From: Aleš <ales.mrazek@nic.cz>
Date: Sun, 5 Dec 2021 23:33:07 +0000 (+0100)
Subject: datamodel: policy: jinja2 macros
X-Git-Tag: v6.0.0a1~69^2~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97db3d785bb7875eb24f2dd8559eb108dc70dffb;p=thirdparty%2Fknot-resolver.git

datamodel: policy: jinja2 macros
- stub/forward-zones: simplify templates using jinja2 macros
---

diff --git a/manager/knot_resolver_manager/datamodel/templates/forward_zones.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/forward_zones.lua.j2
index d4c3c24a2..6a50b1001 100644
--- a/manager/knot_resolver_manager/datamodel/templates/forward_zones.lua.j2
+++ b/manager/knot_resolver_manager/datamodel/templates/forward_zones.lua.j2
@@ -1,173 +1,72 @@
-{% if cfg.forward_zones %}
+{% from 'macros/policy_macros.lua.j2' import policy_flags, policy_add, policy_suffix, policy_todname, policy_forward, policy_tls_forward %}
+{% from 'macros/view_macros.lua.j2' import view_tsig, view_addr %}
 
+{% if cfg.forward_zones %}
 {% for name, zone in cfg.forward_zones.items() %}
 -- forward-zone: {{ name }}
-{% if zone.views %}
-{% for view_id in zone.views %}
--- forward-zone: {{ name }} view: {{ view_id }}
-{% set view = cfg.views[view_id] %}
-
-{% set options = none %}
-{% if zone.options and view.options %}
+{% if zone.views -%}
+{# views set for forward-zone #}
+{% for view_id in zone.views -%}
+{%- set view = cfg.views[view_id] -%}
+
+{# merge options from view and forward-zone #}
+{%- set options = none -%}
+{% if zone.options and view.options -%}
 {% set options = zone.options|list + view.options|list %}
 {% elif zone.options %}
 {% set options = zone.options|list %}
 {% elif view.options %}
 {% set options = view.options|list %}
-{% endif %}
+{%- endif %}
 
+{# view tsig #}
 {% if view.tsig %}
-{% for sig in view.tsig %}
-
-{% if options %}
--- forward-zone: {{ name }} view: {{ view_id }} options
-view:tsig('{{ sig }}', policy.suffix(policy.FLAGS({
-{%- for flag in options -%}
-'{{ flag.upper().replace("-", "_") }}',
-{%- endfor -%}
-}), {todname('{{ name }}')}))
-{% endif %}
-
--- forward-zone: {{ name }} view: {{ view_id }} servers
-{% for server in zone.servers %}
-view:tsig('{{ sig }}', policy.suffix(
-
-{%- if zone.tls -%}
-policy.TLS_FORWARD({{ '{{' }}'{{ server.address if server.address else server}}',
-
-{%- if server.pin_sha256 -%}
-pin_sha256=
-{%- if server.pin_sha256 is string -%}
-'{{ server.pin_sha256 }}',
-{%- else -%}
-{
-{%- for pin in server.pin_sha256 -%}
-'{{ pin }}',
-{%- endfor -%}
-},
-{%- endif -%}
-{%- endif -%}
+{% for tsig in view.tsig %}
 
-{%- if server.hostname -%}
-hostname='{{ server.hostname }}',
-{%- endif -%}
+{%- if options -%}
+{{ view_tsig(tsig|string, policy_suffix(policy_flags(options|list), policy_todname(name|string))) }}
+{%- endif %}
 
-{%- if server.ca_file -%}
-ca_file='{{ server.ca_file }}',
-{%- endif -%}
-
-{{ '}}' }})
-
-{%- else -%}
-policy.FORWARD('{{ server.address if server.address else server}}')
-{%- endif -%}
-, {todname('{{ name }}')}))
-
-{% endfor %}
+{% if zone.tls -%}
+{{ view_tsig(tsig|string, policy_suffix(policy_tls_forward(zone.servers|list), policy_todname(name|string))) }}
+{% else %}
+{{ view_tsig(tsig|string, policy_suffix(policy_forward(zone.servers|list), policy_todname(name|string))) }}
+{%- endif %}
 
