in functions/source/fgt-asg-handler/lib/core/autoscale-handler.js [223:319]
async getBaseConfig() {
let baseConfig = await this.getConfigSet('baseconfig');
let psksecret = this._settings['fortigate-psk-secret'],
fazConfig = '',
fazIp;
if (baseConfig) {
// check if other config set are required
let requiredConfigSet = this._settings['required-configset'] || '';
let configContent = '';
// check if second nic is enabled, config for the second nic must be prepended to
// base config
if (this._settings['enable-second-nic'] === 'true') {
baseConfig = (await this.getConfigSet('port2config')) + baseConfig;
}
// if internal elb is enabled, require this 'httpsroutingpolicy' configset
if (this._settings['enable-internal-elb'] === 'true') {
// if not empty requiredConfigSet add the , delimiter
if (requiredConfigSet !== '') {
requiredConfigSet += ',';
}
requiredConfigSet += 'httpsroutingpolicy-yes';
}
// if faz integration is enabled, require this 'fazintegration' configset
if (this._settings['enable-fortianalyzer-integration'] === 'true') {
// if not empty requiredConfigSet add the , delimiter
if (requiredConfigSet !== '') {
requiredConfigSet += ',';
}
requiredConfigSet += 'fazintegration-yes';
}
let alreadyRequired = [];
for (let configset of requiredConfigSet.split(',')) {
let [name, selected] = (configset.includes('-') &&
configset
.trim()
.split('-')
.map(str => (str && str.toLowerCase()) || null)) || [null, null];
if (selected === 'yes' && !alreadyRequired.includes(name)) {
// prevent from adding the same config set multiple times
alreadyRequired.push(name);
switch (name) {
// handle https routing policy
case 'httpsroutingpolicy':
configContent += await this.getConfigSet('internalelbweb');
configContent += await this.getConfigSet(name);
break;
// handle fortianalyzer integration config
case 'fazintegration':
fazIp = await this.getFazIp();
if (fazIp) {
fazConfig = await this.getConfigSet(name);
configContent += fazConfig.replace(
new RegExp('{FAZ_PRIVATE_IP}', 'gm'),
fazIp
);
}
break;
case 'extrastaticroutes':
configContent += await this.getConfigSet('extrastaticroutes');
break;
case 'extraports':
configContent += await this.getConfigSet('extraports');
break;
default:
break;
}
}
}
baseConfig += configContent;
baseConfig = baseConfig
.replace(
new RegExp('{SYNC_INTERFACE}', 'gm'),
this._settings['fortigate-sync-interface'] || 'port1'
)
.replace(new RegExp('{EXTERNAL_INTERFACE}', 'gm'), 'port1')
.replace(new RegExp('{INTERNAL_INTERFACE}', 'gm'), 'port2')
.replace(new RegExp('{PSK_SECRET}', 'gm'), psksecret)
.replace(
new RegExp('{TRAFFIC_PORT}', 'gm'),
this._settings['fortigate-traffic-port'] || 443
)
.replace(
new RegExp('{ADMIN_PORT}', 'gm'),
this._settings['fortigate-admin-port'] || 8443
)
.replace(
new RegExp('{HEART_BEAT_INTERVAL}', 'gm'),
this._settings['heartbeat-interval'] || 30
)
.replace(
new RegExp('{INTERNAL_ELB_DNS}', 'gm'),
this._settings['fortigate-protected-internal-elb-dns'] || ''
);
}
return baseConfig;
}