From 4a0feb8fa663c1c73c47f3298c1f303dffd942cc Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Sat, 5 Apr 2014 12:39:01 -0700
Subject: openvpn: allow for configurable keepalive (aka ping & ping-restart)
 closes https://leap.se/code/issues/4127

---
 provider_base/services/openvpn.json                    | 3 ++-
 puppet/modules/site_openvpn/manifests/server_config.pp | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index e5b97ed9..d98e86a1 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -22,7 +22,8 @@
     "configuration": {
       "tls-cipher": "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
       "auth": "SHA1",
-      "cipher": "AES-128-CBC"
+      "cipher": "AES-128-CBC",
+      "keepalive": "10 30"
     }
   }
 }
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 6246a836..b1f4997c 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -115,7 +115,7 @@ define site_openvpn::server_config(
         server => $openvpn_configname;
     "keepalive ${openvpn_configname}":
         key    => 'keepalive',
-        value  => '5 20',
+        value  => $config['keepalive'],
         server => $openvpn_configname;
     "local ${openvpn_configname}":
         key    => 'local',
-- 
cgit v1.2.3