diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-05-01 19:44:52 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2022-05-01 19:44:52 +0200 |
| commit | 49b1afc25b73d9c5daae1c76edb88aab42afa83e (patch) | |
| tree | 64d44eb5425ba0ebb0531f2cb60cef32830f0efa /data/templates/ipsec/swanctl/remote_access.tmpl | |
| parent | 992c847493665fd2119636d81582aa80e99e388a (diff) | |
| download | vyos-1x-49b1afc25b73d9c5daae1c76edb88aab42afa83e.tar.gz vyos-1x-49b1afc25b73d9c5daae1c76edb88aab42afa83e.zip | |
ipsec: T4353: fix Jinja2 linting errors
Diffstat (limited to 'data/templates/ipsec/swanctl/remote_access.tmpl')
| -rw-r--r-- | data/templates/ipsec/swanctl/remote_access.tmpl | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/data/templates/ipsec/swanctl/remote_access.tmpl b/data/templates/ipsec/swanctl/remote_access.tmpl deleted file mode 100644 index 059984139..000000000 --- a/data/templates/ipsec/swanctl/remote_access.tmpl +++ /dev/null @@ -1,50 +0,0 @@ -{% macro conn(name, rw_conf, ike_group, esp_group) %} -{# peer needs to reference the global IKE configuration for certain values #} -{% set ike = ike_group[rw_conf.ike_group] %} -{% set esp = esp_group[rw_conf.esp_group] %} - ra-{{ name }} { - remote_addrs = %any - local_addrs = {{ rw_conf.local_address if rw_conf.local_address is vyos_defined else '%any' }} - proposals = {{ ike_group[rw_conf.ike_group] | get_esp_ike_cipher | join(',') }} - version = {{ ike.key_exchange[4:] if ike.key_exchange is vyos_defined else "0" }} - send_certreq = no - rekey_time = {{ ike.lifetime }}s - keyingtries = 0 -{% if rw_conf.unique is vyos_defined %} - unique = {{ rw_conf.unique }} -{% endif %} -{% if rw_conf.pool is vyos_defined %} - pools = {{ rw_conf.pool | join(',') }} -{% endif %} - local { -{% if rw_conf.authentication.id is vyos_defined and rw_conf.authentication.use_x509_id is not vyos_defined %} - id = '{{ rw_conf.authentication.id }}' -{% endif %} -{% if rw_conf.authentication.server_mode == 'x509' %} - auth = pubkey - certs = {{ rw_conf.authentication.x509.certificate }}.pem -{% elif rw_conf.authentication.server_mode == 'pre-shared-secret' %} - auth = psk -{% endif %} - } - remote { - auth = {{ rw_conf.authentication.client_mode }} -{% if rw_conf.authentication.client_mode.startswith("eap") %} - eap_id = %any -{% endif %} - } - children { - ikev2-vpn { - esp_proposals = {{ esp | get_esp_ike_cipher(ike) | join(',') }} - rekey_time = {{ esp.lifetime }}s - rand_time = 540s - dpd_action = clear - inactivity = {{ rw_conf.timeout }} -{% set local_prefix = rw_conf.local.prefix if rw_conf.local.prefix is vyos_defined else ['0.0.0.0/0', '::/0'] %} -{% set local_port = rw_conf.local.port if rw_conf.local.port is vyos_defined else '' %} -{% set local_suffix = '[%any/{1}]'.format(local_port) if local_port else '' %} - local_ts = {{ local_prefix | join(local_suffix + ",") }}{{ local_suffix }} - } - } - } -{% endmacro %} |