From 075d6fb40ddaace0442a8d5ba9396c9f1849bddc Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 20 Sep 2012 11:50:22 +0200 Subject: beginning of site_openvpn --- puppet/modules/site_openvpn/manifests/init.pp | 81 +++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 puppet/modules/site_openvpn/manifests/init.pp (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp new file mode 100644 index 00000000..3d753af9 --- /dev/null +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -0,0 +1,81 @@ +class site_openvpn { + + $openvpn_server=$::fqdn + + openvpn::server { + $openvpn_server: + country => hiera("country"), + province => hiera("province"), + city => hiera("city"), + organization => hiera("organization"), + email => hiera("email"); + } + +# configure server + + + openvpn::option { + "dev $openvpn_server": + key => "dev", + value => "tun0", + server => "$openvpn_server"; + "script-security $openvpn_server": + key => "script-security", + value => "3", + server => "$openvpn_server"; + "daemon $openvpn_server": + key => "daemon", + server => "$openvpn_server"; + "keepalive $openvpn_server": + key => "keepalive", + value => "10 60", + server => "$openvpn_server"; + "ping-timer-rem $openvpn_server": + key => "ping-timer-rem", + server => "$openvpn_server"; + "persist-tun $openvpn_server": + key => "persist-tun", + server => "$openvpn_server"; + "persist-key $openvpn_server": + key => "persist-key", + server => "$openvpn_server"; + "proto $openvpn_server": + key => "proto", + value => "tcp-server", + server => "$openvpn_server"; + "cipher $openvpn_server": + key => "cipher", + value => "BF-CBC", + server => "$openvpn_server"; + "local $openvpn_server": + key => "local", + value => $ipaddress, + server => "$openvpn_server"; + "tls-server $openvpn_server": + key => "tls-server", + server => "$openvpn_server"; + "server $openvpn_server": + key => "server", + value => "10.10.10.0 255.255.255.0", + server => "$openvpn_server"; + "lport $openvpn_server": + key => "lport", + value => "1194", + server => "$openvpn_server"; + "management $openvpn_server": + key => "management", + value => "/var/run/openvpn-$openvpn_server.sock unix", + server => "$openvpn_server"; + "comp-lzo $openvpn_server": + key => "comp-lzo", + server => "$openvpn_server"; + "topology $openvpn_server": + key => "topology", + value => "subnet", + server => "$openvpn_server"; + "client-to-client $openvpn_server": + key => "client-to-client", + server => "$openvpn_server"; + } + +} -- cgit v1.2.3 From 1c5eb8a64426c93d8118acac52870a6a95f73010 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 21 Sep 2012 15:03:08 +0200 Subject: oved things around --- puppet/modules/site_openvpn/manifests/init.pp | 79 --------------------------- 1 file changed, 79 deletions(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 3d753af9..7d63d569 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,81 +1,2 @@ class site_openvpn { - - $openvpn_server=$::fqdn - - openvpn::server { - $openvpn_server: - country => hiera("country"), - province => hiera("province"), - city => hiera("city"), - organization => hiera("organization"), - email => hiera("email"); - } - -# configure server - - - openvpn::option { - "dev $openvpn_server": - key => "dev", - value => "tun0", - server => "$openvpn_server"; - "script-security $openvpn_server": - key => "script-security", - value => "3", - server => "$openvpn_server"; - "daemon $openvpn_server": - key => "daemon", - server => "$openvpn_server"; - "keepalive $openvpn_server": - key => "keepalive", - value => "10 60", - server => "$openvpn_server"; - "ping-timer-rem $openvpn_server": - key => "ping-timer-rem", - server => "$openvpn_server"; - "persist-tun $openvpn_server": - key => "persist-tun", - server => "$openvpn_server"; - "persist-key $openvpn_server": - key => "persist-key", - server => "$openvpn_server"; - "proto $openvpn_server": - key => "proto", - value => "tcp-server", - server => "$openvpn_server"; - "cipher $openvpn_server": - key => "cipher", - value => "BF-CBC", - server => "$openvpn_server"; - "local $openvpn_server": - key => "local", - value => $ipaddress, - server => "$openvpn_server"; - "tls-server $openvpn_server": - key => "tls-server", - server => "$openvpn_server"; - "server $openvpn_server": - key => "server", - value => "10.10.10.0 255.255.255.0", - server => "$openvpn_server"; - "lport $openvpn_server": - key => "lport", - value => "1194", - server => "$openvpn_server"; - "management $openvpn_server": - key => "management", - value => "/var/run/openvpn-$openvpn_server.sock unix", - server => "$openvpn_server"; - "comp-lzo $openvpn_server": - key => "comp-lzo", - server => "$openvpn_server"; - "topology $openvpn_server": - key => "topology", - value => "subnet", - server => "$openvpn_server"; - "client-to-client $openvpn_server": - key => "client-to-client", - server => "$openvpn_server"; - } - } -- cgit v1.2.3 From 276de1e249b25e5e00c49229132215681aee6467 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 21 Sep 2012 20:26:20 +0200 Subject: basic configuration for openvpn server files --- puppet/modules/site_openvpn/manifests/init.pp | 41 +++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 7d63d569..c83b98c7 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,2 +1,43 @@ class site_openvpn { + package { + "openvpn": + ensure => installed; + } + service { + "openvpn": + ensure => running, + hasrestart => true, + hasstatus => true, + require => Exec["concat_/etc/default/openvpn"]; + } + file { + "/etc/openvpn": + ensure => directory, + require => Package["openvpn"]; + } + + include concat::setup + + concat { + "/etc/default/openvpn": + owner => root, + group => root, + mode => 644, + warn => true, + notify => Service["openvpn"]; + } + + concat::fragment { + "openvpn.default.header": + content => template("openvpn/etc-default-openvpn.erb"), + target => "/etc/default/openvpn", + order => 01; + } + + concat::fragment { + "openvpn.default.autostart.${name}": + content => "AUTOSTART=all", + target => "/etc/default/openvpn", + order => 10; + } } -- cgit v1.2.3 From e89082114be280c7fd3c7b62863e19ff5c89df26 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 4 Oct 2012 22:36:12 +0200 Subject: cosmetics --- puppet/modules/site_openvpn/manifests/init.pp | 59 +++++++++++++++------------ 1 file changed, 32 insertions(+), 27 deletions(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index c83b98c7..e95e67d5 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,43 +1,48 @@ class site_openvpn { package { - "openvpn": - ensure => installed; + 'openvpn': + ensure => installed; } service { - "openvpn": - ensure => running, - hasrestart => true, - hasstatus => true, - require => Exec["concat_/etc/default/openvpn"]; + 'openvpn': + ensure => running, + hasrestart => true, + hasstatus => true, + require => Exec['concat_/etc/default/openvpn']; } + file { - "/etc/openvpn": - ensure => directory, - require => Package["openvpn"]; + '/etc/openvpn': + ensure => directory, + require => Package['openvpn']; } - include concat::setup + file { + '/etc/openvpn/keys': + ensure => directory, + require => Package['openvpn']; + } concat { - "/etc/default/openvpn": - owner => root, - group => root, - mode => 644, - warn => true, - notify => Service["openvpn"]; + '/etc/default/openvpn': + owner => root, + group => root, + mode => 644, + warn => true, + notify => Service['openvpn']; } concat::fragment { - "openvpn.default.header": - content => template("openvpn/etc-default-openvpn.erb"), - target => "/etc/default/openvpn", - order => 01; + 'openvpn.default.header': + content => template('openvpn/etc-default-openvpn.erb'), + target => '/etc/default/openvpn', + order => 01; } - concat::fragment { - "openvpn.default.autostart.${name}": - content => "AUTOSTART=all", - target => "/etc/default/openvpn", - order => 10; - } + concat::fragment { + "openvpn.default.autostart.