summaryrefslogtreecommitdiff
path: root/puppet/modules/site_openvpn
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_openvpn')
-rw-r--r--puppet/modules/site_openvpn/manifests/init.pp81
1 files changed, 81 insertions, 0 deletions
diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp
new file mode 100644
index 00000000..3d753af9
--- /dev/null
+++ b/puppet/modules/site_openvpn/manifests/init.pp
@@ -0,0 +1,81 @@
+class site_openvpn {
+
+ $openvpn_server=$::fqdn
+
+ openvpn::server {
+ $openvpn_server:
+ country => hiera("country"),
+ province => hiera("province"),
+ city => hiera("city"),
+ organization => hiera("organization"),
+ email => hiera("email");
+ }
+
+# configure server
+
+
+ openvpn::option {
+ "dev $openvpn_server":
+ key => "dev",
+ value => "tun0",
+ server => "$openvpn_server";
+ "script-security $openvpn_server":
+ key => "script-security",
+ value => "3",
+ server => "$openvpn_server";
+ "daemon $openvpn_server":
+ key => "daemon",
+ server => "$openvpn_server";
+ "keepalive $openvpn_server":
+ key => "keepalive",
+ value => "10 60",
+ server => "$openvpn_server";
+ "ping-timer-rem $openvpn_server":
+ key => "ping-timer-rem",
+ server => "$openvpn_server";
+ "persist-tun $openvpn_server":
+ key => "persist-tun",
+ server => "$openvpn_server";
+ "persist-key $openvpn_server":
+ key => "persist-key",
+ server => "$openvpn_server";
+ "proto $openvpn_server":
+ key => "proto",
+ value => "tcp-server",
+ server => "$openvpn_server";
+ "cipher $openvpn_server":
+ key => "cipher",
+ value => "BF-CBC",
+ server => "$openvpn_server";
+ "local $openvpn_server":
+ key => "local",
+ value => $ipaddress,
+ server => "$openvpn_server";
+ "tls-server $openvpn_server":
+ key => "tls-server",
+ server => "$openvpn_server";
+ "server $openvpn_server":
+ key => "server",
+ value => "10.10.10.0 255.255.255.0",
+ server => "$openvpn_server";
+ "lport $openvpn_server":
+ key => "lport",
+ value => "1194",
+ server => "$openvpn_server";
+ "management $openvpn_server":
+ key => "management",
+ value => "/var/run/openvpn-$openvpn_server.sock unix",
+ server => "$openvpn_server";
+ "comp-lzo $openvpn_server":
+ key => "comp-lzo",
+ server => "$openvpn_server";
+ "topology $openvpn_server":
+ key => "topology",
+ value => "subnet",
+ server => "$openvpn_server";
+ "client-to-client $openvpn_server":
+ key => "client-to-client",
+ server => "$openvpn_server";
+ }
+
+}