From 6375cda36fc21687c59095e4750189b65a2c3b52 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 16 Jan 2013 14:53:09 -0500 Subject: update unbound submodule to fix infinite service restart problem --- puppet/modules/site_openvpn/manifests/init.pp | 5 +++-- puppet/modules/site_openvpn/manifests/resolver.pp | 8 ++++++++ puppet/modules/unbound | 2 +- 3 files changed, 12 insertions(+), 3 deletions(-) create mode 100644 puppet/modules/site_openvpn/manifests/resolver.pp diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index d3c3e387..4606179c 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -13,8 +13,6 @@ class site_openvpn { $openvpn_udp_cidr = '21' $x509_config = hiera('x509') - include site_unbound - # deploy ca + server keys include site_openvpn::keys @@ -55,6 +53,9 @@ ip addr show dev $interface | grep -q ${openvpn_gateway_address}/24 || ip addr a special => 'reboot', } + # setup the resolver to listen on the vpn IP + include site_openvpn::resolver + include site_shorewall::eip package { diff --git a/puppet/modules/site_openvpn/manifests/resolver.pp b/puppet/modules/site_openvpn/manifests/resolver.pp new file mode 100644 index 00000000..0f0510c1 --- /dev/null +++ b/puppet/modules/site_openvpn/manifests/resolver.pp @@ -0,0 +1,8 @@ +class site_openvpn::resolver { + + file { '/etc/unbound/conf.d/vpn_resolver': + content => "interface: $openvpn_gateway_address\n", + owner => root, group => root, mode => '0644', + require => Exec['/usr/local/bin/leap_add_second_ip.sh']; + } +} diff --git a/puppet/modules/unbound b/puppet/modules/unbound index d8bf530e..ca7eb732 160000 --- a/puppet/modules/unbound +++ b/puppet/modules/unbound @@ -1 +1 @@ -Subproject commit d8bf530ec42fdc4d2281169234964d28d8a689ac +Subproject commit ca7eb732064ce29fc83d4c32a4df7d9512d45802 -- cgit v1.2.3