Puppet Function: squid::acl::normalise

Defined in:
modules/squid/functions/acl/normalise.pp
Function type:
Puppet Language

Summary

take general squid::acl and converts the src role and dst hosts to ip addresses

Overview

squid::acl::normalise(Hash[String[1], Squid::Acl] $acl)Hash[String[1], Squid::Acl]

SPDX-License-Identifier: Apache-2.0

Examples:

$acl = {
  'task' => 'T1234',
  'port' => 9876,
  'src'  => ['sretest']
  'dst'  => ['bastion.example.org']
}
squid::acl::normalise($acl) >> {
  'task' => 'T1234',
  'port' => 9876,
  'src'  => ['10.64.48.138', '2620:0:861:107:10:64:48:138', '10.64.48.139', '2620:0:861:107:10:64:48:139'],
  'dst'  => ['192.0.2.1', '2001:db8::1'],
}

Parameters:

  • acl (Hash[String[1], Squid::Acl])

    the acl to normalise

Returns:

  • (Hash[String[1], Squid::Acl]) 


17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'modules/squid/functions/acl/normalise.pp', line 17

function squid::acl::normalise (
    Hash[String[1], Squid::Acl] $acl,
) >> Hash[String[1], Squid::Acl] {
    Hash($acl.map |$name, $acl| {
        $src = $acl['src'].map |$role| { wmflib::role::ips($role) }.flatten.sort.unique
        $dst = $acl['dst_type'] ? {
            'host'  => $acl['dst'].map |$host| { dnsquery::lookup($host) }.flatten.sort.unique,
            default => $acl['dst'],
        }
        [$name, $acl + {'src' => $src, 'dst' => $dst}]
    })
}