1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
$tinc_hosts = lookup("groups.tinc")
$tinc_other_hosts = $tinc_hosts.filter |$host_name| { $host_name != $facts["networking"]["fqdn"] }
$tinc_locations = Hash($tinc_hosts.map |$host_name| { [
lookup("hostvars.'$host_name'.network.tinc.location"),
{
subnet => lookup("hostvars.'$host_name'.network.self_internal_network"),
address => lookup("hostvars.'$host_name'.network.public_hostname"),
}
] })
$tinc_connect_to = $tinc_other_hosts.map |$host_name| { lookup("hostvars.'$host_name'.network.tinc.location") }
$tinc_other_networks = $tinc_other_hosts.map |$host_name| { lookup("hostvars.'$host_name'.network.self_internal_network") }
$ocserv_networks = $tinc_hosts.map |$host_name| { lookup("hostvars.'$host_name'.network.self_internal_network") }
if 'tinc' in lookup("group_names") {
class {'tinc':
tinc_name => lookup("tinc_global.name"),
tinc_location => lookup("network.tinc.location"),
tinc_connect_to => $tinc_connect_to,
tinc_locations => $tinc_locations,
tinc_ip => lookup("network.self_internal_ip"),
tinc_netmask => lookup("network.self_internal_netmask"),
tinc_other_networks => $tinc_other_networks,
firewall => !lookup({"name" => "network.disable_firewall", "default_value" => false}),
}
class {'ocserv':
ocserv_tcp_port => 444,
ocserv_udp_port => 444,
ocserv_default_domain => "int.pdp7.net",
ocserv_ipv4_network => lookup("network.ocserv.network"),
ocserv_dns => lookup("network.self_internal_ip"),
ocserv_split_dns => lookup("tinc_global.ocserv_domain"),
ocserv_routes => $ocserv_networks,
firewall => !lookup({"name" => "network.disable_firewall", "default_value" => false}),
}
}
|
