diff options
author | elijah <elijah@riseup.net> | 2014-06-02 11:03:56 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2014-06-02 11:03:56 -0700 |
commit | 09916946f8eb0ab17689255fd626a52ef1808e6a (patch) | |
tree | f179088762e75506693298e055661d89a2f639ba | |
parent | 382d1cb4aea6e4a2e6fb101346e46bb8a01dbc10 (diff) |
fix unbound: configs in /etc/unbound/unbound.conf.d contained a syntax error and were missing .conf suffix
-rw-r--r-- | puppet/modules/site_openvpn/manifests/resolver.pp | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/puppet/modules/site_openvpn/manifests/resolver.pp b/puppet/modules/site_openvpn/manifests/resolver.pp index c1367a33..cea0153a 100644 --- a/puppet/modules/site_openvpn/manifests/resolver.pp +++ b/puppet/modules/site_openvpn/manifests/resolver.pp @@ -3,15 +3,15 @@ class site_openvpn::resolver { if $site_openvpn::openvpn_allow_unlimited { $ensure_unlimited = 'present' file { - '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver': - content => "interface: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver.conf': + content => "server:\n\tinterface: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr} allow\n", owner => root, group => root, mode => '0644', require => [ Class['site_config::caching_resolver'], Service['openvpn'] ], notify => Service['unbound']; - '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver': - content => "interface: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver.conf': + content => "server:\n\tinterface: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr} allow\n", owner => root, group => root, mode => '0644', @@ -20,22 +20,22 @@ class site_openvpn::resolver { } } else { $ensure_unlimited = 'absent' - tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver': } - tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver': } + tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver.conf': } + tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver.conf': } } if $site_openvpn::openvpn_allow_limited { $ensure_limited = 'present' file { - '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver': - content => "interface: ${site_openvpn::openvpn_limited_udp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver.conf': + content => "server:\n\tinterface: ${site_openvpn::openvpn_limited_udp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr} allow\n", owner => root, group => root, mode => '0644', require => [ Class['site_config::caching_resolver'], Service['openvpn'] ], notify => Service['unbound']; - '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver': - content => "interface: ${site_openvpn::openvpn_limited_tcp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver.conf': + content => "server\n\tinterface: ${site_openvpn::openvpn_limited_tcp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr} allow\n", owner => root, group => root, mode => '0644', @@ -44,7 +44,7 @@ class site_openvpn::resolver { } } else { $ensure_limited = 'absent' - tidy { '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver': } - tidy { '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver': } + tidy { '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver.conf': } + tidy { '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver.conf': } } } |