From 2f662373e5603b24e19e197ce83a3071d6a4f5ef Mon Sep 17 00:00:00 2001
From: Timotej Lazar <timotej.lazar@fri.uni-lj.si>
Date: Wed, 26 Mar 2025 19:19:09 +0100
Subject: [PATCH] firewall: get mgmt gateway from custom field on prefix

Mainly so we can add IPv6 mgmt addresses and drop the gateway custom
field from NetBox interfaces.
---
 roles/firewall/templates/mgmt.intf.j2 | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/roles/firewall/templates/mgmt.intf.j2 b/roles/firewall/templates/mgmt.intf.j2
index 3a94fe9..a1279dd 100644
--- a/roles/firewall/templates/mgmt.intf.j2
+++ b/roles/firewall/templates/mgmt.intf.j2
@@ -18,9 +18,14 @@ iface {{ iface.name }}
 {% endif %}
 {% for addr in iface.ip_addresses %}
     address {{ addr.address }}
-{% endfor %}
-{% if iface.custom_fields.gateway %}
-    up ip route add default via {{ iface.custom_fields.gateway.address | ipaddr('address') }}{% if iface.vrf %} vrf {{ iface.vrf.name }}{% endif %}
+{% set subnet = addr.address | ipaddr('subnet') %}
+{% set prefix_match = prefixes | selectattr('prefix', '==', subnet) %}
+{% if prefix_match %}
+{% set prefix = prefix_match | first %}
+{% if prefix.custom_fields.gateway %}
+    up ip route add default via {{ prefix.custom_fields.gateway.address | ipaddr('address') }}{% if iface.vrf %} vrf {{ iface.vrf.name }}{% endif %}
+{% endif %}
 {% endif +%}
+{% endfor %}
 
 {% endfor %}