ipsec: T4333: migrate to new vyos_defined Jinja2 test

author: Christian Poessinger <christian@poessinger.com> 2022-04-13 22:51:42 +0200
committer: Christian Poessinger <christian@poessinger.com> 2022-04-13 22:51:42 +0200
commit: e8a637eec0cc398f78a877ece6b9c7cdca418970 (patch)
tree: d5950ea33e209a3a290b617d501807959102a9d0 /data/templates/ipsec/swanctl.conf.tmpl
parent: fc36d67b051bad776a5b1d6e9a04f1205487f01f (diff)
download: vyos-1x-e8a637eec0cc398f78a877ece6b9c7cdca418970.tar.gz
vyos-1x-e8a637eec0cc398f78a877ece6b9c7cdca418970.zip
1 files changed, 33 insertions, 33 deletions
diff --git a/data/templates/ipsec/swanctl.conf.tmpl b/data/templates/ipsec/swanctl.conf.tmpl
index 68b108365..6ba93dd1f 100644
--- a/data/templates/ipsec/swanctl.conf.tmpl
+++ b/data/templates/ipsec/swanctl.conf.tmpl
@@ -5,18 +5,18 @@
 {% import 'ipsec/swanctl/remote_access.tmpl' as remote_access_tmpl %}
 
 connections {
-{% if profile is defined %}
-{%   for name, profile_conf in profile.items() if profile_conf.disable is not defined and profile_conf.bind is defined and profile_conf.bind.tunnel is defined %}
+{% if profile is vyos_defined %}
+{%   for name, profile_conf in profile.items() if profile_conf.disable is not vyos_defined and profile_conf.bind.tunnel is vyos_defined %}
 {{     profile_tmpl.conn(name, profile_conf, ike_group, esp_group) }}
 {%   endfor %}
 {% endif %}
-{% if site_to_site is defined and site_to_site.peer is defined %}
-{%   for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %}
+{% if site_to_site.peer is vyos_defined %}
+{%   for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not vyos_defined %}
 {{     peer_tmpl.conn(peer, peer_conf, ike_group, esp_group) }}
 {%   endfor %}
 {%  endif %}
-{% if remote_access is defined and remote_access.connection is defined and remote_access.connection is not none %}
-{%   for rw, rw_conf in remote_access.connection.items() if rw_conf.disable is not defined %}
+{% if remote_access.connection is vyos_defined %}
+{%   for rw, rw_conf in remote_access.connection.items() if rw_conf.disable is not vyos_defined %}
 {{ remote_access_tmpl.conn(rw, rw_conf, ike_group, esp_group) }}
 {%   endfor %}
 {% endif %}
@@ -26,16 +26,16 @@ connections {
 }
 
 pools {
-{%  if remote_access is defined and remote_access.pool is defined and remote_access.pool is not none %}
+{%  if remote_access.pool is vyos_defined %}
 {%    for pool, pool_config in remote_access.pool.items() %}
     {{ pool }} {
-{%      if pool_config.prefix is defined and pool_config.prefix is not none %}
+{%      if pool_config.prefix is vyos_defined %}
         addrs = {{ pool_config.prefix }}
 {%      endif %}
-{%      if pool_config.name_server is defined and pool_config.name_server is not none %}
+{%      if pool_config.name_server is vyos_defined %}
         dns = {{ pool_config.name_server | join(',') }}
 {%      endif %}
-{%      if pool_config.exclude is defined and pool_config.exclude is not none %}
+{%      if pool_config.exclude is vyos_defined %}
         split_exclude = {{ pool_config.exclude | join(',') }}
 {%      endif %}
     }
@@ -44,9 +44,9 @@ pools {
 }
 
