summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2013-10-12 01:02:38 +0200
committervarac <varacanero@zeromail.org>2013-10-15 18:54:20 +0200
commit071bd544ed79a07bb2532b7e79318e76062ba49e (patch)
treef2a264ed42ad57ce6a712377ca38131b67d7865d
parent4a75cd70b50969023c507b5c9ec2e8c36142f706 (diff)
puppet - openvpn gateway address is hard coded as a /24 network (Bug #1863)
-rw-r--r--puppet/modules/site_openvpn/manifests/init.pp6
-rw-r--r--puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb8
2 files changed, 10 insertions, 4 deletions
diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp
index 61fefd0a..42146741 100644
--- a/puppet/modules/site_openvpn/manifests/init.pp
+++ b/puppet/modules/site_openvpn/manifests/init.pp
@@ -62,6 +62,12 @@ class site_openvpn {
$openvpn_limited_udp_cidr = '21'
}
+ # find out the netmask in cidr format of the primary IF
+ # thx to https://blog.kumina.nl/tag/puppet-tips-and-tricks/
+ # we can do this using an inline_template:
+ $factname_primary_netmask = "netmask_cidr_${::site_config::params::interface}"
+ $primary_netmask = inline_template('<%= scope.lookupvar(factname_primary_netmask) %>')
+
# deploy dh keys
include site_openvpn::dh_key
diff --git a/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb b/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb
index 05f3d16b..e76b756b 100644
--- a/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb
+++ b/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb
@@ -1,11 +1,11 @@
#!/bin/sh
-ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q <%= @openvpn_gateway_address %>/24 ||
- ip addr add <%= @openvpn_gateway_address %>/24 dev <%= scope.lookupvar('site_config::params::interface') %>
+ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q <%= @openvpn_gateway_address %>/<%= @primary_netmask %> ||
+ ip addr add <%= @openvpn_gateway_address %>/<%= @primary_netmask %> dev <%= scope.lookupvar('site_config::params::interface') %>
<% if @openvpn_second_gateway_address %>
-ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q <%= @openvpn_second_gateway_address %>/24 ||
- ip addr add <%= @openvpn_second_gateway_address %>/24 dev <%= scope.lookupvar('site_config::params::interface') %>
+ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q <%= @openvpn_second_gateway_address %>/<%= @primary_netmask %> ||
+ ip addr add <%= @openvpn_second_gateway_address %>/<%= @primary_netmask %> dev <%= scope.lookupvar('site_config::params::interface') %>
<% end %>
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward