summaryrefslogtreecommitdiff
path: root/lib/leap_cli/config
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-06-20 01:25:51 -0700
committerelijah <elijah@riseup.net>2014-06-20 01:25:51 -0700
commitb034cc5afb72b21e03b1e34080f2fbdfa4d0ad1a (patch)
tree792e71addb356fdc9672ed3fe763e1c89b9dc50c /lib/leap_cli/config
parent8168934403904c5793bbe9700dde0321cae66d0f (diff)
changed how stunnel is generated in hiera files. breaks compatibility with older platforms
Diffstat (limited to 'lib/leap_cli/config')
-rw-r--r--lib/leap_cli/config/macros.rb36
1 files changed, 27 insertions, 9 deletions
diff --git a/lib/leap_cli/config/macros.rb b/lib/leap_cli/config/macros.rb
index 59453b0..66f1318 100644
--- a/lib/leap_cli/config/macros.rb
+++ b/lib/leap_cli/config/macros.rb
@@ -272,6 +272,23 @@ module LeapCli; module Config
##
#
+ # About stunnel
+ # --------------------------
+ #
+ # The network looks like this:
+ #
+ # From the client's perspective:
+ #
+ # |------- stunnel client --------------| |---------- stunnel server -----------------------|
+ # consumer app -> localhost:accept_port -> connect:connect_port -> ??
+ #
+ # From the server's perspective:
+ #
+ # |------- stunnel client --------------| |---------- stunnel server -----------------------|
+ # ?? -> *:accept_port -> localhost:connect_port -> service
+ #
+
+ #
# stunnel configuration for the client side.
#
# +node_list+ is a ObjectList of nodes running stunnel servers.
@@ -279,18 +296,12 @@ module LeapCli; module Config
# +port+ is the real port of the ultimate service running on the servers
# that the client wants to connect to.
#
- # About ths stunnel puppet names:
- #
# * accept_port is the port on localhost to which local clients
# can connect. it is auto generated serially.
+ #
# * connect_port is the port on the stunnel server to connect to.
# it is auto generated from the +port+ argument.
#
- # The network looks like this:
- #
- # |------ stunnel client ---------------| |--------- stunnel server -----------------------|
- # consumer app -> localhost:accept_port -> server:connect_port -> server:port -> service app
- #
# generates an entry appropriate to be passed directly to
# create_resources(stunnel::service, hiera('..'), defaults)
#
@@ -307,7 +318,8 @@ module LeapCli; module Config
result["#{node.name}_#{port}"] = Config::Object[
'accept_port', @next_stunnel_port,
'connect', node.domain.internal,
- 'connect_port', stunnel_port(port)
+ 'connect_port', stunnel_port(port),
+ 'original_port', port
]
@next_stunnel_port += 1
end
@@ -320,8 +332,14 @@ module LeapCli; module Config
#
# +port+ is the real port targeted service.
#
+ # * `accept_port` is the publicly bound port
+ # * `connect_port` is the port that the local service is running on.
+ #
def stunnel_server(port)
- {"accept" => stunnel_port(port), "connect" => "127.0.0.1:#{port}"}
+ {
+ "accept_port" => stunnel_port(port),
+ "connect_port" => port
+ }
end
#