 secrets {
-{%  if profile is defined %}
-{%    for name, profile_conf in profile.items() if profile_conf.disable is not defined and profile_conf.bind is defined and profile_conf.bind.tunnel is defined %}
-{%      if profile_conf.authentication.mode == 'pre-shared-secret' %}
+{%  if profile is vyos_defined %}
+{%    for name, profile_conf in profile.items() if profile_conf.disable is not vyos_defined and profile_conf.bind.tunnel is vyos_defined %}
+{%      if profile_conf.authentication.mode is vyos_defined('pre-shared-secret') %}
 {%        for interface in profile_conf.bind.tunnel %}
     ike-dmvpn-{{ interface }} {
         secret = {{ profile_conf.authentication.pre_shared_secret }}
@@ -55,54 +55,54 @@ secrets {
 {%      endif %}
 {%    endfor %}
 {%  endif %}
-{%  if site_to_site is defined and site_to_site.peer is defined %}
-{%    for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %}
+{%  if site_to_site.peer is vyos_defined %}
+{%    for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not vyos_defined %}
 {%      set peer_name = peer.replace("@", "") | dot_colon_to_dash %}
-{%      if peer_conf.authentication.mode == 'pre-shared-secret' %}
+{%      if peer_conf.authentication.mode is vyos_defined('pre-shared-secret') %}
     ike_{{ peer_name }} {
-{%        if peer_conf.local_address is defined %}
+{%        if peer_conf.local_address is vyos_defined %}
         id-local = {{ peer_conf.local_address }} # dhcp:{{ peer_conf.dhcp_interface if 'dhcp_interface' in peer_conf else 'no' }}
 {%        endif %}
         id-remote = {{ peer }}
-{%        if peer_conf.authentication.id is defined %}
+{%        if peer_conf.authentication.id is vyos_defined %}
         id-localid = {{ peer_conf.authentication.id }}
 {%        endif %}
-{%        if peer_conf.authentication.remote_id is defined %}
+{%        if peer_conf.authentication.remote_id is vyos_defined %}
         id-remoteid = {{ peer_conf.authentication.remote_id }}
 {%        endif %}
         secret = "{{ peer_conf.authentication.pre_shared_secret }}"
     }
-{%      elif peer_conf.authentication.mode == 'x509' %}
+{%      elif peer_conf.authentication.mode is vyos_defined('x509') %}
     private_{{ peer_name }} {
         file = {{ peer_conf.authentication.x509.certificate }}.pem
-{%        if peer_conf.authentication.x509.passphrase is defined %}
+{%        if peer_conf.authentication.x509.passphrase is vyos_defined %}
         secret = "{{ peer_conf.authentication.x509.passphrase }}"
 {%        endif %}
     }
-{%      elif peer_conf.authentication.mode == 'rsa' %}
+{%      elif peer_conf.authentication.mode is vyos_defined('rsa') %}
     rsa_{{ peer_name }}_local {
         file = {{ peer_conf.authentication.rsa.local_key }}.pem
-{%        if peer_conf.authentication.rsa.passphrase is defined %}
+{%        if peer_conf.authentication.rsa.passphrase is vyos_defined %}
         secret = "{{ peer_conf.authentication.rsa.passphrase }}"
 {%        endif %}
     }
 {%      endif %}
 {%    endfor %}
 {%  endif %}
-{%  if remote_access is defined and remote_access.connection is defined and remote_access.connection is not none %}
-{%    for ra, ra_conf in remote_access.connection.items() if ra_conf.disable is not defined %}
-{%      if ra_conf.authentication.server_mode == 'pre-shared-secret' %}
+{%  if remote_access.connection is vyos_defined %}
+{%    for ra, ra_conf in remote_access.connection.items() if ra_conf.disable is not vyos_defined %}
+{%      if ra_conf.authentication.server_mode is vyos_defined('pre-shared-secret') %}
     ike_{{ ra }} {
-{%        if ra_conf.authentication.id is defined %}
+{%        if ra_conf.authentication.id is vyos_defined %}
         id = "{{ ra_conf.authentication.id }}"
-{%        elif ra_conf.local_address is defined %}
+{%        elif ra_conf.local_address is vyos_defined %}
         id = "{{ ra_conf.local_address }}"
 {%        endif %}
         secret = "{{ ra_conf.authentication.pre_shared_secret }}"
     }
 {%      endif %}
-{%      if ra_conf.authentication.client_mode == 'eap-mschapv2' and ra_conf.authentication.local_users is defined and ra_conf.authentication.local_users.username is defined %}
-{%        for user, user_conf in ra_conf.authentication.local_users.username.items() if user_conf.disable is not defined %}
+{%      if ra_conf.authentication.client_mode is vyos_defined('eap-mschapv2') and ra_conf.authentication.local_users.username is vyos_defined %}
+{%        for user, user_conf in ra_conf.authentication.local_users.username.items() if user_conf.disable is not vyos_defined %}
     eap-{{ ra }}-{{ user }} {
         secret = "{{ user_conf.password }}"
         id-{{ ra }}-{{ user }} = "{{ user }}"
@@ -112,16 +112,16 @@ secrets {
 {%    endfor %}
 {%  endif %}
 {%  if l2tp %}
-{%    if l2tp.authentication.mode == 'pre-shared-secret' %}
+{%    if l2tp.authentication.mode is vyos_defined('pre-shared-secret') %}
     ike_l2tp_remote_access {
         id = "{{ l2tp_outside_address }}"
         secret = "{{ l2tp.authentication.pre_shared_secret }}"
     }
-{%    elif l2tp.authentication.mode == 'x509' %}
+{%    elif l2tp.authentication.mode is vyos_defined('x509') %}
     private_l2tp_remote_access {
         id = "{{ l2tp_outside_address }}"
         file = {{ l2tp.authentication.x509.certificate }}.pem
-{%      if l2tp.authentication.x509.passphrase is defined %}
+{%      if l2tp.authentication.x509.passphrase is vyos_defined %}
         secret = "{{ l2tp.authentication.x509.passphrase }}"
 {%      endif %}
     }
author	Christian Poessinger <christian@poessinger.com>	2022-04-13 22:51:42 +0200
committer	Christian Poessinger <christian@poessinger.com>	2022-04-13 22:51:42 +0200
commit	e8a637eec0cc398f78a877ece6b9c7cdca418970 (patch)
tree	d5950ea33e209a3a290b617d501807959102a9d0 /data/templates/ipsec/swanctl.conf.tmpl
parent	fc36d67b051bad776a5b1d6e9a04f1205487f01f (diff)
download	vyos-1x-e8a637eec0cc398f78a877ece6b9c7cdca418970.tar.gz vyos-1x-e8a637eec0cc398f78a877ece6b9c7cdca418970.zip