acme allow wireguard ips
This commit is contained in:
mwiegand
parent
b9896960ff
commit
93d9f1af39
2 changed files with 11 additions and 9 deletions
|
|
@ -24,14 +24,21 @@ def acme_records(metadata):
|
||||||
|
|
||||||
@metadata_reactor.provides(
|
@metadata_reactor.provides(
|
||||||
'bind/acls/acme',
|
'bind/acls/acme',
|
||||||
'bind/keys/acme',
|
'bind/views/external/keys/acme',
|
||||||
'bind/views/external/zones',
|
'bind/views/external/zones',
|
||||||
)
|
)
|
||||||
def acme_zone(metadata):
|
def acme_zone(metadata):
|
||||||
allowed_ips = {
|
allowed_ips = {
|
||||||
|
*{
|
||||||
str(ip_interface(other_node.metadata.get('network/internal/ipv4')).ip)
|
str(ip_interface(other_node.metadata.get('network/internal/ipv4')).ip)
|
||||||
for other_node in repo.nodes
|
for other_node in repo.nodes
|
||||||
if other_node.metadata.get('letsencrypt/domains', {})
|
if other_node.metadata.get('letsencrypt/domains', {})
|
||||||
|
},
|
||||||
|
*{
|
||||||
|
str(ip_interface(other_node.metadata.get('wireguard/my_ip')).ip)
|
||||||
|
for other_node in repo.nodes
|
||||||
|
if other_node.has_bundle('wireguard')
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
|
|
|
||||||
|
|
@ -40,11 +40,6 @@
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'letsencrypt': {
|
|
||||||
'domains': {
|
|
||||||
'test12.ckn.li': {},
|
|
||||||
}
|
|
||||||
},
|
|
||||||
'java': {
|
'java': {
|
||||||
'version': 11,
|
'version': 11,
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue