1package siteconnections 2 3import ( 4 "github.com/gophercloud/gophercloud" 5 "github.com/gophercloud/gophercloud/pagination" 6) 7 8// CreateOptsBuilder allows extensions to add additional parameters to the 9// Create request. 10type CreateOptsBuilder interface { 11 ToConnectionCreateMap() (map[string]interface{}, error) 12} 13type Action string 14type Initiator string 15 16const ( 17 ActionHold Action = "hold" 18 ActionClear Action = "clear" 19 ActionRestart Action = "restart" 20 ActionDisabled Action = "disabled" 21 ActionRestartByPeer Action = "restart-by-peer" 22 InitiatorBiDirectional Initiator = "bi-directional" 23 InitiatorResponseOnly Initiator = "response-only" 24) 25 26// DPDCreateOpts contains all the values needed to create a valid configuration for Dead Peer detection protocols 27type DPDCreateOpts struct { 28 // The dead peer detection (DPD) action. 29 // A valid value is clear, hold, restart, disabled, or restart-by-peer. 30 // Default value is hold. 31 Action Action `json:"action,omitempty"` 32 33 // The dead peer detection (DPD) timeout in seconds. 34 // A valid value is a positive integer that is greater than the DPD interval value. 35 // Default is 120. 36 Timeout int `json:"timeout,omitempty"` 37 38 // The dead peer detection (DPD) interval, in seconds. 39 // A valid value is a positive integer. 40 // Default is 30. 41 Interval int `json:"interval,omitempty"` 42} 43 44// CreateOpts contains all the values needed to create a new IPSec site connection 45type CreateOpts struct { 46 // The ID of the IKE policy 47 IKEPolicyID string `json:"ikepolicy_id"` 48 49 // The ID of the VPN Service 50 VPNServiceID string `json:"vpnservice_id"` 51 52 // The ID for the endpoint group that contains private subnets for the local side of the connection. 53 // You must specify this parameter with the peer_ep_group_id parameter unless 54 // in backward- compatible mode where peer_cidrs is provided with a subnet_id for the VPN service. 55 LocalEPGroupID string `json:"local_ep_group_id,omitempty"` 56 57 // The ID of the IPsec policy. 58 IPSecPolicyID string `json:"ipsecpolicy_id"` 59 60 // The peer router identity for authentication. 61 // A valid value is an IPv4 address, IPv6 address, e-mail address, key ID, or FQDN. 62 // Typically, this value matches the peer_address value. 63 PeerID string `json:"peer_id"` 64 65 // The ID of the project 66 TenantID string `json:"tenant_id,omitempty"` 67 68 // The ID for the endpoint group that contains private CIDRs in the form < net_address > / < prefix > 69 // for the peer side of the connection. 70 // You must specify this parameter with the local_ep_group_id parameter unless in backward-compatible mode 71 // where peer_cidrs is provided with a subnet_id for the VPN service. 72 PeerEPGroupID string `json:"peer_ep_group_id,omitempty"` 73 74 // An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. 75 // Most often, local ID would be domain name, email address, etc. 76 // If this is not configured then the external IP address will be used as the ID. 77 LocalID string `json:"local_id,omitempty"` 78 79 // The human readable name of the connection. 80 // Does not have to be unique. 81 // Default is an empty string 82 Name string `json:"name,omitempty"` 83 84 // The human readable description of the connection. 85 // Does not have to be unique. 86 // Default is an empty string 87 Description string `json:"description,omitempty"` 88 89 // The peer gateway public IPv4 or IPv6 address or FQDN. 90 PeerAddress string `json:"peer_address"` 91 92 // The pre-shared key. 93 // A valid value is any string. 94 PSK string `json:"psk"` 95 96 // Indicates whether this VPN can only respond to connections or both respond to and initiate connections. 97 // A valid value is response-only or bi-directional. Default is bi-directional. 98 Initiator Initiator `json:"initiator,omitempty"` 99 100 // Unique list of valid peer private CIDRs in the form < net_address > / < prefix > . 101 PeerCIDRs []string `json:"peer_cidrs,omitempty"` 102 103 // The administrative state of the resource, which is up (true) or down (false). 104 // Default is false 105 AdminStateUp *bool `json:"admin_state_up,omitempty"` 106 107 // A dictionary with dead peer detection (DPD) protocol controls. 108 DPD *DPDCreateOpts `json:"dpd,omitempty"` 109 110 // The maximum transmission unit (MTU) value to address fragmentation. 111 // Minimum value is 68 for IPv4, and 1280 for IPv6. 112 MTU int `json:"mtu,omitempty"` 113} 114 115// ToConnectionCreateMap casts a CreateOpts struct to a map. 116func (opts CreateOpts) ToConnectionCreateMap() (map[string]interface{}, error) { 117 return gophercloud.BuildRequestBody(opts, "ipsec_site_connection") 118} 119 120// Create accepts a CreateOpts struct and uses the values to create a new 121// IPSec site connection. 