Abstract support in a2rule
Useful for abstract rule add|set|del|get
access, key
derivation.
Parameters to a2rule abstract add|set|del|get|key ...
would be
-
domain DOMAIN
(not for*key
) -
type comm|group|HEXBYTES
(not forservicekey
) -
name NAME
(always; inlocal
) -
selector SELECTOR
(default@.
; inremote
) domainkey HEXBYTES
servicekey HEXBYTES
-
rule TEXT
(not forkey
)
Quite a few combinations to care for. Glad we got that covered :-)
Usage: a2rule abstract ... Abstract management of Rules
abstract key ... To derive the domain key or service key
abstract add ... To add an abstract rule that does not exist yet
abstract del ... To remove an abstract rule that matches exactly
abstract set ... To have an abstract rule and drop any existing
abstract get ... To query for abstract rules that match well enough
Combinations:
a2rule abstract key domain DOMAIN type TYPE # Derives domain key
a2rule abstract key domain DOMAIN type TYPE name NAME [selector SELECTOR] # Derives service key
a2rule abstract add|set domain DOMAIN type TYPE name NAME selector SELECTOR rule TEXT
a2rule abstract add|set domainkey HEXBYTES type TYPE name NAME selector SELECTOR rule TEXT
a2rule abstract add|set servicekey HEXBYTES name NAME selector SELECTOR rule TEXT
a2rule abstract del|get domain DOMAIN type TYPE name NAME selector SELECTOR [rule TEXT]
a2rule abstract del|get domainkey HEXBYTES type TYPE name NAME selector SELECTOR [rule TEXT]
a2rule abstract del|get servicekey HEXBYTES name NAME selector SELECTOR [rule TEXT]
Edited by Rick van Rein