summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--out/vpn0.yaml16
-rw-r--r--src/main/java/io/trygvis/rules/acme/AcmeIo.java5
-rw-r--r--src/main/resources/io/trygvis/rules/acme/vpn.drl23
3 files changed, 32 insertions, 12 deletions
diff --git a/out/vpn0.yaml b/out/vpn0.yaml
index 038ebd6..c4a798f 100644
--- a/out/vpn0.yaml
+++ b/out/vpn0.yaml
@@ -46,42 +46,42 @@ data:
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "ws-1.vpn.acme.com"
+ fqdn: "acme-1.machine.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "acme-2.machine.acme.com"
+ fqdn: "acme-1.vpn.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "ws-2.vpn.acme.com"
+ fqdn: "acme-2.machine.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "acme-3.machine.acme.com"
+ fqdn: "acme-2.vpn.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "acme-1.vpn.acme.com"
+ fqdn: "acme-3.machine.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "acme-2.vpn.acme.com"
+ fqdn: "acme-3.vpn.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "acme-1.machine.acme.com"
+ fqdn: "ws-1.vpn.acme.com"
type: "A"
---
type: "io.trygvis.rules.dns.DnsEntry"
data:
- fqdn: "acme-3.vpn.acme.com"
+ fqdn: "ws-2.vpn.acme.com"
type: "A"
---
type: "io.trygvis.rules.machine.Machine"
diff --git a/src/main/java/io/trygvis/rules/acme/AcmeIo.java b/src/main/java/io/trygvis/rules/acme/AcmeIo.java
index 0bd0f1e..498a4a6 100644
--- a/src/main/java/io/trygvis/rules/acme/AcmeIo.java
+++ b/src/main/java/io/trygvis/rules/acme/AcmeIo.java
@@ -57,6 +57,7 @@ public class AcmeIo {
dump(s, factHandles, (o) -> true);
}
+ // This should just sort by all getters instead.
static class FactCollection<T> {
public final Class<T> type;
public final List<T> values;
@@ -74,6 +75,10 @@ public class AcmeIo {
}
if (comparator == null) {
+ comparator = comparable(type, "fqdn");
+ }
+
+ if (comparator == null) {
comparator = Comparator.comparingInt(System::identityHashCode);
}
diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl
index cfdbef9..082ecc0 100644
--- a/src/main/resources/io/trygvis/rules/acme/vpn.drl
+++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl
@@ -1,8 +1,10 @@
package io.trygvis.rules.acme;
+import java.util.ArrayList
import io.trygvis.rules.machine.Machine;
import io.trygvis.rules.dns.DnsEntry;
-import io.trygvis.rules.acme.AcmeServer;
+import io.trygvis.rules.acme.AcmeServer
+import io.trygvis.rules.acme.WgHost;
dialect "mvel"
@@ -13,7 +15,6 @@ end
declare WgHost
name : String
-// machine : Machine
net : String
publicName : String
netToNetIp : String
@@ -38,8 +39,9 @@ when
$host : WgHost(publicName == null)
$m : Machine(name == $host.name, fqdn != null)
then
- $host.publicName = $m.fqdn;
- update($host)
+ modify($host) {
+ publicName = $m.fqdn
+ }
end
rule "Make DNS entries for all VPN hosts"
@@ -50,3 +52,16 @@ then
var fqdn = "%s.%s".formatted($h.name, $net.domain);
insert(DnsEntry.a(fqdn))
end
+
+rule "Connect VPN nodes"
+ salience -1
+when
+ $h : WgHost()
+ $others : ArrayList()
+ from collect(WgHost(publicName != null, name != $h.name))
+then
+ System.out.printf("Connection from %s%n", $h.name);
+ for (WgHost host : $others) {
+ System.out.printf(" %s%n", host.name);
+ }
+end