summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMicah Anderson <micah@leap.se>2013-07-04 16:35:51 -0400
committerMicah Anderson <micah@leap.se>2013-07-04 16:52:03 -0400
commit7cbc4d41e35fec9dc0192cc3caf11803b562c06d (patch)
tree47dcc5f3d112c4fd282b30000b910d9341260176
parent47dd8cde0316256e0d2d1037787fdf539a3f8975 (diff)
more robust openvpn restarting
this ensures that an actual restart is run on the service when config files are added or removed, instead of relying on the status parameter of the initscript, which can be confused if config files are removed out from under it Change-Id: I1c69fff26933338b707acf7dc4593547f32f92e3
-rw-r--r--puppet/modules/site_openvpn/manifests/init.pp9
-rw-r--r--puppet/modules/site_openvpn/manifests/server_config.pp2
2 files changed, 10 insertions, 1 deletions
diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp
index 685871bd..4f900623 100644
--- a/puppet/modules/site_openvpn/manifests/init.pp
+++ b/puppet/modules/site_openvpn/manifests/init.pp
@@ -127,6 +127,13 @@ class site_openvpn {
subscribe => File['/usr/local/bin/add_gateway_ips.sh'],
}
+ exec { 'restart_openvpn':
+ command => '/etc/init.d/openvpn restart',
+ refreshonly => true,
+ subscribe => File['/etc/openvpn'],
+ require => [ Package['openvpn'], File['/etc/openvpn'] ];
+ }
+
cron { 'add_gateway_ips.sh':
command => '/usr/local/bin/add_gateway_ips.sh',
user => 'root',
@@ -142,6 +149,7 @@ class site_openvpn {
'openvpn':
ensure => installed;
}
+
service {
'openvpn':
ensure => running,
@@ -153,6 +161,7 @@ class site_openvpn {
file {
'/etc/openvpn':
ensure => directory,
+ notify => Exec['restart_openvpn'],
require => Package['openvpn'];
}
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index a2e769e1..6106cfbb 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -65,7 +65,7 @@ define site_openvpn::server_config(
mode => 644,
warn => true,
require => File['/etc/openvpn'],
- notify => Service['openvpn'];
+ notify => Exec['restart_openvpn'];
}
if $tls_remote != undef {