summaryrefslogtreecommitdiff
path: root/puppet/modules/openvpn/templates
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/openvpn/templates')
-rw-r--r--puppet/modules/openvpn/templates/client.erb26
-rw-r--r--puppet/modules/openvpn/templates/client_specific_config.erb10
-rw-r--r--puppet/modules/openvpn/templates/etc-default-openvpn.erb20
-rw-r--r--puppet/modules/openvpn/templates/server.erb37
-rw-r--r--puppet/modules/openvpn/templates/vars.erb68
5 files changed, 0 insertions, 161 deletions
diff --git a/puppet/modules/openvpn/templates/client.erb b/puppet/modules/openvpn/templates/client.erb
deleted file mode 100644
index 021ed617..00000000
--- a/puppet/modules/openvpn/templates/client.erb
+++ /dev/null
@@ -1,26 +0,0 @@
-client
-ca keys/ca.crt
-cert keys/<%= scope.lookupvar('name') %>.crt
-key keys/<%= scope.lookupvar('name') %>.key
-dev <%= scope.lookupvar('dev') %>
-proto <%= scope.lookupvar('proto') %>
-remote <%= scope.lookupvar('remote_host') %> <%= scope.lookupvar('port') %>
-<% if scope.lookupvar('compression') != '' -%>
-<%= scope.lookupvar('compression') %>
-<% end -%>
-resolv-retry <%= scope.lookupvar('resolv_retry') %>
-<% if scope.lookupvar('nobind') -%>
-nobind
-<% end -%>
-<% if scope.lookupvar('persist_key') -%>
-persist-key
-<% end -%>
-<% if scope.lookupvar('persist_tun') -%>
-persist-tun
-<% end -%>
-<% if scope.lookupvar('mute_replay_warnings') -%>
-mute-replay-warnings
-<% end -%>
-ns-cert-type server
-verb <%= scope.lookupvar('verb') %>
-mute <%= scope.lookupvar('mute') %>
diff --git a/puppet/modules/openvpn/templates/client_specific_config.erb b/puppet/modules/openvpn/templates/client_specific_config.erb
deleted file mode 100644
index 62cc0e7a..00000000
--- a/puppet/modules/openvpn/templates/client_specific_config.erb
+++ /dev/null
@@ -1,10 +0,0 @@
-<% scope.lookupvar('iroute').each do |route| -%>
-iroute <%= route %>
-<% end -%>
-<% if ifconfig = scope.lookupvar('ifconfig') -%>
-ifconfig-push <%= ifconfig %>
-<% end -%>
-<% scope.lookupvar('dhcp_options').each do |option| -%>
-push dhcp-option <%= option %>
-<% end -%>
-
diff --git a/puppet/modules/openvpn/templates/etc-default-openvpn.erb b/puppet/modules/openvpn/templates/etc-default-openvpn.erb
deleted file mode 100644
index 310e462e..00000000
--- a/puppet/modules/openvpn/templates/etc-default-openvpn.erb
+++ /dev/null
@@ -1,20 +0,0 @@
-# This is the configuration file for /etc/init.d/openvpn
-
-#
-# Start only these VPNs automatically via init script.
-# Allowed values are "all", "none" or space separated list of
-# names of the VPNs. If empty, "all" is assumed.
