This repository has been archived by the owner on Nov 23, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 8
/
gateway_ipsec_vpn_service.rb
97 lines (92 loc) · 2.73 KB
/
gateway_ipsec_vpn_service.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
module Vcloud
module EdgeGateway
module Schema
VPN_LOCAL_PEER = {
type: Hash,
allowed_empty: false,
internals: {
id: {
type: 'string_or_number',
required: true,
allowed_empty: false,
},
name: {
type: 'string_or_number',
required: true,
allowed_empty: false,
}
}
}
VPN_SUBNETS = {
type: Hash,
allowed_empty: false,
internals: {
name: {
type: 'string_or_number',
required: true,
allowed_empty: false
},
gateway: {
type: 'ip_address_range',
required: true,
allowed_empty: false
},
netmask: {
type: 'ip_address_range',
required: true,
allowed_empty: false
}
}
}
VPN_RULE = {
type: Hash,
internals: {
enabled: {type: 'boolean', required: false},
name: {type: 'string_or_number', required: true},
description: {type: 'string_or_number', required: false},
ipsec_vpn_local_peer: {
type: Hash,
required: true,
allowed_empty: false,
each_element_is: VPN_LOCAL_PEER
},
local_id: {type: 'string', required: true, allowed_empty: false},
peer_id: {type: 'string', required: true, allowed_empty: false},
peer_ip_address: {type: 'ip_address_range', required: true},
local_ip_address: {type: 'ip_address_range', required: true, allowed_empty: false},
peer_subnets: {
type: Array,
required: true,
allowed_empty: false,
each_element_is: VPN_SUBNETS
},
shared_secret: {type: 'string', required: false, allowed_empty: true},
shared_secret_encrypted: {type: 'boolean', required: false},
encryption_protocol: {type: 'string', required: true, acceptable_values: 'AES'},
mtu: {type: 'string_or_number', required: true},
local_subnets: {
type: Array,
required: true,
allowed_empty: false,
each_element_is: VPN_SUBNETS
},
rule_type: {type: 'enum', required: true, acceptable_values: ['SNAT', 'DNAT'] }
}
}
GATEWAY_IPSEC_VPN_SERVICE = {
type: Hash,
allowed_empty: true,
required: false,
internals: {
enabled: {type: 'boolean', required: false},
tunnels: {
type: Array,
required: false,
allowed_empty: true,
each_element_is: VPN_RULE
}
}
}
end
end
end