From ede2372547db659e7b0e9cfd3b531ff542018229 Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Wed, 6 Jan 2021 21:01:33 +0100
Subject: Generating Wireguard files too.

---
 acme-wireguard/host_vars/acme-1/wireguard.yml      |  3 ++
 acme-wireguard/host_vars/acme-2/wireguard.yml      |  3 ++
 acme-wireguard/host_vars/acme-3/wireguard.yml      |  3 ++
 acme-wireguard/host_vars/ws-1/wireguard.yml        |  3 ++
 acme-wireguard/host_vars/ws-2/wireguard.yml        |  3 ++
 acme-wireguard/wireguard-vpn0.yml                  |  6 ++++
 j2/wireguard/ansible-host.j2                       |  3 ++
 j2/wireguard/ansible.j2                            |  6 ++++
 .../acme/src/main/resources/META-INF/kmodule.xml   |  2 +-
 .../io/trygvis/rules/engine/TemplateEngine.java    | 10 ++++++
 .../src/main/resources/META-INF/kmodule.xml        |  7 ++--
 .../resources/io/trygvis/rules/engine/default.drl  | 16 ---------
 .../resources/io/trygvis/rules/engine/init.drl     | 17 ++++++++++
 .../io/trygvis/rules/wireguard/generate.drl        | 18 ----------
 .../io/trygvis/rules/wireguard/wireguard.drl       | 38 ++++++++++++++++++++++
 out/acme/wireguard.yaml                            | 15 ---------
 16 files changed, 101 insertions(+), 52 deletions(-)
 create mode 100644 acme-wireguard/host_vars/acme-1/wireguard.yml
 create mode 100644 acme-wireguard/host_vars/acme-2/wireguard.yml
 create mode 100644 acme-wireguard/host_vars/acme-3/wireguard.yml
 create mode 100644 acme-wireguard/host_vars/ws-1/wireguard.yml
 create mode 100644 acme-wireguard/host_vars/ws-2/wireguard.yml
 create mode 100644 acme-wireguard/wireguard-vpn0.yml
 create mode 100644 j2/wireguard/ansible-host.j2
 create mode 100644 j2/wireguard/ansible.j2
 delete mode 100644 module/ri-engine/src/main/resources/io/trygvis/rules/engine/default.drl
 create mode 100644 module/ri-engine/src/main/resources/io/trygvis/rules/engine/init.drl
 delete mode 100644 module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/generate.drl

diff --git a/acme-wireguard/host_vars/acme-1/wireguard.yml b/acme-wireguard/host_vars/acme-1/wireguard.yml
new file mode 100644
index 0000000..7a8eb03
--- /dev/null
+++ b/acme-wireguard/host_vars/acme-1/wireguard.yml
@@ -0,0 +1,3 @@
+# Generated
+link_address: 192.168.10.4
+network_cidr: TODO
diff --git a/acme-wireguard/host_vars/acme-2/wireguard.yml b/acme-wireguard/host_vars/acme-2/wireguard.yml
new file mode 100644
index 0000000..8ec6010
--- /dev/null
+++ b/acme-wireguard/host_vars/acme-2/wireguard.yml
@@ -0,0 +1,3 @@
+# Generated
+link_address: 192.168.10.3
+network_cidr: TODO
diff --git a/acme-wireguard/host_vars/acme-3/wireguard.yml b/acme-wireguard/host_vars/acme-3/wireguard.yml
new file mode 100644
index 0000000..56e95d2
--- /dev/null
+++ b/acme-wireguard/host_vars/acme-3/wireguard.yml
@@ -0,0 +1,3 @@
+# Generated
+link_address: 192.168.10.2
+network_cidr: TODO
diff --git a/acme-wireguard/host_vars/ws-1/wireguard.yml b/acme-wireguard/host_vars/ws-1/wireguard.yml
new file mode 100644
index 0000000..ea629ed
--- /dev/null
+++ b/acme-wireguard/host_vars/ws-1/wireguard.yml
@@ -0,0 +1,3 @@
+# Generated
+link_address: 192.168.10.1
+network_cidr: TODO
diff --git a/acme-wireguard/host_vars/ws-2/wireguard.yml b/acme-wireguard/host_vars/ws-2/wireguard.yml
new file mode 100644
index 0000000..95f5f03
--- /dev/null
+++ b/acme-wireguard/host_vars/ws-2/wireguard.yml
@@ -0,0 +1,3 @@
+# Generated
+link_address: 192.168.10.0
+network_cidr: TODO
diff --git a/acme-wireguard/wireguard-vpn0.yml b/acme-wireguard/wireguard-vpn0.yml
new file mode 100644
index 0000000..a81485d
--- /dev/null
+++ b/acme-wireguard/wireguard-vpn0.yml
@@ -0,0 +1,6 @@
+- hosts: vpn0
+  roles:
+    - name: wireguard
+      wireguard_if: vpn0
+      wireguard_listen_port: 45364
+      wireguard_address4: "{{ link_addresses[ansible_hostname] }}"
diff --git a/j2/wireguard/ansible-host.j2 b/j2/wireguard/ansible-host.j2
new file mode 100644
index 0000000..63a8d51
--- /dev/null
+++ b/j2/wireguard/ansible-host.j2
@@ -0,0 +1,3 @@
+# Generated
+link_address: {{ link }}
+network_cidr: {{ network }}
diff --git a/j2/wireguard/ansible.j2 b/j2/wireguard/ansible.j2
new file mode 100644
index 0000000..82c0ca0
--- /dev/null
+++ b/j2/wireguard/ansible.j2
@@ -0,0 +1,6 @@
+- hosts: {{ net.name }}
+  roles:
+    - name: wireguard
+      wireguard_if: {{ net.name }}
+      wireguard_listen_port: 45364
+      wireguard_address4: "{{ '{{' }} link_addresses[ansible_hostname] }}"
diff --git a/module/acme/src/main/resources/META-INF/kmodule.xml b/module/acme/src/main/resources/META-INF/kmodule.xml
index da34a59..e86da96 100644
--- a/module/acme/src/main/resources/META-INF/kmodule.xml
+++ b/module/acme/src/main/resources/META-INF/kmodule.xml
@@ -3,7 +3,7 @@
          xmlns="http://www.drools.org/xsd/kmodule"
          xsi:schemaLocation="http://www.drools.org/xsd/kmodule https://www.drools.org/xsd/kmodule_7_1.xsd">
 
