{{ ansible_managed | comment }}

## Interconnexion

# Réseaux d'interconnexion
define interco_v4 = {
    {{ nftables_interco_v4 | join(",\n") | indent }}
}
define interco_v6 = {
    {{ nftables_interco_v6 | join(",\n") | indent }}
}


## Administration

# Réseaux d'administration
define adm_v4 = {
    {{ nftables_adm_v4 | join(",\n") | indent }}
}
define adm_v6 = {
    {{ nftables_adm_v6 | join(",\n") | indent }}
}

# Serveurs de centralisation des journaux
define syslog_adm_v4 = { 10.128.0.51 }
define syslog_adm_v6 = { 2a09:6840:128::251 }

# Adresses des bastions autorisés
define bastions_v4 = {
    {{ nftables_bastions_v4 | join(",\n") | indent }}
}
define bastions_v6 = {
    {{ nftables_bastions_v6 | join(",\n") | indent }}
}


## Services

# Réseaux de services privés
define svc_v4 = {
    {{ nftables_svc_v4 | join(",\n") | indent }}
}
define svc_v6 = {
    {{ nftables_svc_v6 | join(",\n") | indent }}
}


## Adhérents

# Réseaux des adhérents
define members_v4 = {
    {{ nftables_members_v4 | join(",\n") | indent }}
}
define members_v6 = {
    {{ nftables_members_v6 | join(",\n") | indent }}
}

# Sous-réseau d'inscription des adhérents
define signup_v4 = {
    {{ nftables_signup_v4 | join(",\n") | indent }}
}
define signup_v6 = {
    {{ nftables_signup_v6 | join(",\n") | indent }}
}

# Hôtes déclencheurs d'accès à Internet pour inscription
define signup_triggers_v4 = {
    {{ nftables_signup_triggers_v4 | join(",\n") | indent }}
}
define signup_triggers_v6 = {
    {{ nftables_signup_triggers_v6 | join(",\n") | indent }}
}


## NAT

# Interface sur laquelle appliquer le NAT
define wan_iface = "ens18"

define members_nat_v4 = 92.222.211.198
define any_nat_v4 = 92.222.211.198