diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2021-01-03 22:20:15 +0100 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2021-01-03 22:20:15 +0100 |
| commit | 09ba202f73a519355f86b845b210b5126ea1dacf (patch) | |
| tree | 73f6901ec956c5985b3f62c4dba86c010860f92c /src/main/resources/io/trygvis/rules/acme | |
| parent | 1911481101e15463c8aecbdc03a6ce5b63b0d68f (diff) | |
| download | rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.tar.gz rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.tar.bz2 rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.tar.xz rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.zip | |
VPN work.
Diffstat (limited to 'src/main/resources/io/trygvis/rules/acme')
| -rw-r--r-- | src/main/resources/io/trygvis/rules/acme/acme.drl | 22 | ||||
| -rw-r--r-- | src/main/resources/io/trygvis/rules/acme/vpn.drl | 50 |
2 files changed, 72 insertions, 0 deletions
diff --git a/src/main/resources/io/trygvis/rules/acme/acme.drl b/src/main/resources/io/trygvis/rules/acme/acme.drl index 2439ddb..e2cb9da 100644 --- a/src/main/resources/io/trygvis/rules/acme/acme.drl +++ b/src/main/resources/io/trygvis/rules/acme/acme.drl @@ -1,8 +1,13 @@ package io.trygvis.rules.acme; +import io.trygvis.rules.machine.Machine; import io.trygvis.rules.dba.Cluster; import io.trygvis.rules.dba.Container; +declare AcmeServer + machine : Machine +end + rule "Ops" when $ops: AcmeOps() @@ -28,3 +33,20 @@ then insert(new Container(cluster, "db", "pdb", "postgresql", "13")); insert(new Container(cluster, "db", "mdb", "mongodb", "3.2")); end + +rule "Create Acme servers" +when + $m : Machine(name.startsWith("acme-")) +then + var s = new AcmeServer(); + s.machine = $m; + insert(s) +end + +rule "Set public domain for ACME servers" +when + $s : AcmeServer() +then + var fqdn = "%s.machine.acme.com".formatted($s.machine.name); + $s.machine.fqdn = fqdn; +end diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl new file mode 100644 index 0000000..3f62fbd --- /dev/null +++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl @@ -0,0 +1,50 @@ +package io.trygvis.rules.acme; + +import io.trygvis.rules.machine.Machine; +import io.trygvis.rules.dns.DnsEntry; + +dialect "mvel" + +declare WgNet + name : String + domain : String +end + +declare WgHost + name : String + machine : Machine + net : String + publicName : String + netToNetIp : String + networkIp : String +end + +rule "Set name from machine's name" + salience 10 +when + $h : WgHost(name == null, machine != null) +then + $h.name = $h.machine.name; + + update($h) +end + +rule "WgHost VPN machines" +when + $machine : Machine(name.startsWith("acme-")) + $wgNet : WgNet(name == "vs0") +then + var wgHost = new WgHost(); + wgHost.machine = $machine; + wgHost.net = $wgNet.name; + insert(wgHost) +end + +rule "Make DNS entries for all VPN hosts" +when + $h : WgHost() + $net : WgNet(name == $h.net) +then + var fqdn = "%s.%s".formatted($h.name, $net.domain); + insert(DnsEntry.a(fqdn)) +end |