diff options
author | elijah <elijah@riseup.net> | 2013-02-27 23:46:58 -0800 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2013-02-27 23:46:58 -0800 |
commit | ffb88e54c5e4e30fa61ea1009f3eee62f98ab17c (patch) | |
tree | 0d28846e9de15d7580b3b232aac16e2f4e8cb6e4 /puppet/modules/site_openvpn/manifests/server_config.pp | |
parent | 5f8b63892ec9d08471a43ac642ed8f291d27c4f5 (diff) |
openvpn -- added support for optional "free" rate-limited service via special client certificates with the FREE prefix in the common name.
Diffstat (limited to 'puppet/modules/site_openvpn/manifests/server_config.pp')
-rw-r--r-- | puppet/modules/site_openvpn/manifests/server_config.pp | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp index 436dd272..1f42400a 100644 --- a/puppet/modules/site_openvpn/manifests/server_config.pp +++ b/puppet/modules/site_openvpn/manifests/server_config.pp @@ -52,7 +52,9 @@ # note: the default is BF-CBC (blowfish) # -define site_openvpn::server_config ($port, $proto, $local, $server, $push, $management ) { +define site_openvpn::server_config( + $port, $proto, $local, $server, $push, + $management, $tls_remote = undef, $shaper = undef) { $openvpn_configname = $name @@ -66,6 +68,20 @@ define site_openvpn::server_config ($port, $proto, $local, $server, $push, $mana notify => Service['openvpn']; } + # special options for the "free" gateway daemons + if $shaper != undef { + openvpn::option { + "shaper $openvpn_configname": + key => 'shaper', + value => $shaper, + server => $openvpn_configname; + "tls-remote $openvpn_configname": + key => 'tls-remote', + value => $tls_remote, + server => $openvpn_configname; + } + } + openvpn::option { "ca $openvpn_configname": key => 'ca', |