-#
-#AUTOSTART="all"
-#AUTOSTART="none"
-#AUTOSTART="home office"
-#
-# Refresh interval (in seconds) of default status files
-# located in /var/run/openvpn.$NAME.status
-# Defaults to 10, 0 disables status file generation
-#
-#STATUSREFRESH=10
-#STATUSREFRESH=0
-# Optional arguments to openvpn's command line
-OPTARGS=""
-AUTOSTART=""
diff --git a/puppet/modules/openvpn/templates/server.erb b/puppet/modules/openvpn/templates/server.erb
deleted file mode 100644
index 6ef13263..00000000
--- a/puppet/modules/openvpn/templates/server.erb
+++ /dev/null
@@ -1,37 +0,0 @@
-mode server
-client-config-dir /etc/openvpn/<%= scope.lookupvar('name') %>/client-configs
-ca /etc/openvpn/<%= scope.lookupvar('name') %>/keys/ca.crt
-cert /etc/openvpn/<%= scope.lookupvar('name') %>/keys/server.crt
-key /etc/openvpn/<%= scope.lookupvar('name') %>/keys/server.key
-dh /etc/openvpn/<%= scope.lookupvar('name') %>/keys/dh1024.pem
-<% if scope.lookupvar('proto') == 'tcp' -%>
-proto <%= scope.lookupvar('proto') %>-server
-<% else -%>
-proto <%= scope.lookupvar('proto') %>
-<% end -%>
-port <%= scope.lookupvar('port') %>
-<% if scope.lookupvar('tls_server') -%>
-tls-server
-<% end -%>
-<% if scope.lookupvar('compression') != '' -%>
-<%= scope.lookupvar('compression') %>
-<% end -%>
-group <%= scope.lookupvar('group_to_set') %>
-user <%= scope.lookupvar('user') %>
-<% if scope.lookupvar('logfile') -%>
-log-append <%= scope.lookupvar('logfile') %>
-<% end -%>
-status <%= scope.lookupvar('status_log') %>
-dev <%= scope.lookupvar('dev') %>
-<% if scope.lookupvar('local') != '' -%>
-local <%= scope.lookupvar('local') %>
-<% end -%>
-<% if scope.lookupvar('ipp') -%>
-ifconfig-pool-persist <%= scope.lookupvar('name') %>/vpn-ipp.txt
-<% end -%>
-<% if scope.lookupvar('server') != '' -%>
-server <%= scope.lookupvar('server') %>
-<% end -%>
-<% scope.lookupvar('push').each do |item| -%>
-push <%= item %>
-<% end -%>
diff --git a/puppet/modules/openvpn/templates/vars.erb b/puppet/modules/openvpn/templates/vars.erb
deleted file mode 100644
index 20448b8b..00000000
--- a/puppet/modules/openvpn/templates/vars.erb
+++ /dev/null
@@ -1,68 +0,0 @@
-# easy-rsa parameter settings
-
-# NOTE: If you installed from an RPM,
-# don't edit this file in place in
-# /usr/share/openvpn/easy-rsa --
-# instead, you should copy the whole
-# easy-rsa directory to another location
-# (such as /etc/openvpn) so that your
-# edits will not be wiped out by a future
-# OpenVPN package upgrade.
-
-# This variable should point to
-# the top level of the easy-rsa
-# tree.
-export EASY_RSA="/etc/openvpn/<%= @name %>/easy-rsa"
-
-#
-# This variable should point to
-# the requested executables
-#
-export OPENSSL="openssl"
-export PKCS11TOOL="pkcs11-tool"
-export GREP="grep"
-
-
-# This variable should point to
-# the openssl.cnf file included
-# with easy-rsa.
-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
-
-# Edit this variable to point to
-# your soon-to-be-created key
-# directory.
-#
-# WARNING: clean-all will do
-# a rm -rf on this directory
-# so make sure you define
-# it correctly!
-export KEY_DIR="$EASY_RSA/keys"
-
-# Issue rm -rf warning
-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
-
-# PKCS11 fixes
-export PKCS11_MODULE_PATH="dummy"
-export PKCS11_PIN="dummy"
-
-# Increase this to 2048 if you
-# are paranoid. This will slow
-# down TLS negotiation performance
-# as well as the one-time DH parms
-# generation process.
-export KEY_SIZE=1024
-
-# In how many days should the root CA key expire?
-export CA_EXPIRE=3650
-
-# In how many days should certificates expire?
-export KEY_EXPIRE=3650
-
-# These are the default values for fields
-# which will be placed in the certificate.
-# Don't leave any of these fields blank.
-export KEY_COUNTRY="<%= @country %>"
-export KEY_PROVINCE="<%= @province %>"
-export KEY_CITY="<%= @city %>"
-export KEY_ORG="<%= @organization %>"
-export KEY_EMAIL="<%= @email %>"