 {% endfor %}
 {% endif %}
 
+{# view addr #}
 {% if view.subnets %}
 {% for addr in view.subnets %}
 
-{% if options %}
--- forward-zone: {{ name }} view: {{ view_id }} options
-view:addr('{{ addr }}', policy.suffix(policy.FLAGS({
-{%- for flag in options -%}
-'{{ flag.upper().replace("-", "_") }}',
-{%- endfor -%}
-}), {todname('{{ name }}')}))
-{% endif %}
-
--- forward-zone: {{ name }} view: {{ view_id }} servers
-{% for server in zone.servers %}
-view:addr('{{ addr }}', policy.suffix(
-
-{%- if zone.tls -%}
-policy.TLS_FORWARD({{ '{{' }}'{{ server.address if server.address else server}}',
+{%- if options -%}
+{{ view_addr(addr|string, policy_suffix(policy_flags(options|list), policy_todname(name|string))) }}
+{%- endif %}
 
-{%- if server.pin_sha256 -%}
-pin_sha256=
-{%- if server.pin_sha256 is string -%}
-'{{ server.pin_sha256 }}',
-{%- else -%}
-{
-{%- for pin in server.pin_sha256 -%}
-'{{ pin }}',
-{%- endfor -%}
-},
-{%- endif -%}
-{%- endif -%}
-
-{%- if server.hostname -%}
-hostname='{{ server.hostname }}',
-{%- endif -%}
-
-{%- if server.ca_file -%}
-ca_file='{{ server.ca_file }}',
-{%- endif -%}
-
-{{ '}}' }})
-
-{%- else -%}
-policy.FORWARD('{{ server.address if server.address else server}}')
-{%- endif -%}
-, {todname('{{ name }}')}))
-
-{% endfor %}
+{% if zone.tls -%}
+{{ view_addr(addr|string, policy_suffix(policy_tls_forward(zone.servers|list), policy_todname(name|string))) }}
+{% else %}
+{{ view_addr(addr|string, policy_suffix(policy_forward(zone.servers|list), policy_todname(name|string))) }}
+{%- endif %}
 
 {% endfor %}
 {% endif %}
 
 {% endfor %}
 {% else %}
+{# no views set for forward-zone #}
 
-{% if zone.options %}
--- forward-zone: {{ name }} options
-policy.add(policy.suffix(policy.FLAGS({
-{%- for flag in zone.options -%}
-'{{ flag.upper().replace("-", "_") }}',
-{%- endfor -%}
-}), {todname('{{ name }}')}))
-{% endif %}
-
--- forward-zone: {{ name }} servers
-{% for server in zone.servers %}
-policy.add(policy.suffix(
-{%- if zone.tls -%}
-policy.TLS_FORWARD({{ '{{' }}'{{ server.address if server.address else server}}',
-
-{%- if server.pin_sha256 -%}
-pin_sha256=
-{%- if server.pin_sha256 is string -%}
-'{{ server.pin_sha256 }}',
-{%- else -%}
-{
-{%- for pin in server.pin_sha256 -%}
-'{{ pin }}',
-{%- endfor -%}
-},
-{%- endif -%}
-{%- endif -%}
-
-{%- if server.hostname -%}
-hostname='{{ server.hostname }}',
-{%- endif -%}
-
-{%- if server.ca_file -%}
-ca_file='{{ server.ca_file }}',
-{%- endif -%}
+{% if zone.options -%}
+{{ policy_add(policy_suffix(policy_flags(zone.options|list), policy_todname(name|string))) }}
+{%- endif %}
 
-{{ '}}' }})
-
-{%- else -%}
-policy.FORWARD('{{ server.address if server.address else server}}')
-{%- endif -%}
-, {todname('{{ name }}')}))
-{% endfor %}
+{% if zone.tls -%}
+{{ policy_add(policy_suffix(policy_tls_forward(zone.servers|list), policy_todname(name|string))) }}
+{% else %}
+{{ policy_add(policy_suffix(policy_forward(zone.servers|list), policy_todname(name|string))) }}
+{%- endif %}
 
