- macro firewall_interfaces(interfaces) -%} -{%- if interfaces | length -%} -interfaces: {{ interfaces }} -{%- endif -%} -{%- endmacro -%} diff --git a/pillar/global/map.jinja b/pillar/global/map.jinja deleted file mode 100644 index c0fff69..0000000 --- a/pillar/global/map.jinja +++ /dev/null @@ -1,73 +0,0 @@ -{%- from slspath ~ '/macros.jinja' import firewall_interfaces -%} -{%- set firewall_interfaces = firewall_interfaces -%} -{%- set minion = grains['id'] -%} - -{#- START Interface mapping logic -#} - -{%- set public = [] -%} -{%- set internal = [] -%} -{%- set backend = [] -%} - -{%- set internal6s = ('2a01:4f8:11e:2200') -%} -{%- set backend6s = ('fd29:8e45:f292:ff80') -%} -{#- to-do: get rid of illegal backend4s -#} -{%- set backend4s = ('172.168.100') -%} -{%- set excluded_interfaces = ('lo') -%} -{%- set interfaces = salt.saltutil.runner('mine.get', tgt=minion, fun='network.interfaces', tgt_type='glob') -%} - -{%- if minion in interfaces -%}{%- for interface, ifconfig in interfaces[minion].items() -%} -{%- if not interface.startswith(excluded_interfaces) -%} - -{%- if 'inet' in ifconfig -%} -{%- for inetconf in ifconfig['inet'] -%} -{%- set ip4 = inetconf['address'] -%} - -{%- if salt['network.is_private'](ip4) -%} - -{%- if not interface in internal -%} -{%- do internal.append(interface) -%} -{%- endif -%} - -{%- elif ip4.startswith(backend4s) -%} - -{%- if not interface in backend -%} -{%- do backend.append(interface) -%} -{%- endif -%} - -{%- else -%} - -{%- if not interface in public -%} -{%- do public.append(interface) -%} -{%- endif -%} - -{%- endif %} - -{%- endfor %} -{%- endif %} - -{%- if 'inet6' in ifconfig -%} -{%- for inet6conf in ifconfig['inet6'] -%} -{%- set ip6 = inet6conf['address'] -%} - -{%- if ip6.startswith(internal6s) -%} - -{%- if not interface in internal -%} -{%- do internal.append(interface) -%} -{%- endif -%} - -{%- elif ip6.startswith(backend6s) -%} - -{%- if not interface in backend -%} -{%- do backend.append(interface) -%} -{%- endif -%} - -{%- endif -%} - -{%- endfor -%} -{%- endif -%} - -{%- endif -%} -{%- endfor -%}{%- endif -%} - -{#- END Interface mapping logic -#} - diff --git a/pillar/global/ssh.sls b/pillar/global/ssh.sls index 8c18a86..57ef933 100644 --- a/pillar/global/ssh.sls +++ b/pillar/global/ssh.sls @@ -1,4 +1,4 @@ -{%- from slspath ~ '/../global/macros.jinja' import listeners -%} +{%- from slspath ~ '/../map.jinja' import listeners -%} {#- {%- from '/tmp/salt-libertacasa/pillar/global/macros.jinja' import listeners with context -%} #} |