openvpn: allow for configurable keepalive (aka ping & ping-restart) closes https://leap.se/code/issues/4127

author: elijah <elijah@riseup.net> 2014-04-05 12:39:01 -0700
committer: elijah <elijah@riseup.net> 2014-04-05 12:39:01 -0700
commit: 4a0feb8fa663c1c73c47f3298c1f303dffd942cc (patch)
tree: 1a0832ab4086183fc86b659c3a2f92078f359a2b
parent: c07e3d075149af0bbcd840ad0743df46d3baca5f (diff)
2 files changed, 3 insertions, 2 deletions
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index e5b97ed9..d98e86a1 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -22,7 +22,8 @@
     "configuration": {
       "tls-cipher": "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
       "auth": "SHA1",
-      "cipher": "AES-128-CBC"
+      "cipher": "AES-128-CBC",
+      "keepalive": "10 30"
     }
   }
 }
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 6246a836..b1f4997c 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -115,7 +115,7 @@ define site_openvpn::server_config(
         server => $openvpn_configname;
     "keepalive ${openvpn_configname}":
         key    => 'keepalive',
-        value  => '5 20',
+        value  => $config['keepalive'],
         server => $openvpn_configname;
     "local ${openvpn_configname}":
         key    => 'local',
author	elijah <elijah@riseup.net>	2014-04-05 12:39:01 -0700
committer	elijah <elijah@riseup.net>	2014-04-05 12:39:01 -0700
commit	4a0feb8fa663c1c73c47f3298c1f303dffd942cc (patch)
tree	1a0832ab4086183fc86b659c3a2f92078f359a2b
parent	c07e3d075149af0bbcd840ad0743df46d3baca5f (diff)