diff options
Diffstat (limited to 'data/templates')
| -rw-r--r-- | data/templates/firewall/nftables-nat.j2 | 13 | ||||
| -rw-r--r-- | data/templates/node_exporter/node_exporter.service.j2 | 20 | ||||
| -rw-r--r-- | data/templates/ocserv/radius_conf.j2 | 2 |
3 files changed, 34 insertions, 1 deletions
diff --git a/data/templates/firewall/nftables-nat.j2 b/data/templates/firewall/nftables-nat.j2 index 4254f6a0e..8c8dd3a8b 100644 --- a/data/templates/firewall/nftables-nat.j2 +++ b/data/templates/firewall/nftables-nat.j2 @@ -19,6 +19,12 @@ table ip vyos_nat { {% endfor %} {% endif %} } +{% for set_name in ip_fqdn %} + set FQDN_nat_{{ set_name }} { + type ipv4_addr + flags interval + } +{% endfor %} # # Source NAT rules build up here @@ -31,7 +37,14 @@ table ip vyos_nat { {{ config | nat_rule(rule, 'source') }} {% endfor %} {% endif %} + + } +{% for set_name in ip_fqdn %} + set FQDN_nat_{{ set_name }} { + type ipv4_addr + flags interval } +{% endfor %} chain VYOS_PRE_DNAT_HOOK { return diff --git a/data/templates/node_exporter/node_exporter.service.j2 b/data/templates/node_exporter/node_exporter.service.j2 new file mode 100644 index 000000000..62e7e6774 --- /dev/null +++ b/data/templates/node_exporter/node_exporter.service.j2 @@ -0,0 +1,20 @@ +{% set vrf_command = 'ip vrf exec ' ~ vrf ~ ' runuser -u node_exporter -- ' if vrf is vyos_defined else '' %} +[Unit] +Description=Node Exporter +Documentation=https://github.com/prometheus/node_exporter +After=network.target + +[Service] +{% if vrf is not vyos_defined %} +User=node_exporter +{% endif %} +ExecStart={{ vrf_command }}/usr/sbin/node_exporter \ +{% if listen_address is vyos_defined %} +{% for address in listen_address %} + --web.listen-address={{ address }}:{{ port }} +{% endfor %} +{% else %} + --web.listen-address=:{{ port }} +{% endif %} +[Install] +WantedBy=multi-user.target diff --git a/data/templates/ocserv/radius_conf.j2 b/data/templates/ocserv/radius_conf.j2 index 1ab322f69..c86929e47 100644 --- a/data/templates/ocserv/radius_conf.j2 +++ b/data/templates/ocserv/radius_conf.j2 @@ -22,7 +22,7 @@ authserver {{ authsrv }} {% endif %} {% endfor %} radius_timeout {{ authentication['radius']['timeout'] }} -{% if source_address %} +{% if authentication.radius.source_address is vyos_defined %} bindaddr {{ authentication['radius']['source_address'] }} {% else %} bindaddr * |