 {% endif %}
-
 {% endfor %}
 {% endif %}
diff --git a/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2
new file mode 100644
index 000000000..5e5044e3e
--- /dev/null
+++ b/manager/knot_resolver_manager/datamodel/templates/macros/policy_macros.lua.j2
@@ -0,0 +1,95 @@
+{% macro policy_add(rule) -%}
+policy.add({{ rule }})
+{%- endmacro %}
+
+
+{% macro policy_flags(flags) -%}
+policy.FLAGS({
+{%- for flag in flags -%}
+'{{ flag.upper().replace("-", "_") }}',
+{%- endfor -%}
+})
+{%- endmacro %}
+
+
+{% macro policy_suffix(action, suffix_table) -%}
+policy.suffix({{ action }}, {{ suffix_table }})
+{%- endmacro %}
+
+
+{% macro policy_stub(servers) -%}
+policy.STUB({
+{%- if servers is string %}
+'{{ addresses|string }}'
+{%- else -%}
+{%- for server in servers -%}
+{%- if server.address %}
+'{{ server.address|string }}',
+{%- else -%}
+'{{ server|string }}',
+{%- endif -%}
+{%- endfor -%}
+{%- endif -%}
+})
+{%- endmacro %}
+
+
+{% macro policy_forward(servers) -%}
+policy.FORWARD({
+{%- if servers is string %}
+'{{ addresses|string }}'
+{%- else -%}
+{%- for server in servers -%}
+{%- if server.address %}
+'{{ server.address|string }}',
+{%- else -%}
+'{{ server|string }}',
+{%- endif -%}
+{%- endfor -%}
+{%- endif -%}
+})
+{%- endmacro %}
+
+
+{% macro tls_auth(server) -%}
+{%- if server.hostname -%}
+hostname='{{ server.hostname|string }}',
+{%- endif -%}
+{%- if server.ca_file -%}
+ca_file='{{ server.ca_file|string }}',
+{%- endif -%}
+{%- if server.pin_sha256 -%}
+pin_sha256=
+{%- if server.pin_sha256 is string -%}
+'{{ server.pin_sha256|string }}',
+{%- else -%}
+{
+{%- for pin in server.pin_sha256 -%}
+'{{ pin|string }}',
+{%- endfor -%}
+},
+{%- endif -%}
+{%- endif -%}
+{%- endmacro %}
+
+
+{% macro policy_tls_forward(servers) -%}
+policy.TLS_FORWARD({
+{%- for server in servers -%}
+{'{{ server.address }}', {{ tls_auth(server) }} },
+{%- endfor -%}
+})
+{%- endmacro %}
+
+
+{% macro policy_todname(names) -%}
+policy.todnames({
+{%- if names is string -%}
+'{{ names|string }}'
+{%- else -%}
+{%- for name in names -%}
+'{{ name|string }}',
+{%- endfor -%}
+{%- endif -%}
+})
+{%- endmacro %}
\ No newline at end of file
diff --git a/manager/knot_resolver_manager/datamodel/templates/macros/view_macros.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/macros/view_macros.lua.j2
new file mode 100644
index 000000000..293d45e8a
--- /dev/null
+++ b/manager/knot_resolver_manager/datamodel/templates/macros/view_macros.lua.j2
@@ -0,0 +1,7 @@
+{% macro view_tsig(tsig, rule) -%}
+view:tsig('{{ tsig }}', {{ rule }})
+{%- endmacro %}
+
+{% macro view_addr(addr, rule) -%}
+view:addr('{{ addr }}', {{ rule }})
+{%- endmacro %}
\ No newline at end of file
diff --git a/manager/knot_resolver_manager/datamodel/templates/stub_zones.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/stub_zones.lua.j2
index c2ada9dff..10db55ed9 100644
--- a/manager/knot_resolver_manager/datamodel/templates/stub_zones.lua.j2
+++ b/manager/knot_resolver_manager/datamodel/templates/stub_zones.lua.j2
@@ -1,77 +1,57 @@
-{% if cfg.stub_zones %}
+{% from 'macros/policy_macros.lua.j2' import policy_flags, policy_add, policy_suffix, policy_todname, policy_stub %}
+{% from 'macros/view_macros.lua.j2' import view_tsig, view_addr %}
 
