From a7de9a63f77faac8c535d1ab340bb5046f3955fd Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Mon, 4 Jan 2021 21:33:29 +0100 Subject: VPN work. Finding all connections for a VPN host. --- out/vpn0.yaml | 16 ++++++++-------- src/main/java/io/trygvis/rules/acme/AcmeIo.java | 5 +++++ src/main/resources/io/trygvis/rules/acme/vpn.drl | 23 +++++++++++++++++++---- 3 files changed, 32 insertions(+), 12 deletions(-) diff --git a/out/vpn0.yaml b/out/vpn0.yaml index 038ebd6..c4a798f 100644 --- a/out/vpn0.yaml +++ b/out/vpn0.yaml @@ -46,42 +46,42 @@ data: --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "ws-1.vpn.acme.com" + fqdn: "acme-1.machine.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "acme-2.machine.acme.com" + fqdn: "acme-1.vpn.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "ws-2.vpn.acme.com" + fqdn: "acme-2.machine.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "acme-3.machine.acme.com" + fqdn: "acme-2.vpn.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "acme-1.vpn.acme.com" + fqdn: "acme-3.machine.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "acme-2.vpn.acme.com" + fqdn: "acme-3.vpn.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "acme-1.machine.acme.com" + fqdn: "ws-1.vpn.acme.com" type: "A" --- type: "io.trygvis.rules.dns.DnsEntry" data: - fqdn: "acme-3.vpn.acme.com" + fqdn: "ws-2.vpn.acme.com" type: "A" --- type: "io.trygvis.rules.machine.Machine" diff --git a/src/main/java/io/trygvis/rules/acme/AcmeIo.java b/src/main/java/io/trygvis/rules/acme/AcmeIo.java index 0bd0f1e..498a4a6 100644 --- a/src/main/java/io/trygvis/rules/acme/AcmeIo.java +++ b/src/main/java/io/trygvis/rules/acme/AcmeIo.java @@ -57,6 +57,7 @@ public class AcmeIo { dump(s, factHandles, (o) -> true); } + // This should just sort by all getters instead. static class FactCollection { public final Class type; public final List values; @@ -73,6 +74,10 @@ public class AcmeIo { comparator = comparable(type, "name"); } + if (comparator == null) { + comparator = comparable(type, "fqdn"); + } + if (comparator == null) { comparator = Comparator.comparingInt(System::identityHashCode); } diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl index cfdbef9..082ecc0 100644 --- a/src/main/resources/io/trygvis/rules/acme/vpn.drl +++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl @@ -1,8 +1,10 @@ package io.trygvis.rules.acme; +import java.util.ArrayList import io.trygvis.rules.machine.Machine; import io.trygvis.rules.dns.DnsEntry; -import io.trygvis.rules.acme.AcmeServer; +import io.trygvis.rules.acme.AcmeServer +import io.trygvis.rules.acme.WgHost; dialect "mvel" @@ -13,7 +15,6 @@ end declare WgHost name : String -// machine : Machine net : String publicName : String netToNetIp : String @@ -38,8 +39,9 @@ when $host : WgHost(publicName == null) $m : Machine(name == $host.name, fqdn != null) then - $host.publicName = $m.fqdn; - update($host) + modify($host) { + publicName = $m.fqdn + } end rule "Make DNS entries for all VPN hosts" @@ -50,3 +52,16 @@ then var fqdn = "%s.%s".formatted($h.name, $net.domain); insert(DnsEntry.a(fqdn)) end + +rule "Connect VPN nodes" + salience -1 +when + $h : WgHost() + $others : ArrayList() + from collect(WgHost(publicName != null, name != $h.name)) +then + System.out.printf("Connection from %s%n", $h.name); + for (WgHost host : $others) { + System.out.printf(" %s%n", host.name); + } +end -- cgit v1.2.3