diff options
| author | Micah Anderson <micah@leap.se> | 2014-06-19 14:12:08 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@leap.se> | 2014-06-19 14:12:08 -0400 |
| commit | 9198af78956972a01aaf85e19753c5c9e62ea018 (patch) | |
| tree | 7c2c4901c92528b2fababb0e4283d5bec6cd1aef /puppet/modules/site_openvpn/manifests | |
| parent | 6100b6ded99241f10e7fb12c13a0820fda084912 (diff) | |
| parent | f991e8a4c877cff1d274fd1cac26488f8c3fda84 (diff) | |
Merge tag '0.5.2'
tagging 0.5.2 release
Diffstat (limited to 'puppet/modules/site_openvpn/manifests')
| -rw-r--r-- | puppet/modules/site_openvpn/manifests/resolver.pp | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/puppet/modules/site_openvpn/manifests/resolver.pp b/puppet/modules/site_openvpn/manifests/resolver.pp index c1367a33..cea0153a 100644 --- a/puppet/modules/site_openvpn/manifests/resolver.pp +++ b/puppet/modules/site_openvpn/manifests/resolver.pp @@ -3,15 +3,15 @@ class site_openvpn::resolver { if $site_openvpn::openvpn_allow_unlimited { $ensure_unlimited = 'present' file { - '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver': - content => "interface: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver.conf': + content => "server:\n\tinterface: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr} allow\n", owner => root, group => root, mode => '0644', require => [ Class['site_config::caching_resolver'], Service['openvpn'] ], notify => Service['unbound']; - '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver': - content => "interface: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver.conf': + content => "server:\n\tinterface: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr} allow\n", owner => root, group => root, mode => '0644', @@ -20,22 +20,22 @@ class site_openvpn::resolver { } } else { $ensure_unlimited = 'absent' - tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver': } - tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver': } + tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_udp_resolver.conf': } + tidy { '/etc/unbound/unbound.conf.d/vpn_unlimited_tcp_resolver.conf': } } if $site_openvpn::openvpn_allow_limited { $ensure_limited = 'present' file { - '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver': - content => "interface: ${site_openvpn::openvpn_limited_udp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver.conf': + content => "server:\n\tinterface: ${site_openvpn::openvpn_limited_udp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr} allow\n", owner => root, group => root, mode => '0644', require => [ Class['site_config::caching_resolver'], Service['openvpn'] ], notify => Service['unbound']; - '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver': - content => "interface: ${site_openvpn::openvpn_limited_tcp_network_prefix}.1\naccess-control: ${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr} allow\n", + '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver.conf': + content => "server\n\tinterface: ${site_openvpn::openvpn_limited_tcp_network_prefix}.1\n\taccess-control: ${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr} allow\n", owner => root, group => root, mode => '0644', @@ -44,7 +44,7 @@ class site_openvpn::resolver { } } else { $ensure_limited = 'absent' - tidy { '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver': } - tidy { '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver': } + tidy { '/etc/unbound/unbound.conf.d/vpn_limited_udp_resolver.conf': } + tidy { '/etc/unbound/unbound.conf.d/vpn_limited_tcp_resolver.conf': } } } |