summaryrefslogtreecommitdiff
path: root/puppet/modules/site_webapp
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2013-02-27 23:46:58 -0800
committerelijah <elijah@riseup.net>2013-02-27 23:46:58 -0800
commitffb88e54c5e4e30fa61ea1009f3eee62f98ab17c (patch)
tree0d28846e9de15d7580b3b232aac16e2f4e8cb6e4 /puppet/modules/site_webapp
parent5f8b63892ec9d08471a43ac642ed8f291d27c4f5 (diff)
openvpn -- added support for optional "free" rate-limited service via special client certificates with the FREE prefix in the common name.
Diffstat (limited to 'puppet/modules/site_webapp')
-rw-r--r--puppet/modules/site_webapp/templates/config.yml.erb8
1 files changed, 8 insertions, 0 deletions
diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index 9cf85f0c..cd67d1fd 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -1,5 +1,13 @@
+<%- cert_options = @webapp['client_certificates'] -%>
production:
admins: [admin]
domain: <%= @provider_domain %>
client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %>
client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
+
+cert_options:
+ client_cert_lifespan: <%= cert_options['life_span'].to_i %>
+ client_cert_bit_size: <%= cert_options['bit_size'].to_i %>
+ client_cert_hash: <%= cert_options['digest'] %>
+ free_certs_enabled: <%= @webapp['allow_free'].inspect %>
+ free_cert_prefix: "<%= cert_options['free_prefix'] %>"