122func Create(c *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) { 123 b, err := opts.ToConnectionCreateMap() 124 if err != nil { 125 r.Err = err 126 return 127 } 128 resp, err := c.Post(rootURL(c), b, &r.Body, nil) 129 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 130 return 131} 132 133// Delete will permanently delete a particular IPSec site connection based on its 134// unique ID. 135func Delete(c *gophercloud.ServiceClient, id string) (r DeleteResult) { 136 resp, err := c.Delete(resourceURL(c, id), nil) 137 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 138 return 139} 140 141// Get retrieves a particular IPSec site connection based on its unique ID. 142func Get(c *gophercloud.ServiceClient, id string) (r GetResult) { 143 resp, err := c.Get(resourceURL(c, id), &r.Body, nil) 144 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 145 return 146} 147 148// ListOptsBuilder allows extensions to add additional parameters to the 149// List request. 150type ListOptsBuilder interface { 151 ToConnectionListQuery() (string, error) 152} 153 154// ListOpts allows the filtering and sorting of paginated collections through 155// the API. Filtering is achieved by passing in struct field values that map to 156// the IPSec site connection attributes you want to see returned. 157type ListOpts struct { 158 IKEPolicyID string `q:"ikepolicy_id"` 159 VPNServiceID string `q:"vpnservice_id"` 160 LocalEPGroupID string `q:"local_ep_group_id"` 161 IPSecPolicyID string `q:"ipsecpolicy_id"` 162 PeerID string `q:"peer_id"` 163 TenantID string `q:"tenant_id"` 164 ProjectID string `q:"project_id"` 165 PeerEPGroupID string `q:"peer_ep_group_id"` 166 LocalID string `q:"local_id"` 167 Name string `q:"name"` 168 Description string `q:"description"` 169 PeerAddress string `q:"peer_address"` 170 PSK string `q:"psk"` 171 Initiator Initiator `q:"initiator"` 172 AdminStateUp *bool `q:"admin_state_up"` 173 MTU int `q:"mtu"` 174} 175 176// ToConnectionListQuery formats a ListOpts into a query string. 177func (opts ListOpts) ToConnectionListQuery() (string, error) { 178 q, err := gophercloud.BuildQueryString(opts) 179 return q.String(), err 180} 181 182// List returns a Pager which allows you to iterate over a collection of 183// IPSec site connections. It accepts a ListOpts struct, which allows you to filter 184// and sort the returned collection for greater efficiency. 185func List(c *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pager { 186 url := rootURL(c) 187 if opts != nil { 188 query, err := opts.ToConnectionListQuery() 189 if err != nil { 190 return pagination.Pager{Err: err} 191 } 192 url += query 193 } 194 return pagination.NewPager(c, url, func(r pagination.PageResult) pagination.Page { 195 return ConnectionPage{pagination.LinkedPageBase{PageResult: r}} 196 }) 197} 198 199// UpdateOptsBuilder allows extensions to add additional parameters to the 200// Update request. 201type UpdateOptsBuilder interface { 202 ToConnectionUpdateMap() (map[string]interface{}, error) 203} 204 205// UpdateOpts contains the values used when updating the DPD of an IPSec site connection 206type DPDUpdateOpts struct { 207 Action Action `json:"action,omitempty"` 208 Timeout int `json:"timeout,omitempty"` 209 Interval int `json:"interval,omitempty"` 210} 211 212// UpdateOpts contains the values used when updating an IPSec site connection 213type UpdateOpts struct { 214 Description *string `json:"description,omitempty"` 215 Name *string `json:"name,omitempty"` 216 LocalID string `json:"local_id,omitempty"` 217 PeerAddress string `json:"peer_address,omitempty"` 218 PeerID string `json:"peer_id,omitempty"` 219 PeerCIDRs []string `json:"peer_cidrs,omitempty"` 220 LocalEPGroupID string `json:"local_ep_group_id,omitempty"` 221 PeerEPGroupID string `json:"peer_ep_group_id,omitempty"` 222 MTU int `json:"mtu,omitempty"` 223 Initiator Initiator `json:"initiator,omitempty"` 224 PSK string `json:"psk,omitempty"` 225 DPD *DPDUpdateOpts `json:"dpd,omitempty"` 226 AdminStateUp *bool `json:"admin_state_up,omitempty"` 227} 228 229// ToConnectionUpdateMap casts an UpdateOpts struct to a map. 230func (opts UpdateOpts) ToConnectionUpdateMap() (map[string]interface{}, error) { 231 return gophercloud.BuildRequestBody(opts, "ipsec_site_connection") 232} 233 234// Update allows IPSec site connections to be updated. 235func Update(c *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult) { 236 b, err := opts.ToConnectionUpdateMap() 237 if err != nil { 238 r.Err = err 239 return 240 } 241 resp, err := c.Put(resourceURL(c, id), b, &r.Body, &gophercloud.RequestOpts{ 242 OkCodes: []int{200}, 243 }) 244 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 245 return 246} 247