diff options
author | elijah <elijah@riseup.net> | 2014-03-20 13:10:44 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2014-03-20 13:10:44 -0700 |
commit | 222fd1568d7af9ea953a4d6179578da5994ea1fd (patch) | |
tree | 6ce6959235be6eccbd30b8ec1ea4bdcb76c33fa3 /puppet/modules/site_openvpn/manifests/server_config.pp | |
parent | a8c9d80317240d86cb7de652c23efbd7bc81bde2 (diff) |
allow ability to customize openvpn security stuff: tls-cipher, auth, and cipher config options.
Diffstat (limited to 'puppet/modules/site_openvpn/manifests/server_config.pp')
-rw-r--r-- | puppet/modules/site_openvpn/manifests/server_config.pp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp index befeaef7..6246a836 100644 --- a/puppet/modules/site_openvpn/manifests/server_config.pp +++ b/puppet/modules/site_openvpn/manifests/server_config.pp @@ -54,7 +54,7 @@ define site_openvpn::server_config( $port, $proto, $local, $server, $push, - $management, $tls_remote = undef) { + $management, $config, $tls_remote = undef) { $openvpn_configname = $name @@ -96,15 +96,15 @@ define site_openvpn::server_config( server => $openvpn_configname; "tls-cipher ${openvpn_configname}": key => 'tls-cipher', - value => 'DHE-RSA-AES128-SHA', + value => $config['tls-cipher'], server => $openvpn_configname; "auth ${openvpn_configname}": key => 'auth', - value => 'SHA1', + value => $config['auth'], server => $openvpn_configname; "cipher ${openvpn_configname}": key => 'cipher', - value => 'AES-128-CBC', + value => $config['cipher'], server => $openvpn_configname; "dev ${openvpn_configname}": key => 'dev', |