diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-05-01 19:44:52 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-05-01 19:44:52 +0200 |
commit | 49b1afc25b73d9c5daae1c76edb88aab42afa83e (patch) | |
tree | 64d44eb5425ba0ebb0531f2cb60cef32830f0efa /data/templates/ipsec/swanctl.conf.tmpl | |
parent | 992c847493665fd2119636d81582aa80e99e388a (diff) | |
download | vyos-1x-49b1afc25b73d9c5daae1c76edb88aab42afa83e.tar.gz vyos-1x-49b1afc25b73d9c5daae1c76edb88aab42afa83e.zip |
ipsec: T4353: fix Jinja2 linting errors
Diffstat (limited to 'data/templates/ipsec/swanctl.conf.tmpl')
-rw-r--r-- | data/templates/ipsec/swanctl.conf.tmpl | 131 |
1 files changed, 0 insertions, 131 deletions
diff --git a/data/templates/ipsec/swanctl.conf.tmpl b/data/templates/ipsec/swanctl.conf.tmpl deleted file mode 100644 index 6ba93dd1f..000000000 --- a/data/templates/ipsec/swanctl.conf.tmpl +++ /dev/null @@ -1,131 +0,0 @@ -### Autogenerated by vpn_ipsec.py ### -{% import 'ipsec/swanctl/l2tp.tmpl' as l2tp_tmpl %} -{% import 'ipsec/swanctl/profile.tmpl' as profile_tmpl %} -{% import 'ipsec/swanctl/peer.tmpl' as peer_tmpl %} -{% import 'ipsec/swanctl/remote_access.tmpl' as remote_access_tmpl %} - -connections { -{% if profile is vyos_defined %} -{% for name, profile_conf in profile.items() if profile_conf.disable is not vyos_defined and profile_conf.bind.tunnel is vyos_defined %} -{{ profile_tmpl.conn(name, profile_conf, ike_group, esp_group) }} -{% endfor %} -{% endif %} -{% if site_to_site.peer is vyos_defined %} -{% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not vyos_defined %} -{{ peer_tmpl.conn(peer, peer_conf, ike_group, esp_group) }} -{% endfor %} -{% endif %} -{% if remote_access.connection is vyos_defined %} -{% for rw, rw_conf in remote_access.connection.items() if rw_conf.disable is not vyos_defined %} -{{ remote_access_tmpl.conn(rw, rw_conf, ike_group, esp_group) }} -{% endfor %} -{% endif %} -{% if l2tp %} -{{ l2tp_tmpl.conn(l2tp, l2tp_outside_address, l2tp_ike_default, l2tp_esp_default, ike_group, esp_group) }} -{% endif %} -} - -pools { -{% if remote_access.pool is vyos_defined %} -{% for pool, pool_config in remote_access.pool.items() %} - {{ pool }} { -{% if pool_config.prefix is vyos_defined %} - addrs = {{ pool_config.prefix }} -{% endif %} -{% if pool_config.name_server is vyos_defined %} - dns = {{ pool_config.name_server | join(',') }} -{% endif %} -{% if pool_config.exclude is vyos_defined %} - split_exclude = {{ pool_config.exclude | join(',') }} -{% endif %} - } -{% endfor %} -{% endif %} -} - -secrets { -{% if profile is vyos_defined %} -{% for name, profile_conf in profile.items() if profile_conf.disable is not vyos_defined and profile_conf.bind.tunnel is vyos_defined %} -{% if profile_conf.authentication.mode is vyos_defined('pre-shared-secret') %} -{% for interface in profile_conf.bind.tunnel %} - ike-dmvpn-{{ interface }} { - secret = {{ profile_conf.authentication.pre_shared_secret }} - } -{% endfor %} -{% endif %} -{% endfor %} -{% endif %} -{% if site_to_site.peer is vyos_defined %} -{% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not vyos_defined %} -{% set peer_name = peer.replace("@", "") | dot_colon_to_dash %} -{% if peer_conf.authentication.mode is vyos_defined('pre-shared-secret') %} - ike_{{ peer_name }} { -{% if peer_conf.local_address is vyos_defined %} - id-local = {{ peer_conf.local_address }} # dhcp:{{ peer_conf.dhcp_interface if 'dhcp_interface' in peer_conf else 'no' }} -{% endif %} - id-remote = {{ peer }} -{% if peer_conf.authentication.id is vyos_defined %} - id-localid = {{ peer_conf.authentication.id }} -{% endif %} -{% if peer_conf.authentication.remote_id is vyos_defined %} - id-remoteid = {{ peer_conf.authentication.remote_id }} -{% endif %} - secret = "{{ peer_conf.authentication.pre_shared_secret }}" - } -{% elif peer_conf.authentication.mode is vyos_defined('x509') %} - private_{{ peer_name }} { - file = {{ peer_conf.authentication.x509.certificate }}.pem -{% if peer_conf.authentication.x509.passphrase is vyos_defined %} - secret = "{{ peer_conf.authentication.x509.passphrase }}" -{% endif %} - } -{% elif peer_conf.authentication.mode is vyos_defined('rsa') %} - rsa_{{ peer_name }}_local { - file = {{ peer_conf.authentication.rsa.local_key }}.pem -{% if peer_conf.authentication.rsa.passphrase is vyos_defined %} - secret = "{{ peer_conf.authentication.rsa.passphrase }}" -{% endif %} - } -{% endif %} -{% endfor %} -{% endif %} -{% if remote_access.connection is vyos_defined %} -{% for ra, ra_conf in remote_access.connection.items() if ra_conf.disable is not vyos_defined %} -{% if ra_conf.authentication.server_mode is vyos_defined('pre-shared-secret') %} - ike_{{ ra }} { -{% if ra_conf.authentication.id is vyos_defined %} - id = "{{ ra_conf.authentication.id }}" -{% elif ra_conf.local_address is vyos_defined %} - id = "{{ ra_conf.local_address }}" -{% endif %} - secret = "{{ ra_conf.authentication.pre_shared_secret }}" - } -{% endif %} -{% if ra_conf.authentication.client_mode is vyos_defined('eap-mschapv2') and ra_conf.authentication.local_users.username is vyos_defined %} -{% for user, user_conf in ra_conf.authentication.local_users.username.items() if user_conf.disable is not vyos_defined %} - eap-{{ ra }}-{{ user }} { - secret = "{{ user_conf.password }}" - id-{{ ra }}-{{ user }} = "{{ user }}" - } -{% endfor %} -{% endif %} -{% endfor %} -{% endif %} -{% if l2tp %} -{% if l2tp.authentication.mode is vyos_defined('pre-shared-secret') %} - ike_l2tp_remote_access { - id = "{{ l2tp_outside_address }}" - secret = "{{ l2tp.authentication.pre_shared_secret }}" - } -{% elif l2tp.authentication.mode is vyos_defined('x509') %} - private_l2tp_remote_access { - id = "{{ l2tp_outside_address }}" - file = {{ l2tp.authentication.x509.certificate }}.pem -{% if l2tp.authentication.x509.passphrase is vyos_defined %} - secret = "{{ l2tp.authentication.x509.passphrase }}" -{% endif %} - } -{% endif %} -{% endif %} -} - |