diff --git a/config.yml b/config.yml index 8a65bbe..bc56c98 100644 --- a/config.yml +++ b/config.yml @@ -33,9 +33,7 @@ acls: sysadmin: ips: - 10.5.1.0/24 - zones: - - dmz - - it + zones: * defaults: https: true zone: public diff --git a/index.js b/index.js index 0705bb8..5c9b4ea 100644 --- a/index.js +++ b/index.js @@ -154,12 +154,13 @@ async function updateProxy(firstRun) { console.log('Saved settings hash:', lastInfoHash); } + // Fetch backends + const hostMap = []; const baseMap = []; const https = []; const zoneMap = []; - const aclMap = []; - const accessMap = []; + const zones = new Set(); for (const domain in conf.domains) { const domainConf = conf.domains[domain]; @@ -181,8 +182,10 @@ async function updateProxy(firstRun) { if (serviceConf.https) https.push(service); - if (serviceConf.zone) + if (serviceConf.zone) { zoneMap.push([service, serviceConf.zone]); + zones.add(serviceConf.zone); + } rules = rules || serviceConf.rules; @@ -215,19 +218,26 @@ async function updateProxy(firstRun) { } } + // Fetch ACLs + + const aclMap = []; const acls = []; for (const acl in conf.acls) { const aclConf = conf.acls[acl]; + const ips = []; for (const ip of aclConf.ips) { aclMap.push([ip, acl]); ips.push(parseNet(ip)); } + acls.push({ name: acl, ips, - zones: new Set(aclConf.zones) + zones: aclConf.zones === '*' + ? new Set(zones) + : new Set(aclConf.zones) }); } @@ -260,10 +270,13 @@ async function updateProxy(firstRun) { } }}} + const accessMap = []; for (const acl of acls) for (const zone of acl.zones) accessMap.push(`${acl.name}/${zone}`); + // Generate maps + const files = { host: hostMap, base: baseMap, @@ -303,6 +316,8 @@ async function updateProxy(firstRun) { await fs.close(fd); } + // Initalize + await updateProxy(true); console.log('Listening for events.')