diff options
| -rw-r--r-- | puppet/modules/site_openvpn/manifests/resolver.pp | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/puppet/modules/site_openvpn/manifests/resolver.pp b/puppet/modules/site_openvpn/manifests/resolver.pp index 0f0510c1..eaa765fe 100644 --- a/puppet/modules/site_openvpn/manifests/resolver.pp +++ b/puppet/modules/site_openvpn/manifests/resolver.pp @@ -1,8 +1,14 @@ class site_openvpn::resolver { - file { '/etc/unbound/conf.d/vpn_resolver': - content => "interface: $openvpn_gateway_address\n", - owner => root, group => root, mode => '0644', - require => Exec['/usr/local/bin/leap_add_second_ip.sh']; + file { + '/etc/unbound/conf.d/vpn_udp_resolver': + content => "interface: ${openvpn_udp_network_prefix}.1\naccess-control: ${openvpn_udp_network_prefix}.0/${openvpn_udp_netmask}\n", + owner => root, group => root, mode => '0644', + require => Service['openvpn']; + + '/etc/unbound/conf.d/vpn_tcp_resolver': + content => "interface: ${openvpn_tcp_network_prefix}.1\naccess-control: ${openvpn_tcp_network_prefix}.0/${openvpn_tcp_netmask}\n", + owner => root, group => root, mode => '0644', + require => Service['openvpn']; } } |