From 1a221258db061bb15b8ab61bac8875d8aa9619da Mon Sep 17 00:00:00 2001
From: Sheppy <sheppy@atlantishq.de>
Date: Thu, 16 Mar 2023 22:28:21 +0100
Subject: [PATCH] feat: warn if iptables loader is no present/enabled

---
 main.py  |  1 +
 nginx.py | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/main.py b/main.py
index 8362ccd..dd27ae6 100644
--- a/main.py
+++ b/main.py
@@ -39,6 +39,7 @@ if __name__ == "__main__":
     # dump nginx config #
     if args.skip_nginx:
         nginx.dump_config(vmList, MASTER_ADDRESS)
+        nginx.check_transparent_proxy_loader()
 
     # dump icinga master
     if args.skip_icinga:
diff --git a/nginx.py b/nginx.py
index 413b955..3be28bc 100644
--- a/nginx.py
+++ b/nginx.py
@@ -1,5 +1,6 @@
 import jinja2
 import json
+import os
 
 ACME_CONTENT = '''
 location /.well-known/acme-challenge/ {
@@ -66,3 +67,12 @@ def dump_config(vmList, masterAddress):
             content = template.render(nginxJson)
 
             f.write(content)
+
+def check_transparent_proxy_loader():
+    retcode = os.system("systemctl is-enabled nginx-iptables.service")
+    if retcode != 0:
+        print("############################ WARNING ###############################")
+        print("+++ You may have transparent proxy rules but the service to load +++")
+        print("+++ them is not enabled or missing, a restart WILL break your    +++")
+        print("+++ setup! Add see nginx-iptables.service in the project root    +++")
+        print("############################ WARNING ###############################")