${name}": + content => 'AUTOSTART=all', + target => '/etc/default/openvpn', + order => 10; + } } -- cgit v1.2.3 From c2d57624c15dfaff038f9991f04ade46b5ad1d40 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 21 Nov 2012 17:45:44 +0100 Subject: move site_config::eip to site_openvpn (Feature #943) --- puppet/modules/site_openvpn/manifests/init.pp | 55 +++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index e95e67d5..7268fe76 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,4 +1,59 @@ class site_openvpn { + # parse hiera config + $ip_address = hiera('ip_address') + $interface = hiera('interface') + #$gateway_address = hiera('gateway_address') + $openvpn_config = hiera('openvpn') + $openvpn_gateway_address = $openvpn_config['gateway_address'] + $openvpn_tcp_network_prefix = '10.1.0' + $openvpn_tcp_netmask = '255.255.248.0' + $openvpn_tcp_cidr = '21' + $openvpn_udp_network_prefix = '10.2.0' + $openvpn_udp_netmask = '255.255.248.0' + $openvpn_udp_cidr = '21' + + include site_openvpn + + # deploy ca + server keys + include site_openvpn::keys + + # create 2 openvpn config files, one for tcp, one for udp + site_openvpn::server_config { 'tcp_config': + port => '1194', + proto => 'tcp', + local => $openvpn_gateway_address, + server => "$openvpn_tcp_network_prefix.0 $openvpn_tcp_netmask", + push => "\"dhcp-option DNS $openvpn_tcp_network_prefix.1\"", + management => '127.0.0.1 1000' + } + site_openvpn::server_config { 'udp_config': + port => '1194', + proto => 'udp', + server => "$openvpn_udp_network_prefix.0 $openvpn_udp_netmask", + push => "\"dhcp-option DNS $openvpn_udp_network_prefix.1\"", + local => $openvpn_gateway_address, + management => '127.0.0.1 1001' + } + + # add second IP on given interface + file { '/usr/local/bin/leap_add_second_ip.sh': + content => "#!/bin/sh +ip addr show dev $interface | grep -q ${openvpn_gateway_address}/24 || ip addr add ${openvpn_gateway_address}/24 dev $interface", + mode => '0755', + } + + exec { '/usr/local/bin/leap_add_second_ip.sh': + subscribe => File['/usr/local/bin/leap_add_second_ip.sh'], + } + + cron { 'leap_add_second_ip.sh': + command => "/usr/local/bin/leap_add_second_ip.sh", + user => 'root', + special => 'reboot', + } + + include site_shorewall::eip + package { 'openvpn': ensure => installed; -- cgit v1.2.3 From 96d60568648555e28effd1398a791241a7ad3f7a Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 22 Nov 2012 17:07:08 +0100 Subject: deploy openvpn server.crt and server.key --- puppet/modules/site_openvpn/manifests/init.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 7268fe76..ae24b276 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -11,6 +11,7 @@ class site_openvpn { $openvpn_udp_network_prefix = '10.2.0' $openvpn_udp_netmask = '255.255.248.0' $openvpn_udp_cidr = '21' + $x509_config = hiera('x509') include site_openvpn -- cgit v1.2.3 From d70b723f17a6ff7d22a044fe57f1e8438eef5ae7 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 23 Nov 2012 19:37:22 +0100 Subject: enable ip_forwarding #1029 --- puppet/modules/site_openvpn/manifests/init.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index ae24b276..548d1df2 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -39,7 +39,9 @@ class site_openvpn { # add second IP on given interface file { '/usr/local/bin/leap_add_second_ip.sh': content => "#!/bin/sh -ip addr show dev $interface | grep -q ${openvpn_gateway_address}/24 || ip addr add ${openvpn_gateway_address}/24 dev $interface", +ip addr show dev $interface | grep -q ${openvpn_gateway_address}/24 || ip addr add ${openvpn_gateway_address}/24 dev $interface +/bin/echo 1 > /proc/sys/net/ipv4/ip_forward +", mode => '0755', } -- cgit v1.2.3 From e9ddc9e157ca6491594ac3434d1838a51daa0218 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 16 Jan 2013 10:53:37 -0500 Subject: remove unnecessary include that was left over from c2d57624c15dfaff038f9991f04ade46b5ad1d40: --- puppet/modules/site_openvpn/manifests/init.pp | 2 -- 1 file changed, 2 deletions(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 548d1df2..5505b8fc 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -13,8 +13,6 @@ class site_openvpn { $openvpn_udp_cidr = '21' $x509_config = hiera('x509') - include site_openvpn - # deploy ca + server keys include site_openvpn::keys -- cgit v1.2.3 From 5385602a435acb92e1588f74296b6a5339385199 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 16 Jan 2013 10:54:32 -0500 Subject: setup site_unbound with a basic caching-only configuration and include that on the openvpn gateway (see #1172) --- puppet/modules/site_openvpn/manifests/init.pp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 5505b8fc..d3c3e387 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -13,6 +13,8 @@ class site_openvpn { $openvpn_udp_cidr = '21' $x509_config = hiera('x509') + include site_unbound + # deploy ca + server keys include site_openvpn::keys -- cgit v1.2.3 From 6375cda36fc21687c59095e4750189b65a2c3b52 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 16 Jan 2013 14:53:09 -0500 Subject: update unbound submodule to fix infinite service restart problem --- puppet/modules/site_openvpn/manifests/init.