Revision 58480cab
Added by Benoît PECCATTE over 6 years ago
| techniques/system/server-roles/1.0/network-check.st | ||
|---|---|---|
|
|
||
|
vars:
|
||
|
"policy_server_ip" string => host2ip("${def.policy_server}");
|
||
|
server_ip_found::
|
||
|
"policy_server_acl" slist => { "127.0.0.0/8", "::1", "${policy_server_ip}" };
|
||
|
!server_ip_found::
|
||
|
"policy_server_acl" slist => { "127.0.0.0/8", "::1" };
|
||
|
|
||
|
any::
|
||
|
"defacl" slist => filter("0.0.0.0/0", "def.acl", "false", "true", "99999");
|
||
|
|
||
|
"nodes_acl_22" slist => maplist("Allow from ${this}", "defacl");
|
||
| ... | ... | |
|
"network_acl[policy_server_22]" string => "Allow from ${policy_server_generate_22}";
|
||
|
|
||
|
"network_file[policy_server_24]" string => "${g.rudder_base}/etc/rudder-networks-policy-server-24.conf";
|
||
|
"index" slist => getindices("network_file");
|
||
|
|
||
|
server_ip_found::
|
||
|
"network_acl[policy_server_24]" string => "Require local${const.n}Require ip ${policy_server_ip}";
|
||
|
!server_ip_found::
|
||
|
"network_acl[policy_server_24]" string => "Require local";
|
||
|
|
||
|
"index" slist => getindices("network_file");
|
||
|
|
||
|
has_all_granted::
|
||
|
"network_acl[nodes_22]" string => "Allow from all";
|
||
| ... | ... | |
|
"pass1" expression => "any";
|
||
|
|
||
|
"has_all_granted" expression => some("0.0.0.0/0", "def.acl");
|
||
|
|
||
|
"server_ip_found" expression => regcmp("^[0-9.]+$|^[0-9a-fA-F:]+:[0-9a-fA-F:]+$", "${policy_server_ip}");
|
||
|
|
||
|
files:
|
||
|
|
||
|
"${network_file[${index}]}"
|
||
Also available in: Unified diff
Fixes #11983: Broken install for Rudder server 4.3 on Debian 9