summaryrefslogtreecommitdiff
path: root/src/main/resources/io/trygvis/rules
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2021-01-03 22:20:15 +0100
committerTrygve Laugstøl <trygvis@inamo.no>2021-01-03 22:20:15 +0100
commit09ba202f73a519355f86b845b210b5126ea1dacf (patch)
tree73f6901ec956c5985b3f62c4dba86c010860f92c /src/main/resources/io/trygvis/rules
parent1911481101e15463c8aecbdc03a6ce5b63b0d68f (diff)
downloadrules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.tar.gz
rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.tar.bz2
rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.tar.xz
rules-sandbox-09ba202f73a519355f86b845b210b5126ea1dacf.zip
VPN work.
Diffstat (limited to 'src/main/resources/io/trygvis/rules')
-rw-r--r--src/main/resources/io/trygvis/rules/acme/acme.drl22
-rw-r--r--src/main/resources/io/trygvis/rules/acme/vpn.drl50
-rw-r--r--src/main/resources/io/trygvis/rules/dba/dba.drl6
-rw-r--r--src/main/resources/io/trygvis/rules/terraform/terraform.drl22
4 files changed, 83 insertions, 17 deletions
diff --git a/src/main/resources/io/trygvis/rules/acme/acme.drl b/src/main/resources/io/trygvis/rules/acme/acme.drl
index 2439ddb..e2cb9da 100644
--- a/src/main/resources/io/trygvis/rules/acme/acme.drl
+++ b/src/main/resources/io/trygvis/rules/acme/acme.drl
@@ -1,8 +1,13 @@
package io.trygvis.rules.acme;
+import io.trygvis.rules.machine.Machine;
import io.trygvis.rules.dba.Cluster;
import io.trygvis.rules.dba.Container;
+declare AcmeServer
+ machine : Machine
+end
+
rule "Ops"
when
$ops: AcmeOps()
@@ -28,3 +33,20 @@ then
insert(new Container(cluster, "db", "pdb", "postgresql", "13"));
insert(new Container(cluster, "db", "mdb", "mongodb", "3.2"));
end
+
+rule "Create Acme servers"
+when
+ $m : Machine(name.startsWith("acme-"))
+then
+ var s = new AcmeServer();
+ s.machine = $m;
+ insert(s)
+end
+
+rule "Set public domain for ACME servers"
+when
+ $s : AcmeServer()
+then
+ var fqdn = "%s.machine.acme.com".formatted($s.machine.name);
+ $s.machine.fqdn = fqdn;
+end
diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl
new file mode 100644
index 0000000..3f62fbd
--- /dev/null
+++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl
@@ -0,0 +1,50 @@
+package io.trygvis.rules.acme;
+
+import io.trygvis.rules.machine.Machine;
+import io.trygvis.rules.dns.DnsEntry;
+
+dialect "mvel"
+
+declare WgNet
+ name : String
+ domain : String
+end
+
+declare WgHost
+ name : String
+ machine : Machine
+ net : String
+ publicName : String
+ netToNetIp : String
+ networkIp : String
+end
+
+rule "Set name from machine's name"
+ salience 10
+when
+ $h : WgHost(name == null, machine != null)
+then
+ $h.name = $h.machine.name;
+
+ update($h)
+end
+
+rule "WgHost VPN machines"
+when
+ $machine : Machine(name.startsWith("acme-"))
+ $wgNet : WgNet(name == "vs0")
+then
+ var wgHost = new WgHost();
+ wgHost.machine = $machine;
+ wgHost.net = $wgNet.name;
+ insert(wgHost)
+end
+
+rule "Make DNS entries for all VPN hosts"
+when
+ $h : WgHost()
+ $net : WgNet(name == $h.net)
+then
+ var fqdn = "%s.%s".formatted($h.name, $net.domain);
+ insert(DnsEntry.a(fqdn))
+end
diff --git a/src/main/resources/io/trygvis/rules/dba/dba.drl b/src/main/resources/io/trygvis/rules/dba/dba.drl
index 7df1c5d..7beceef 100644
--- a/src/main/resources/io/trygvis/rules/dba/dba.drl
+++ b/src/main/resources/io/trygvis/rules/dba/dba.drl
@@ -1,7 +1 @@
package io.trygvis.rules.dba;
-
-
-rule "Dba"
- when
- then
-end
diff --git a/src/main/resources/io/trygvis/rules/terraform/terraform.drl b/src/main/resources/io/trygvis/rules/terraform/terraform.drl
index 1de3123..40b9f7c 100644
--- a/src/main/resources/io/trygvis/rules/terraform/terraform.drl
+++ b/src/main/resources/io/trygvis/rules/terraform/terraform.drl
@@ -12,30 +12,30 @@ global io.trygvis.rules.engine.TemplateEngine te;
declare ScalewayMachine
machine : Machine
key : String
- fqdn : String
end
rule "Terraform for Machine"
when
$machine: Machine()
then
- var fqdn = "%s.machine.acme.com".formatted($machine.name);
- var a = DnsEntry.a(fqdn);
- var aaaa = DnsEntry.aaaa(fqdn);
+ ScalewayMachine scw = new ScalewayMachine();
- var scw = new ScalewayMachine();
scw.setKey($machine.name);
scw.setMachine($machine);
- scw.setFqdn(fqdn);
-
- var ipv4 = "scaleway_instance_ip.%s.address".formatted($machine.name);
-// var ipv6 = "scaleway_instance_server.%s.public_ipv6.address".formatted($machine.name);
insert(scw);
+end
+
+rule "Create DNS entry for Terraform Machine"
+when
+ $machine : Machine(fqdn != null)
+ not(DnsEntry(fqdn == $machine.fqdn))
+then
+ var a = DnsEntry.a($machine.fqdn);
insert(a);
- insert(aaaa);
+
+ var ipv4 = "scaleway_instance_ip.%s.address".formatted($machine.name);
insert(new DnsEntryTerraformExpression(a, $machine.name, ipv4));
-// insert(new DnsEntryValue(aaaa, ipv6));
end
rule "TF for TerraformMachine"