-  <kbase packages="io.trygvis.acme" includes="engine" name="acme-apps">
+  <kbase packages="io.trygvis.acme" includes="dba,engine,machine,terraform" name="acme-apps">
     <ksession name="acme-apps" default="true"/>
   </kbase>
 
diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/engine/TemplateEngine.java b/module/ri-engine/src/main/java/io/trygvis/rules/engine/TemplateEngine.java
index 3c7c755..cc085c0 100644
--- a/module/ri-engine/src/main/java/io/trygvis/rules/engine/TemplateEngine.java
+++ b/module/ri-engine/src/main/java/io/trygvis/rules/engine/TemplateEngine.java
@@ -2,6 +2,7 @@ package io.trygvis.rules.engine;
 
 import ch.qos.logback.core.util.FileUtil;
 import com.hubspot.jinjava.Jinjava;
+import org.apache.commons.io.FileUtils;
 
 import java.io.File;
 import java.io.IOException;
@@ -18,6 +19,15 @@ public class TemplateEngine {
         this.basedir = basedir;
     }
 
+    public void clean() {
+        try {
+            System.out.println("Cleaning gen!");
+            FileUtils.deleteDirectory(basedir);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     public void template(String name, String output, Map<String, Object> params) throws IOException {
         var template = Files.readString(Path.of("j2", name + ".j2"));
         String renderedTemplate = jinjava.render(template, params);
diff --git a/module/ri-engine/src/main/resources/META-INF/kmodule.xml b/module/ri-engine/src/main/resources/META-INF/kmodule.xml
index ffba357..79c5e79 100644
--- a/module/ri-engine/src/main/resources/META-INF/kmodule.xml
+++ b/module/ri-engine/src/main/resources/META-INF/kmodule.xml
@@ -3,6 +3,9 @@
          xmlns="http://www.drools.org/xsd/kmodule"
          xsi:schemaLocation="http://www.drools.org/xsd/kmodule https://www.drools.org/xsd/kmodule_7_1.xsd">
 
