a4e667de10
Single-commit clean baseline after security scrub of niche-tells, project codenames, internal jargon, and contributor-email leaks. Contents: - 100 Rust crates (_primitives/_rust/) - 37 agent manifests (_manifests/) + generated specs (_generated/) - 67 user-invocable skills (skills/) - 33 hooks (hooks/) - Composition blocks (_blocks/) - Documentation (docs/, README.md) - TS adapter packages (_ts_packages/) - Assembler (_assembler/) - Roles (_roles/) - Templates (_templates/) - Forgejo CI (.forgejo/) Author: Denis Parfionovich <info@greendragon.info> License: see LICENSE.
31 lines
1.2 KiB
Rust
31 lines
1.2 KiB
Rust
// SPDX-License-Identifier: Apache-2.0
|
|
// Copyright 2026 <author org>
|
|
//
|
|
//! kei-net-ipsec — IPsec impl of [`kei_runtime_core::NetworkMode`] via
|
|
//! `swanctl` shell-out (strongSwan).
|
|
//!
|
|
//! Layout (Constructor Pattern: 1 file = 1 cube, ≤200 LOC each):
|
|
//! - [`error`]: local `Error`/`Result` mapping into the runtime-core error.
|
|
//! - [`runner`]: [`Runner`] trait + [`SystemRunner`] / [`MockRunner`] —
|
|
//! single subprocess seam (mirror of `kei-llm-mlx::runner`).
|
|
//! - [`parse`]: SA-stanza parser for `swanctl --list-sas` text output.
|
|
//! - [`network`]: [`IpsecMode`] — DNA-bearing `NetworkMode` impl.
|
|
//!
|
|
//! Mode flags:
|
|
//! - `is_public() = true` (IPsec exposes a routable public path; sibling
|
|
//! tailscale / wireguard adapters return `false`).
|
|
//!
|
|
//! Env:
|
|
//! - `SWANCTL_CONFIG_DIR` — override `/etc/swanctl/` config root.
|
|
//! - `IPSEC_CHILD_NAME` — child SA name to bring up / tear down (default
|
|
//! `home`).
|
|
|
|
pub mod error;
|
|
pub mod network;
|
|
pub mod parse;
|
|
pub mod runner;
|
|
|
|
pub use error::{Error, Result};
|
|
pub use network::{IpsecMode, DEFAULT_CHILD_NAME, DEFAULT_CONFIG_DIR};
|
|
pub use parse::parse_sas_output;
|
|
pub use runner::{MockRunner, RunOutput, Runner, SystemRunner};
|