From 7ce3190986cf8e5fe037a7ccd4c1076505b117f4 Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 12 Jul 2016 16:41:59 -0400 Subject: remove submodules in preparation for move to subrepos Change-Id: Ia7655153b556337f676e3d909559c4a7306bedd6 --- puppet/modules/openvpn | 1 - 1 file changed, 1 deletion(-) delete mode 160000 puppet/modules/openvpn (limited to 'puppet/modules/openvpn/Readme.markdown') diff --git a/puppet/modules/openvpn b/puppet/modules/openvpn deleted file mode 160000 index 25f1fe8d..00000000 --- a/puppet/modules/openvpn +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 25f1fe8d813f6128068d890a40f5e24be78fb47c -- cgit v1.2.3 From da37dd95c39f3f100020164473eed53a317fb53f Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 12 Jul 2016 16:45:26 -0400 Subject: git subrepo clone https://leap.se/git/puppet_openvpn puppet/modules/openvpn subrepo: subdir: "puppet/modules/openvpn" merged: "26d4edc" upstream: origin: "https://leap.se/git/puppet_openvpn" branch: "master" commit: "26d4edc" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I596766ccfb806b3ca2d1c755c4e24c5ad3d997f9 --- puppet/modules/openvpn/Readme.markdown | 54 ++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 puppet/modules/openvpn/Readme.markdown (limited to 'puppet/modules/openvpn/Readme.markdown') diff --git a/puppet/modules/openvpn/Readme.markdown b/puppet/modules/openvpn/Readme.markdown new file mode 100644 index 00000000..6bcf49ea --- /dev/null +++ b/puppet/modules/openvpn/Readme.markdown @@ -0,0 +1,54 @@ +# OpenVPN Puppet module + +Puppet module to manage OpenVPN servers + +## Features: + +* Client-specific rules and access policies +* Generated client configurations and SSL-Certificates +* Downloadable client configurations and SSL-Certificates for easy client configuration +* Support for multiple server instances + +Tested on Ubuntu Precise Pangolin, CentOS 6, RedHat 6. + + +## Dependencies + - [puppet-concat](https://github.com/ripienaar/puppet-concat) + + +## Example + +```puppet + # add a server instance + openvpn::server { 'winterthur': + country => 'CH', + province => 'ZH', + city => 'Winterthur', + organization => 'example.org', + email => 'root@example.org', + server => '10.200.200.0 255.255.255.0' + } + + # define clients + openvpn::client { 'client1': + server => 'winterthur' + } + openvpn::client { 'client2': + server => 'winterthur' + } + + openvpn::client_specific_config { 'client1': + server => 'winterthur', + ifconfig => '10.200.200.50 255.255.255.0' + } +``` + +Don't forget the [sysctl](https://github.com/luxflux/puppet-sysctl) directive ```net.ipv4.ip_forward```! + + +# Contributors + +These fine folks helped to get this far with this module: +* [@jlambert121](https://github.com/jlambert121) +* [@jlk](https://github.com/jlk) +* [@elisiano](https://github.com/elisiano) -- cgit v1.2.3 From d6719731dce8ee7e048a16a447a426abcaa44f24 Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 21 Jul 2016 12:13:24 -0700 Subject: remove openvpn submodule --- puppet/modules/openvpn/Readme.markdown | 54 ---------------------------------- 1 file changed, 54 deletions(-) delete mode 100644 puppet/modules/openvpn/Readme.markdown (limited to 'puppet/modules/openvpn/Readme.markdown') diff --git a/puppet/modules/openvpn/Readme.markdown b/puppet/modules/openvpn/Readme.markdown deleted file mode 100644 index 6bcf49ea..00000000 --- a/puppet/modules/openvpn/Readme.markdown +++ /dev/null @@ -1,54 +0,0 @@ -# OpenVPN Puppet module - -Puppet module to manage OpenVPN servers - -## Features: - -* Client-specific rules and access policies -* Generated client configurations and SSL-Certificates -* Downloadable client configurations and SSL-Certificates for easy client configuration -* Support for multiple server instances - -Tested on Ubuntu Precise Pangolin, CentOS 6, RedHat 6. - - -## Dependencies - - [puppet-concat](https://github.com/ripienaar/puppet-concat) - - -## Example - -```puppet - # add a server instance - openvpn::server { 'winterthur': - country => 'CH', - province => 'ZH', - city => 'Winterthur', - organization => 'example.org', - email => 'root@example.org', - server => '10.200.200.0 255.255.255.0' - } - - # define clients - openvpn::client { 'client1': - server => 'winterthur' - } - openvpn::client { 'client2': - server => 'winterthur' - } - - openvpn::client_specific_config { 'client1': - server => 'winterthur', - ifconfig => '10.200.200.50 255.255.255.0' - } -``` - -Don't forget the [sysctl](https://github.com/luxflux/puppet-sysctl) directive ```net.ipv4.ip_forward```! - - -# Contributors - -These fine folks helped to get this far with this module: -* [@jlambert121](https://github.com/jlambert121) -* [@jlk](https://github.com/jlk) -* [@elisiano](https://github.com/elisiano) -- cgit v1.2.3 From 2df23a682b9a1a99502c79d7112dcefeecf63619 Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 21 Jul 2016 12:13:33 -0700 Subject: git subrepo clone https://leap.se/git/puppet_openvpn puppet/modules/openvpn subrepo: subdir: "puppet/modules/openvpn" merged: "ba7ec7a" upstream: origin: "https://leap.se/git/puppet_openvpn" branch: "master" commit: "ba7ec7a" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "cb2995b" --- puppet/modules/openvpn/Readme.markdown | 123 +++++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 puppet/modules/openvpn/Readme.markdown (limited to 'puppet/modules/openvpn/Readme.markdown') diff --git a/puppet/modules/openvpn/Readme.markdown b/puppet/modules/openvpn/Readme.markdown new file mode 100644 index 00000000..d2a1f67b --- /dev/null +++ b/puppet/modules/openvpn/Readme.markdown @@ -0,0 +1,123 @@ +# OpenVPN Puppet module + +OpenVPN module for puppet including client config/cert creation (tarball to download) + +## Dependencies + - [puppet-concat](https://github.com/ripienaar/puppet-concat) + +## Supported OS + - Debian Squeeze (should, as it works on Ubuntu Lucid) + - Ubuntu 10.4, 12.04 (other untested) + - CentOS + +## Example + + # add a server instance + openvpn::server { + "server1": + country => "CH", + province => "ZH", + city => "Winterthur", + organization => "example.org", + email => "root@example.org"; + } + + # configure server + openvpn::option { + "dev server1": + key => "dev", + value => "tun0", + server => "server1"; + "script-security server1": + key => "script-security", + value => "3", + server => "server1"; + "daemon server1": + key => "daemon", + server => "server1"; + "keepalive server1": + key => "keepalive", + value => "10 60", + server => "server1"; + "ping-timer-rem server1": + key => "ping-timer-rem", + server => "server1"; + "persist-tun server1": + key => "persist-tun", + server => "server1"; + "persist-key server1": + key => "persist-key", + server => "server1"; + "proto server1": + key => "proto", + value => "tcp-server", + server => "server1"; + "cipher server1": + key => "cipher", + value => "BF-CBC", + server => "server1"; + "local server1": + key => "local", + value => $ipaddress, + server => "server1"; + "tls-server server1": + key => "tls-server", + server => "server1"; + "server server1": + key => "server", + value => "10.10.10.0 255.255.255.0", + server => "server1"; + "lport server1": + key => "lport", + value => "1194", + server => "server1"; + "management server1": + key => "management", + value => "/var/run/openvpn-server1.sock unix", + server => "server1"; + "comp-lzo server1": + key => "comp-lzo", + server => "server1"; + "topology server1": + key => "topology", + value => "subnet", + server => "server1"; + "client-to-client server1": + key => "client-to-client", + server => "server1"; + } + + + # define clients + openvpn::client { + [ "client1.example.org", "client2.example.org" ]: + server => "server1"; + } + + # add options to the client-config-dir file + openvpn::option { + "iroute server1 client1.example.org home network": + key => "iroute", + value => "192.168.0.0 255.255.255.0", + client => "client1.example.org", + server => "server1", + csc => true; + } + + # add an option to the client config + openvpn::option { + "ifconfig server1 client2.example.org": + key => "ifconfig-push", + value => "10.10.10.2 255.255.255.0", + client => "client2.example.org", + server => "server1"; + } + +Don't forget the [sysctl](https://github.com/luxflux/puppet-sysctl) directive ```net.ipv4.ip_forward```! + + +# Contributors + +These fine folks helped to get this far with this module: +* [@jlk](https://github.com/jlk) +* [@jlambert121](https://github.com/jlambert121) -- cgit v1.2.3