import json import flask import flask_login from . import db from . import system blueprint = flask.Blueprint('ipsets', __name__) # return combined data for all IP sets, stored in two files: # - networks.json: IP prefixes for networks defined in NetBox # - ipsets.json: custom IP prefixes defined with this app, and NAT and other settings for all sets # database should be locked when calling this function def read(): # first read in static data all_ipsets = db.read('networks') # then add the custom definitions, not overriding any IP prefixes from NetBox for name, data in db.read('ipsets').items(): # set “custom” flag for this set if it is not present in networks.json all_ipsets[name] = data | all_ipsets.get(name, {'custom': True}) return all_ipsets @blueprint.route('/', methods=('GET', 'POST')) @flask_login.login_required def index(): if not flask_login.current_user.is_admin: return flask.Response('forbidden', status=403, mimetype='text/plain') with db.locked(): if flask.request.method == 'POST': # read network data from NetBox, merge in custom definitions and dump the lot sets = db.read('networks') formdata = zip(*(flask.request.form.getlist(e) for e in ('name', 'ip', 'ip6', 'nat', 'vpn'))) for name, ip, ip6, nat, vpn in formdata: # drop sets with empty names if not name: continue # assign IPs for custom networks only if name not in sets: sets[name] = { 'ip': ip.split(), 'ip6': ip6.split() } # assign NAT and VPN for all networks sets[name] |= { 'nat': nat, 'vpn': vpn } db.write('ipsets', sets) system.run(system.save_config) return flask.redirect(flask.url_for('ipsets.index')) return flask.render_template('ipsets/index.html', ipsets=read())