summaryrefslogtreecommitdiff
path: root/puppet/modules/site_openvpn
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_openvpn')
-rw-r--r--puppet/modules/site_openvpn/manifests/init.pp2
-rw-r--r--puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb14
2 files changed, 13 insertions, 3 deletions
diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp
index f1ecefb9..ee7d6840 100644
--- a/puppet/modules/site_openvpn/manifests/init.pp
+++ b/puppet/modules/site_openvpn/manifests/init.pp
@@ -68,7 +68,7 @@ class site_openvpn {
# find out the netmask in cidr format of the primary IF
# thx to https://blog.kumina.nl/tag/puppet-tips-and-tricks/
# we can do this using an inline_template:
- $factname_primary_netmask = "netmask_cidr_${::site_config::params::interface}"
+ $factname_primary_netmask = "netmask_${::site_config::params::interface}"
$primary_netmask = inline_template('<%= scope.lookupvar(@factname_primary_netmask) %>')
# deploy dh keys
diff --git a/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb b/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb
index e76b756b..f2d2bc70 100644
--- a/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb
+++ b/puppet/modules/site_openvpn/templates/add_gateway_ips.sh.erb
@@ -1,11 +1,21 @@
#!/bin/sh
-ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q <%= @openvpn_gateway_address %>/<%= @primary_netmask %> ||
+ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q "inet <%= @openvpn_gateway_address %>/" ||
ip addr add <%= @openvpn_gateway_address %>/<%= @primary_netmask %> dev <%= scope.lookupvar('site_config::params::interface') %>
+EXITCODE=$?
+if [ $EXITCODE != 0 ]; then
+ exit $EXITCODE
+fi
+
<% if @openvpn_second_gateway_address %>
-ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q <%= @openvpn_second_gateway_address %>/<%= @primary_netmask %> ||
+ip addr show dev <%= scope.lookupvar('site_config::params::interface') %> | grep -q "<%= @openvpn_second_gateway_address %>/" ||
ip addr add <%= @openvpn_second_gateway_address %>/<%= @primary_netmask %> dev <%= scope.lookupvar('site_config::params::interface') %>
+
+EXITCODE=$?
+if [ $EXITCODE != 0 ]; then
+ exit $EXITCODE
+fi
<% end %>
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward