{%- macro listeners() -%}
{%- set listen_ips = [] -%}
{%- set minion = grains['id'] -%}
{%- set legal6s = ('fd29', '2a01:4f8:11e:2200') -%}
{%- set ip4s = salt.saltutil.runner('mine.get', tgt=minion, fun='network.ip_addrs', tgt_type='glob') -%}
{%- set ip6s = salt.saltutil.runner('mine.get', tgt=minion, fun='network.ip_addrs6', tgt_type='glob') -%}
{%- if minion in ip4s -%}{%- for ip in ip4s[minion] -%}
{%- if salt['network.is_private'](ip) -%}
{%- do listen_ips.append(ip) -%}
{%- endif -%}
{%- endfor -%}{%- endif -%}
{%- if minion in ip6s -%}{%- for ip in ip6s[minion] -%}
{%- if ip.startswith(legal6s) -%}
{%- do listen_ips.append(ip) -%}
{%- endif -%}
{%- endfor -%}{%- endif -%}
{%- for ip in listen_ips %}
- {{ ip }}
{%- endfor %}
{%- endmacro -%}

{%- macro firewall_interfaces(interfaces) -%}
{%- if interfaces | length -%}
interfaces: {{ interfaces }}
{%- endif -%}
{%- endmacro -%}

{%- macro nginx_crtkeypair(name, ssldir) -%}
tls_{{ name }}:
  - ssl_certificate: {{ sslbase }}/{{ ssldir }}/crt
  - ssl_certificate_key: {{ sslbase }}/{{ ssldir }}/key
{%- endmacro -%}