sheppy/athq-vm-management
1
0
Fork 0
mirror of https://github.com/FAUSheppy/athq-vm-management synced 2026-04-26 22:02:29 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: support network restrictions in nginx.py

Browse Source
This commit is contained in:
Kathrin Maurer
2026-03-21 23:18:26 +01:00
parent f26ed30471
commit 1dc46606a0
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
nginx.py
View File

@@ -29,6 +29,8 @@ def dump_config(vmList, masterAddress):
# ssl passthrough/no-terminate # # ssl passthrough/no-terminate #
ssl_passthrough_map = [] ssl_passthrough_map = []
network_restrictions = {}
for vmo in vmList: for vmo in vmList:
relevant_subdomains = filter(lambda x: x.get("no-terminate-ssl"), vmo.subdomains) relevant_subdomains = filter(lambda x: x.get("no-terminate-ssl"), vmo.subdomains)
for s in relevant_subdomains: for s in relevant_subdomains:
@@ -39,12 +41,22 @@ def dump_config(vmList, masterAddress):
else: else:
match = s.get("name") match = s.get("name")
geo_restriction = s.get("network-restriction")
if geo_restriction:
network_restrictions.update({ match: geo_restriction })
ssl_target_port = s.get("ssl_target_port") or 443 ssl_target_port = s.get("ssl_target_port") or 443
ssl_passthrough_map.append("{} {}:{};".format(match, vmo.ip, ssl_target_port)) ssl_passthrough_map.append("{} {}:{};".format(match, vmo.ip, ssl_target_port))
environment = jinja2.Environment(loader=jinja2.FileSystemLoader(searchpath="./templates")) environment = jinja2.Environment(loader=jinja2.FileSystemLoader(searchpath="./templates"))
template = environment.get_template("nginx_stream_ssl_map.conf.j2") template = environment.get_template("nginx_stream_ssl_map.conf.j2")
f.write(template.render(ssl_passthrough_map=ssl_passthrough_map)) f.write(
template.render(
ssl_passthrough_map=ssl_passthrough_map,
network_restrictions=network_restrictions
)
)
for vmo in vmList: for vmo in vmList: