From 222fd1568d7af9ea953a4d6179578da5994ea1fd Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Thu, 20 Mar 2014 13:10:44 -0700
Subject: allow ability to customize openvpn security stuff: tls-cipher, auth,
 and cipher config options.

---
 .../files/service-definitions/v1/eip-service.json.erb         | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'provider_base/files/service-definitions/v1/eip-service.json.erb')

diff --git a/provider_base/files/service-definitions/v1/eip-service.json.erb b/provider_base/files/service-definitions/v1/eip-service.json.erb
index feaea25b..3b8976fd 100644
--- a/provider_base/files/service-definitions/v1/eip-service.json.erb
+++ b/provider_base/files/service-definitions/v1/eip-service.json.erb
@@ -27,6 +27,7 @@
   hsh["version"] = 1
   locations = {}
   gateways = []
+  configuration = nil
   nodes_like_me[:services => 'openvpn'].each_node do |node|
     if node.openvpn.allow_limited && node.openvpn.allow_unlimited
       gateways << add_gateway(node, locations, :ip => node.openvpn.gateway_address, :limited => false)
@@ -36,13 +37,13 @@
     elsif node.openvpn.allow_limited
       gateways << add_gateway(node, locations, :ip => node.openvpn.gateway_address, :limited => true)
     end
+    if configuration && node.openvpn.configuration != configuration
+      log :error, "OpenVPN nodes in the environment `#{node.environment}` have conflicting `openvpn.configuration` values. This will result in bad errors."
+    end
+    configuration = node.openvpn.configuration
   end
   hsh["gateways"] = gateways.compact
   hsh["locations"] = locations
-  hsh["openvpn_configuration"] = {
-    "tls-cipher" => "DHE-RSA-AES128-SHA",
-    "auth" => "SHA1",
-    "cipher" => "AES-128-CBC"
-  }
+  hsh["openvpn_configuration"] = configuration
   JSON.sorted_generate hsh
 %>
\ No newline at end of file
-- 
cgit v1.2.3