Commit graph

21 commits

Author SHA1 Message Date
Timotej Lazar abc7a0728b Generate ipsets for network groups
Like office and server.
2023-10-03 13:36:58 +02:00
Timotej Lazar 719bcf7c55 Improve LDAP lookup of user groups 2023-09-07 15:02:08 +02:00
Timotej Lazar 4ef3efbc68 Handle exceptions when sending mail 2023-07-07 09:04:17 +02:00
Timotej Lazar 5262c64244 Add form for editing NAT addresses 2023-07-07 08:20:35 +02:00
Timotej Lazar 8b8c675759 Rename networks.json to ipsets.json
Getting ready for some changes.
2023-07-06 16:28:15 +02:00
Timotej Lazar 5e65755ec0 Add error reporting over email and improve logging 2023-07-03 16:01:14 +02:00
Timotej Lazar b55ae4d305 Use a script on firewall nodes to update config
So we can get some feedback to firewall master.
2023-06-28 14:17:39 +02:00
Timotej Lazar 4fb2d2c732 Add version number to config tarballs
Preparing to rework the updater script.
2023-06-26 18:26:35 +02:00
Timotej Lazar 5ba9c03e23 Don’t print empty element lists in nftables
Because nft chokes on them.
2023-06-26 10:15:03 +02:00
Timotej Lazar 6780f074c7 Support IPv6 sets
Also some unrelated cleanups in system.save_config.
2023-05-29 13:00:39 +02:00
Timotej Lazar 765d4a3ce7 Add support for managing forwarding rules 2023-05-29 12:24:21 +02:00
Timotej Lazar 52a5b7cd11 Use iif/oif instead of iifname/oifname in nftables rules
Following the change in ansible scripts.
2023-05-23 11:31:13 +02:00
Timotej Lazar 22cec64bef Simplify database locking
Use a single lock for everything to ensure we don’t go inconsistent.
One exception is the firewall nodes table which is only accessed when
pushing updated config.
2023-05-19 09:30:28 +02:00
Timotej Lazar aeae0f8a29 Rework NAT settings again 2023-05-19 08:31:49 +02:00
Timotej Lazar 968a2736d2 Rework NAT settings
Support static NAT for L2 server networks. Also some other minor
tweaks.
2023-05-11 10:37:54 +02:00
Timotej Lazar 2793385693 Rename some bound variables 2023-04-07 22:51:38 +02:00
Timotej Lazar 931cd3f8c1 Store generated configs in $HOME
And move app to ~/app.
2023-04-07 14:20:54 +02:00
Timotej Lazar bba8193e14 Fix locking
Or maybe break it further.
2023-04-06 10:04:30 +02:00
Timotej Lazar 539c6ef739 Clean up imports 2023-01-26 16:28:36 +01:00
Timotej Lazar 388061130e Decrease SSH timeout when pushing config to nodes 2023-01-26 16:15:08 +01:00
Timotej Lazar 113992f95b Make a squash 2023-01-26 10:51:51 +01:00