Compare commits

..

3 commits

5 changed files with 43 additions and 92 deletions

View file

@ -5,7 +5,7 @@ define tinc::connect_to(
$to, $to,
$to_fqdn, $to_fqdn,
$target, $target,
){ ){
if $::fqdn != $to_fqdn { if $::fqdn != $to_fqdn {
concat::fragment{ concat::fragment{
$name: $name:

View file

@ -1,31 +0,0 @@
# a hostfile for a certain network
# title must be:
# hostname@network
#
define tinc::hostfile(
$source_dir = undef,
$net = undef,
$ensure = present,
) {
# if absent the net should
# clean it up by itself
if $ensure == 'present' {
include tinc
if $tinc::uses_systemd {
$service_name = "tincd@${net}"
} else {
$service_name = 'tinc'
}
if $net and $source_dir {
file{"/etc/tinc/${net}/hosts/${name}":
source => "${source_dir}/${name}",
# to be sure that we manage that net
require => File["/etc/tinc/${net}/hosts"],
notify => Service[$service_name],
owner => root,
group => 0,
mode => '0600';
}
}
}
}

View file

@ -4,12 +4,12 @@ define tinc::instance(
$connect_on_boot = true, $connect_on_boot = true,
$tinc_interface = 'eth0', $tinc_interface = 'eth0',
$tinc_address = undef, $tinc_address = undef,
$tinc_address_to_export = undef,
$port = '655', $port = '655',
$port_to_export = '655',
$compression = '10', $compression = '10',
$mode = 'switch', $mode = 'switch',
$tinc_connect_to = undef, $options = {},
$tinc_accept_from = undef,
$tinc_hostfiles_dir = 'absent',
$tinc_up_content = undef, $tinc_up_content = undef,
$tinc_down_content = undef, $tinc_down_content = undef,
){ ){
@ -97,6 +97,11 @@ define tinc::instance(
$int_name_escaped = regsubst($tinc_interface,'\.','_','G') $int_name_escaped = regsubst($tinc_interface,'\.','_','G')
$host_address = getvar("::ipaddress_${int_name_escaped}") $host_address = getvar("::ipaddress_${int_name_escaped}")
} }
if $tinc_address_to_export {
$export_addr = $tinc_address_to_export
} else {
$export_addr = $host_address
}
# get the keys # get the keys
# [ priv, pub ] # [ priv, pub ]
@ -115,47 +120,15 @@ define tinc::instance(
group => 0, group => 0,
mode => '0600'; mode => '0600';
} }
# if (! $tinc_connect_to) and (!$tinc_accept_from) {
if $::settings::storeconfigs {
notify {"debug_storeconfigs": message => "If storeconfigs is true, then I should change something"}
# export this host and collect all the other hosts # export this host and collect all the other hosts
# @@tinc::host{"${fqdn_tinc}@${name}": @@tinc::host{"${fqdn_tinc}@${name}":
# port => $port, port => $port_to_export,
# compression => $compression,
# address => $host_address,
# public_key => $tinc_keys[1],
# tag => "tinc::host_for_${name}",
# }
# Tinc::Host<<| tag == "tinc::host_for_${name}" |>>
# @@tinc::connect_to{"${name}_connect_to_${fqdn_tinc}":
# to => $fqdn_tinc,
# to_fqdn => $::fqdn,
# target => $tinc_config,
# tag => "tinc_${name}_auto",
# Tinc::Connect_to<<| tag == "tinc_${name}_auto" |>>
}
else {
tinc::host{"${fqdn_tinc}@${name}":
port => $port,
compression => $compression, compression => $compression,
address => $host_address, address => $export_addr,
public_key => $tinc_keys[1], public_key => $tinc_keys[1],
tag => "tinc::host_for_${name}",
} }
Tinc::Host<<| tag == "tinc::host_for_${name}" |>>
$tinc_hosts = union($tinc_accept_from, $tinc_connect_to)
tinc::hostfile {$tinc_hosts:
source_dir => $tinc_hostfiles_dir,
net => $name
}
$connect_params = $tinc_connect_to.reduce({}) |$memo, $entry|
{merge($memo, {"${fqdn_tinc}_connect_to_${entry}" => {to => $entry, to_fqdn => "", target => $tinc_config}})}
create_resources(tinc::connect_to, $connect_params)
}
concat::fragment{"tinc_conf_header_${name}": concat::fragment{"tinc_conf_header_${name}":
target => $tinc_config, target => $tinc_config,
@ -163,6 +136,14 @@ define tinc::instance(
order => '100', order => '100',
} }
@@tinc::connect_to{"${name}_connect_to_${fqdn_tinc}":
to => $fqdn_tinc,
to_fqdn => $::fqdn,
target => $tinc_config,
tag => "tinc_${name}_auto",
}
Tinc::Connect_to<<| tag == "tinc_${name}_auto" |>>
file { "/etc/tinc/${name}/tinc-up": file { "/etc/tinc/${name}/tinc-up":
content => $tinc_up_content, content => $tinc_up_content,
notify => Service[$service_name], notify => Service[$service_name],