+{% if cfg.stub_zones %}
 {% for name, zone in cfg.stub_zones.items() %}
 -- stub-zone: {{ name }}
-{% if zone.views %}
-{% for view_id in zone.views %}
--- stub-zone: {{ name }} view: {{ view_id }}
-{% set view = cfg.views[view_id.replace("-", "_")] %}
-
-{% set options = none %}
-{% if zone.options and view.options %}
-{% set options = zone.options|list + view.options |list%}
+{% if zone.views -%}
+{# views set for stub-zone #}
+{% for view_id in zone.views -%}
+{%- set view = cfg.views[view_id] -%}
+
+{# merge options from view and stub-zone #}
+{%- set options = none -%}
+{% if zone.options and view.options -%}
+{% set options = zone.options|list + view.options|list %}
 {% elif zone.options %}
 {% set options = zone.options|list %}
 {% elif view.options %}
 {% set options = view.options|list %}
-{% endif %}
+{%- endif %}
 
-{% if view.tsig %}
-{% for sig in view.tsig %}
+{% if view.tsig -%}
+{% for tsig in view.tsig -%}
 
-{% if options %}
--- stub-zone: {{ name }} view: {{ view_id }} options
-view:tsig('{{ sig }}', policy.suffix(policy.FLAGS({
-{%- for flag in options -%}
-'{{ flag.upper().replace("-", "_") }}',
-{%- endfor -%}
-}), {todname('{{ name }}')}))
-{% endif %}
+{%- if options -%}
+{{ view_tsig(tsig|string, policy_suffix(policy_flags(options|list), policy_todname(name|string))) }}
+{%- endif %}
 
--- stub-zone: {{ name }} view: {{ view_id }} servers
-{% for server in zone.servers %}
-view:tsig('{{ sig }}', policy.suffix(policy.STUB('{{ server }}'), {todname('{{ name }}')}))
-{% endfor %}
+{{ view_tsig(tsig|string, policy_suffix(policy_stub(zone.servers|list), policy_todname(name|string))) }}
 
 {% endfor %}
-{% endif %}
+{%- endif -%}
 
-{% if view.subnets %}
-{% for addr in view.subnets %}
+{% if view.subnets -%}
+{% for addr in view.subnets -%}
 
-{% if options %}
--- stub-zone: {{ name }} view: {{ view_id }} options
-view:addr('{{ addr }}', policy.suffix(policy.FLAGS({
-{%- for flag in options -%}
-'{{ flag.upper().replace("-", "_") }}',
-{%- endfor -%}
-}), {todname('{{ name }}')}))
-{% endif %}
+{%- if options -%}
+{{ view_addr(addr|string, policy_suffix(policy_flags(options|list), policy_todname(name|string))) }}
+{%- endif %}
 
--- stub-zone: {{ name }} view: {{ view_id }} servers
-{% for server in zone.servers %}
-view:addr('{{ addr }}', policy.suffix(policy.STUB('{{ server }}'), {todname('{{ name }}')}))
-{% endfor %}
+{{ view_addr(addr|string, policy_suffix(policy_stub(zone.servers|list), policy_todname(name|string))) }}
 
 {% endfor %}
 {% endif %}
 
 {% endfor %}
 {% else %}
-{% if zone.options %}
+{# no views set for stub-zone #}
 
--- stub-zone: {{ name }} options
-policy.add(policy.suffix(policy.FLAGS({
-{%- for flag in zone.options -%}
-'{{ flag.upper().replace("-", "_") }}',
-{%- endfor -%}
-}), {todname('{{ name }}')}))
-{% endif %}
+{% if zone.options -%}
+{{ policy_add(policy_suffix(policy_flags(zone.options|list), policy_todname(name|string))) }}
+{%- endif %}
 
--- stub-zone: {{ name }} servers
-{% for server in zone.servers %}
-policy.add(policy.suffix(policy.STUB('{{ server }}'), {todname('{{ name }}')}))
-{% endfor %}
+{{ policy_add(policy_suffix(policy_stub(zone.servers|list), policy_todname(name|string))) }}
 
 {% endif %}
 {% endfor %}
diff --git a/manager/setup.py b/manager/setup.py
index 0dc38bc5c..6f9c864bb 100644
--- a/manager/setup.py
+++ b/manager/setup.py
@@ -12,7 +12,8 @@ packages = \
  'knot_resolver_manager.utils']
 
 package_data = \
-{'': ['*'], 'knot_resolver_manager.datamodel': ['templates/*']}
+{'': ['*'],
+ 'knot_resolver_manager.datamodel': ['templates/*', 'templates/macros/*']}
 
 install_requires = \
 ['Jinja2>=2.11.3',