-  <kbase name="engine" packages="io.trygvis.rules.dba,io.trygvis.rules.engine,io.trygvis.rules.machine,io.trygvis.rules.terraform">
-  </kbase>
+  <kbase name="all" packages="io.trygvis.rules.*"/>
+  <kbase name="engine" packages="io.trygvis.rules.engine"/>
+  <kbase name="dba" packages="io.trygvis.rules.dba"/>
+  <kbase name="machine" packages="io.trygvis.rules.machine"/>
+  <kbase name="terraform" packages="io.trygvis.rules.terraform"/>
 </kmodule>
diff --git a/module/ri-engine/src/main/resources/io/trygvis/rules/engine/default.drl b/module/ri-engine/src/main/resources/io/trygvis/rules/engine/default.drl
deleted file mode 100644
index a933bd9..0000000
--- a/module/ri-engine/src/main/resources/io/trygvis/rules/engine/default.drl
+++ /dev/null
@@ -1,16 +0,0 @@
-package io.trygvis.rules.engine;
-
-import java.util.Map
-import org.apache.commons.io.FileSystem
-import org.apache.commons.io.FileUtils
-import java.io.File
-
-rule "Clean directories"
-    agenda-group "init"
-when
-    not(KeyValue(key == "rm-gen"));
-then
-    System.out.println("Cleaning gen!");
-    FileUtils.deleteDirectory(new File("gen"));
-    insert(new KeyValue("rm-gen", null));
-end
diff --git a/module/ri-engine/src/main/resources/io/trygvis/rules/engine/init.drl b/module/ri-engine/src/main/resources/io/trygvis/rules/engine/init.drl
new file mode 100644
index 0000000..267cc4a
--- /dev/null
+++ b/module/ri-engine/src/main/resources/io/trygvis/rules/engine/init.drl
@@ -0,0 +1,17 @@
+package io.trygvis.rules.engine;
+
+import java.util.Map
+import org.apache.commons.io.FileSystem
+import org.apache.commons.io.FileUtils
+import java.io.File
+
+global io.trygvis.rules.engine.TemplateEngine te;
+
+rule "Clean directories"
+    agenda-group "init"
+when
+    not(KeyValue(key == "rm-gen"));
+then
+    te.clean();
+    insert(new KeyValue("rm-gen", null));
+end
diff --git a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/generate.drl b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/generate.drl
deleted file mode 100644
index 3ee0583..0000000
--- a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/generate.drl
+++ /dev/null
@@ -1,18 +0,0 @@
-package io.trygvis.rules.wireguard;
-
-import java.util.ArrayList
-import io.trygvis.rules.dns.DnsEntry;
-import io.trygvis.rules.machine.Machine;
-import io.trygvis.rules.network.Ipv4Address
-import io.trygvis.rules.network.Ipv4Cidr
-import io.trygvis.rules.network.IpCalc
-
-rule "Generate base"
-    agenda-group "generate"
-    salience 10
-when
-    $net : WgNet()
-    $h : WgHost(net == $net.name)
-then
-    System.out.println("%s : %s".formatted($net.name, $h.name));
-end
diff --git a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl
index 342cbb5..06b9bbf 100644
--- a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl
+++ b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl
@@ -6,6 +6,9 @@ import io.trygvis.rules.machine.Machine;
 import io.trygvis.rules.network.Ipv4Address
 import io.trygvis.rules.network.Ipv4Cidr
 import io.trygvis.rules.network.IpCalc
+import java.util.Map
+
+global io.trygvis.rules.engine.TemplateEngine te;
 
 dialect  "mvel"
 
@@ -103,3 +106,38 @@ then
     System.out.printf("IP: net=%s, pool.role=%s, host=%s, ip=%s%n", $net.name, $pool.role, $host.name, $ip);
     insert(new WgIpAllocation($host.name, $pool.role, $ip))
 end
+
+rule "Generate per-net files"
+    agenda-group "generate"
+    salience 10
+when
+    $net : WgNet()
+then
+    te.template("wireguard/ansible", "wireguard-" + $net.name + ".yml", Map.of(
+            "net", $net
+    ));
+
+    // TODO: Generate hosts file
+end
+
+rule "Generate per-net, per-host files"
+    agenda-group "generate"
+    salience 10
+when
+    $net : WgNet()
+    $host : WgHost(net == $net.name)
+    $link : WgIpAllocation(host == $host.name, role == "link")
+    // Needs to be a sub-cidr of the WgNet network cidr, not a specific IP
+    $network : WgIpAllocation(host == $host.name, role == "network")
+then
+    System.out.printf("%s : %s%n", $net.name, $host.name);
+
+    String output = "host_vars/%s/wireguard.yml".formatted($host.name);
+
+    te.template("wireguard/ansible-host", output, Map.of(
+            "net", $net,
+            "host", $host,
+            "link", $link.ip,
+            "network", "TODO"
+    ));
+end
diff --git a/out/acme/wireguard.yaml b/out/acme/wireguard.yaml
index 4601931..ebad93a 100644
--- a/out/acme/wireguard.yaml
+++ b/out/acme/wireguard.yaml
@@ -1,30 +1,15 @@
 ---
 type: "io.trygvis.rules.dns.DnsEntry"
-data:
-  fqdn: "acme-1.machine.acme.com"
-  type: "A"
----
-type: "io.trygvis.rules.dns.DnsEntry"
 data:
   fqdn: "acme-1.vpn.acme.com"
   type: "A"
 ---
 type: "io.trygvis.rules.dns.DnsEntry"
-data:
-  fqdn: "acme-2.machine.acme.com"
-  type: "A"
----
-type: "io.trygvis.rules.dns.DnsEntry"
 data:
   fqdn: "acme-2.vpn.acme.com"
   type: "A"
 ---
 type: "io.trygvis.rules.dns.DnsEntry"
-data:
-  fqdn: "acme-3.machine.acme.com"
-  type: "A"
----
-type: "io.trygvis.rules.dns.DnsEntry"
 data:
   fqdn: "acme-3.vpn.acme.com"
   type: "A"
-- 
cgit v1.2.3