View file

@ -5,14 +5,14 @@ define tinc::switch(
$tinc_interface = 'eth0', $tinc_interface = 'eth0',
$tinc_address = undef, $tinc_address = undef,
$port = '655', $port = '655',
$tinc_address_to_export = undef,
$port_to_export = '655',
$tinc_internal_interface = 'eth1', $tinc_internal_interface = 'eth1',
$tinc_internal_ip = 'absent', $tinc_internal_ip = 'absent',
$tinc_internal_netmask = 'absent', $tinc_internal_netmask = 'absent',
$tinc_bridge_interface = 'absent', $tinc_bridge_interface = 'absent',
$tinc_connect_to = undef,
$tinc_accept_from = undef,
$tinc_hostfiles_dir = 'absent',
$compression = '10', $compression = '10',
$options = {},
$shorewall_zone = 'absent' $shorewall_zone = 'absent'
){ ){
@ -21,17 +21,17 @@ define tinc::switch(
connect_on_boot => $connect_on_boot, connect_on_boot => $connect_on_boot,
tinc_interface => $tinc_interface, tinc_interface => $tinc_interface,
tinc_address => $tinc_address, tinc_address => $tinc_address,
tinc_address_to_export => $tinc_address_to_export,
port => $port, port => $port,
port_to_export => $port_to_export,
compression => $compression, compression => $compression,
mode => 'switch', mode => 'switch',
tinc_connect_to => $tinc_connect_to, options => $options,
tinc_accept_from => $tinc_accept_from,
tinc_hostfiles_dir => $tinc_hostfiles_dir,
} }
if $ensure == 'present' { if $ensure == 'present' {
include ::tinc include ::tinc
# require bridge_utils require bridge_utils
$real_tinc_bridge_interface = $tinc_bridge_interface ? { $real_tinc_bridge_interface = $tinc_bridge_interface ? {
'absent' => "br${name}", 'absent' => "br${name}",
default => $tinc_bridge_interface default => $tinc_bridge_interface

View file

@ -1,9 +1,10 @@
Name = <%= @fqdn_tinc %> Name = <%= @fqdn_tinc %>
AddressFamily = ipv4 AddressFamily = ipv4
Device = /dev/net/tun Device = /dev/net/tun
#PMTU = 1440
Mode = <%= @mode %> Mode = <%= @mode %>
BindToAddress = <%= @host_address %> <%= @port %> BindToAddress = <%= @host_address %> <%= @port %>
BindToInterface = <%= @tinc_interface.to_s %> BindToInterface = <%= @tinc_interface.to_s %>
<% @options.keys.sort.each do |key| -%>
<%= key %> = <%= @options[key] %>
<% end -%>