From 03c6f39c9680fc600fec59be5eeacd62c1787f1d Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Tue, 24 Jun 2025 21:42:08 +0300
Subject: added validation for ips, cidrs and ports

---
 tasks/preflight.yaml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'tasks')

diff --git a/tasks/preflight.yaml b/tasks/preflight.yaml
index 6c67ae7..eec97e3 100644
--- a/tasks/preflight.yaml
+++ b/tasks/preflight.yaml
@@ -15,3 +15,23 @@
     msg: "distribution not Debian-based"
   when: dpkg_check.rc != 0
 
+
+- name: check nat_subnet format
+  fail:
+    msg: "nat_subnet must be in CIDR format, e.g., 10.10.10.0/24"
+  when: nat_subnet is not match("^(\\d{1,3}\\.){3}\\d{1,3}/\\d{1,2}$")
+
+- name: check nat_bridge_ip is valid ip
+  fail:
+    msg: "nat_bridge_ip must be a valid IPv4 address"
+  when: nat_bridge_ip is not match("^(\\d{1,3}\\.){3}\\d{1,3}$")
+
+- name: check wg_subnet format
+  fail:
+    msg: "wg_subnet must be in CIDR format, e.g., 10.13.37.0/24"
+  when: wg_subnet is not match("^(\\d{1,3}\\.){3}\\d{1,3}/\\d{1,2}$")
+
+- name: check wg_port is between 1024 and 65535
+  fail:
+    msg: "wg_port must be a number between 1024 and 65535"
+  when: wg_port | int < 1024 or wg_port | int > 65535
-- 
cgit v1.2.3