From 9aed5c0e562354f8fac67ec5cc8952d4ba9570cf Mon Sep 17 00:00:00 2001
From: Ryan Holt <ryan@ryanholt.net>
Date: Fri, 8 Oct 2021 09:43:21 -0400
Subject: [PATCH] add airplay support

---
 .../inventory/group_vars/all/address_book.yaml | 16 +++++++++++++++-
 .../inventory/host_vars/fw/firewall_rules.yml  | 18 ++++++++++++++++++
 .../inventory/host_vars/fw/firewall_zones.yml  |  2 ++
 3 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/ansible/inventory/group_vars/all/address_book.yaml b/ansible/inventory/group_vars/all/address_book.yaml
index b535c11..9d861f0 100644
--- a/ansible/inventory/group_vars/all/address_book.yaml
+++ b/ansible/inventory/group_vars/all/address_book.yaml
@@ -270,6 +270,7 @@ address_book:
         - plex_clients
         - android_tvs
         - chromecast_players
+        - airplay_devices
     nvidia_shield_tv_basement:
       hostname: nvidia_shield_tv_basement
       mac_addr: 48:b0:2d:13:b7:a0
@@ -282,6 +283,7 @@ address_book:
         - plex_clients
         - android_tvs
         - chromecast_players
+        - airplay_devices
     nvidia_shield_tv_masterbedroom:
       hostname: nvidia_shield_tv_masterbedroom
       mac_addr: 48:b0:2d:13:d1:d6
@@ -294,6 +296,7 @@ address_book:
         - plex_clients
         - android_tvs
         - chromecast_players
+        - airplay_devices
     firetv_bar_tv:
       hostname: firetv_bar_tv
       mac_addr: 74:ec:b2:5a:c3:47
@@ -340,6 +343,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_kitchen-2:
       hostname: sonos_kitchen_2
       mac_addr: 34:7e:5c:1e:04:4c
@@ -349,6 +353,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_upstairs_hallway:
       hostname: sonos_upstairs_hallway
       mac_addr: 5c:aa:fd:4e:d2:9e
@@ -358,6 +363,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_basement:
       hostname: sonos_basement
       mac_addr: 5c:aa:fd:4e:d6:24
@@ -367,6 +373,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_bar:
       hostname: sonos_bar
       mac_addr: 48:a6:b8:f9:11:b6
@@ -376,6 +383,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_move:
       hostname: sonos_move
       mac_addr: 48:a6:b8:e0:cd:ec
@@ -385,6 +393,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_office:
       hostname: sonos_office
       mac_addr: 48:a6:b8:68:81:b5
@@ -394,6 +403,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_livingroom_tv:
       hostname: sonos_livingroom_tv
       mac_addr: 54:2a:1b:87:58:10
@@ -403,6 +413,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     sonos_masterbedroom_tv:
       hostname: sonos_masterbedroom_tv
       mac_addr: 48:a6:b8:b3:9f:e7
@@ -412,6 +423,7 @@ address_book:
       groups:
         - media_players
         - sonos_players
+        - airplay_devices
     lg_basement_tv:
       hostname: lg_basement_tv
       mac_addr: 20:3d:bd:6b:24:d2
@@ -442,7 +454,7 @@ address_book:
         - print_clients
     Ryans-iPhone:
       hostname: Ryans-iPhone
-      mac_addr: 74:42:8b:68:50:ae
+      mac_addr: 5c:52:30:2b:6a:f7
       network: wireless
       dhcp_client: true
       ipv4_addr: 10.30.50.200
@@ -456,6 +468,7 @@ address_book:
         - chromecast_clients
         - ecobee_clients
         - plex_clients
+        - airplay_clients
     rybook:
       hostname: rybook
       mac_addr: 74:42:8b:68:50:fe
@@ -483,6 +496,7 @@ address_book:
         - chromecast_clients
         - ecobee_clients
         - plex_clients
+        - airplay_clients
     Steffi-PC:
       hostname: Steffi-PC
       mac_addr: 50:1a:c5:e9:75:af
diff --git a/ansible/inventory/host_vars/fw/firewall_rules.yml b/ansible/inventory/host_vars/fw/firewall_rules.yml
index 4c0cc57..8c772b0 100644
--- a/ansible/inventory/host_vars/fw/firewall_rules.yml
+++ b/ansible/inventory/host_vars/fw/firewall_rules.yml
@@ -442,3 +442,21 @@ vyos_firewall_rules:
       address-group: k8s_nodes
     destination:
       port: imaps
+
+  accept_airplay_to_airplay_devices_from_airplay_clients_tcp:
+    action: accept
+    protocol: tcp
+    source:
+      address-group: airplay_clients
+    destination:
+      address-group: airplay_devices
+      port: 5000,7000,7100,50000,7200-17210
+
+  accept_airplay_to_airplay_devices_from_airplay_clients_udp:
+    action: accept
+    protocol: udp
+    source:
+      address-group: airplay_clients
+    destination:
+      address-group: airplay_devices
+      port: 7200-17210
diff --git a/ansible/inventory/host_vars/fw/firewall_zones.yml b/ansible/inventory/host_vars/fw/firewall_zones.yml
index 95bcfdd..46eb4d2 100644
--- a/ansible/inventory/host_vars/fw/firewall_zones.yml
+++ b/ansible/inventory/host_vars/fw/firewall_zones.yml
@@ -450,6 +450,8 @@ vyos_firewall_zones:
           - accept_chromecast_to_chromecast_players_from_chromecast_clients: null
           - accept_print_clients_to_printers: null
           - accept_ecobee_from_ecobee_clients: null
+          - accept_airplay_to_airplay_devices_from_airplay_clients_tcp: null
+          - accept_airplay_to_airplay_devices_from_airplay_clients_udp: null
       - includeZones:
           - servers
         default: drop