From 09ba202f73a519355f86b845b210b5126ea1dacf Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sun, 3 Jan 2021 22:20:15 +0100 Subject: VPN work. --- src/main/resources/io/trygvis/rules/acme/acme.drl | 22 ++++++++++ src/main/resources/io/trygvis/rules/acme/vpn.drl | 50 +++++++++++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 src/main/resources/io/trygvis/rules/acme/vpn.drl (limited to 'src/main/resources/io/trygvis/rules/acme') diff --git a/src/main/resources/io/trygvis/rules/acme/acme.drl b/src/main/resources/io/trygvis/rules/acme/acme.drl index 2439ddb..e2cb9da 100644 --- a/src/main/resources/io/trygvis/rules/acme/acme.drl +++ b/src/main/resources/io/trygvis/rules/acme/acme.drl @@ -1,8 +1,13 @@ package io.trygvis.rules.acme; +import io.trygvis.rules.machine.Machine; import io.trygvis.rules.dba.Cluster; import io.trygvis.rules.dba.Container; +declare AcmeServer + machine : Machine +end + rule "Ops" when $ops: AcmeOps() @@ -28,3 +33,20 @@ then insert(new Container(cluster, "db", "pdb", "postgresql", "13")); insert(new Container(cluster, "db", "mdb", "mongodb", "3.2")); end + +rule "Create Acme servers" +when + $m : Machine(name.startsWith("acme-")) +then + var s = new AcmeServer(); + s.machine = $m; + insert(s) +end + +rule "Set public domain for ACME servers" +when + $s : AcmeServer() +then + var fqdn = "%s.machine.acme.com".formatted($s.machine.name); + $s.machine.fqdn = fqdn; +end diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl new file mode 100644 index 0000000..3f62fbd --- /dev/null +++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl @@ -0,0 +1,50 @@ +package io.trygvis.rules.acme; + +import io.trygvis.rules.machine.Machine; +import io.trygvis.rules.dns.DnsEntry; + +dialect "mvel" + +declare WgNet + name : String + domain : String +end + +declare WgHost + name : String + machine : Machine + net : String + publicName : String + netToNetIp : String + networkIp : String +end + +rule "Set name from machine's name" + salience 10 +when + $h : WgHost(name == null, machine != null) +then + $h.name = $h.machine.name; + + update($h) +end + +rule "WgHost VPN machines" +when + $machine : Machine(name.startsWith("acme-")) + $wgNet : WgNet(name == "vs0") +then + var wgHost = new WgHost(); + wgHost.machine = $machine; + wgHost.net = $wgNet.name; + insert(wgHost) +end + +rule "Make DNS entries for all VPN hosts" +when + $h : WgHost() + $net : WgNet(name == $h.net) +then + var fqdn = "%s.%s".formatted($h.name, $net.domain); + insert(DnsEntry.a(fqdn)) +end -- cgit v1.2.3