From 09ba202f73a519355f86b845b210b5126ea1dacf Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sun, 3 Jan 2021 22:20:15 +0100 Subject: VPN work. --- src/main/resources/io/trygvis/rules/acme/acme.drl | 22 ++++++++++ src/main/resources/io/trygvis/rules/acme/vpn.drl | 50 ++++++++++++++++++++++ src/main/resources/io/trygvis/rules/dba/dba.drl | 6 --- .../io/trygvis/rules/terraform/terraform.drl | 22 +++++----- 4 files changed, 83 insertions(+), 17 deletions(-) create mode 100644 src/main/resources/io/trygvis/rules/acme/vpn.drl (limited to 'src/main/resources') diff --git a/src/main/resources/io/trygvis/rules/acme/acme.drl b/src/main/resources/io/trygvis/rules/acme/acme.drl index 2439ddb..e2cb9da 100644 --- a/src/main/resources/io/trygvis/rules/acme/acme.drl +++ b/src/main/resources/io/trygvis/rules/acme/acme.drl @@ -1,8 +1,13 @@ package io.trygvis.rules.acme; +import io.trygvis.rules.machine.Machine; import io.trygvis.rules.dba.Cluster; import io.trygvis.rules.dba.Container; +declare AcmeServer + machine : Machine +end + rule "Ops" when $ops: AcmeOps() @@ -28,3 +33,20 @@ then insert(new Container(cluster, "db", "pdb", "postgresql", "13")); insert(new Container(cluster, "db", "mdb", "mongodb", "3.2")); end + +rule "Create Acme servers" +when + $m : Machine(name.startsWith("acme-")) +then + var s = new AcmeServer(); + s.machine = $m; + insert(s) +end + +rule "Set public domain for ACME servers" +when + $s : AcmeServer() +then + var fqdn = "%s.machine.acme.com".formatted($s.machine.name); + $s.machine.fqdn = fqdn; +end diff --git a/src/main/resources/io/trygvis/rules/acme/vpn.drl b/src/main/resources/io/trygvis/rules/acme/vpn.drl new file mode 100644 index 0000000..3f62fbd --- /dev/null +++ b/src/main/resources/io/trygvis/rules/acme/vpn.drl @@ -0,0 +1,50 @@ +package io.trygvis.rules.acme; + +import io.trygvis.rules.machine.Machine; +import io.trygvis.rules.dns.DnsEntry; + +dialect "mvel" + +declare WgNet + name : String + domain : String +end + +declare WgHost + name : String + machine : Machine + net : String + publicName : String + netToNetIp : String + networkIp : String +end + +rule "Set name from machine's name" + salience 10 +when + $h : WgHost(name == null, machine != null) +then + $h.name = $h.machine.name; + + update($h) +end + +rule "WgHost VPN machines" +when + $machine : Machine(name.startsWith("acme-")) + $wgNet : WgNet(name == "vs0") +then + var wgHost = new WgHost(); + wgHost.machine = $machine; + wgHost.net = $wgNet.name; + insert(wgHost) +end + +rule "Make DNS entries for all VPN hosts" +when + $h : WgHost() + $net : WgNet(name == $h.net) +then + var fqdn = "%s.%s".formatted($h.name, $net.domain); + insert(DnsEntry.a(fqdn)) +end diff --git a/src/main/resources/io/trygvis/rules/dba/dba.drl b/src/main/resources/io/trygvis/rules/dba/dba.drl index 7df1c5d..7beceef 100644 --- a/src/main/resources/io/trygvis/rules/dba/dba.drl +++ b/src/main/resources/io/trygvis/rules/dba/dba.drl @@ -1,7 +1 @@ package io.trygvis.rules.dba; - - -rule "Dba" - when - then -end diff --git a/src/main/resources/io/trygvis/rules/terraform/terraform.drl b/src/main/resources/io/trygvis/rules/terraform/terraform.drl index 1de3123..40b9f7c 100644 --- a/src/main/resources/io/trygvis/rules/terraform/terraform.drl +++ b/src/main/resources/io/trygvis/rules/terraform/terraform.drl @@ -12,30 +12,30 @@ global io.trygvis.rules.engine.TemplateEngine te; declare ScalewayMachine machine : Machine key : String - fqdn : String end rule "Terraform for Machine" when $machine: Machine() then - var fqdn = "%s.machine.acme.com".formatted($machine.name); - var a = DnsEntry.a(fqdn); - var aaaa = DnsEntry.aaaa(fqdn); + ScalewayMachine scw = new ScalewayMachine(); - var scw = new ScalewayMachine(); scw.setKey($machine.name); scw.setMachine($machine); - scw.setFqdn(fqdn); - - var ipv4 = "scaleway_instance_ip.%s.address".formatted($machine.name); -// var ipv6 = "scaleway_instance_server.%s.public_ipv6.address".formatted($machine.name); insert(scw); +end + +rule "Create DNS entry for Terraform Machine" +when + $machine : Machine(fqdn != null) + not(DnsEntry(fqdn == $machine.fqdn)) +then + var a = DnsEntry.a($machine.fqdn); insert(a); - insert(aaaa); + + var ipv4 = "scaleway_instance_ip.%s.address".formatted($machine.name); insert(new DnsEntryTerraformExpression(a, $machine.name, ipv4)); -// insert(new DnsEntryValue(aaaa, ipv6)); end rule "TF for TerraformMachine" -- cgit v1.2.3