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index d3c3e387..4606179c 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -13,8 +13,6 @@ class site_openvpn { $openvpn_udp_cidr = '21' $x509_config = hiera('x509') - include site_unbound - # deploy ca + server keys include site_openvpn::keys @@ -55,6 +53,9 @@ ip addr show dev $interface | grep -q ${openvpn_gateway_address}/24 || ip addr a special => 'reboot', } + # setup the resolver to listen on the vpn IP + include site_openvpn::resolver + include site_shorewall::eip package { -- cgit v1.2.3 From 6ebc2b495d9ea920770823cd08ae4eb881b684f7 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sun, 27 Jan 2013 20:23:52 -0500 Subject: add a new fact that provides a fact for each configured ip address, telling you which interface has it (essentially the inverse of the ipaddress_${interface} fact). Switch the hiera lookups of the $interface, which was pulling from the .json to pull instead from the above fact, see #1547 and #1548 --- puppet/modules/site_openvpn/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 4606179c..a9fa8b2b 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,7 +1,7 @@ class site_openvpn { # parse hiera config $ip_address = hiera('ip_address') - $interface = hiera('interface') + $interface = getvar("$::{ip_address}_interface") #$gateway_address = hiera('gateway_address') $openvpn_config = hiera('openvpn') $openvpn_gateway_address = $openvpn_config['gateway_address'] -- cgit v1.2.3 From bdf7beb1594b480bd438625b33f27403d2ab5959 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sun, 27 Jan 2013 20:24:29 -0500 Subject: enclose the variables in curly braces, as recommended by puppet-lint --- puppet/modules/site_openvpn/manifests/init.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index a9fa8b2b..4e13bb5d 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -21,15 +21,15 @@ class site_openvpn { port => '1194', proto => 'tcp', local => $openvpn_gateway_address, - server => "$openvpn_tcp_network_prefix.0 $openvpn_tcp_netmask", - push => "\"dhcp-option DNS $openvpn_tcp_network_prefix.1\"", + server => "${openvpn_tcp_network_prefix.0} ${openvpn_tcp_netmask}", + push => "\"dhcp-option DNS ${openvpn_tcp_network_prefix}.1\"", management => '127.0.0.1 1000' } site_openvpn::server_config { 'udp_config': port => '1194', proto => 'udp', - server => "$openvpn_udp_network_prefix.0 $openvpn_udp_netmask", - push => "\"dhcp-option DNS $openvpn_udp_network_prefix.1\"", + server => "${openvpn_udp_network_prefix.0} ${openvpn_udp_netmask}", + push => "\"dhcp-option DNS ${openvpn_udp_network_prefix}.1\"", local => $openvpn_gateway_address, management => '127.0.0.1 1001' } -- cgit v1.2.3 From d6b334a20dcf495ea0b9cb7247c0e20d478dbbba Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 29 Jan 2013 11:37:42 -0500 Subject: fix syntax error from enclosing variables in curly --- puppet/modules/site_openvpn/manifests/init.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 4e13bb5d..b4c573e7 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -21,14 +21,14 @@ class site_openvpn { port => '1194', proto => 'tcp', local => $openvpn_gateway_address, - server => "${openvpn_tcp_network_prefix.0} ${openvpn_tcp_netmask}", + server => "${openvpn_tcp_network_prefix}.0 ${openvpn_tcp_netmask}", push => "\"dhcp-option DNS ${openvpn_tcp_network_prefix}.1\"", management => '127.0.0.1 1000' } site_openvpn::server_config { 'udp_config': port => '1194', proto => 'udp', - server => "${openvpn_udp_network_prefix.0} ${openvpn_udp_netmask}", + server => "${openvpn_udp_network_prefix}.0 ${openvpn_udp_netmask}", push => "\"dhcp-option DNS ${openvpn_udp_network_prefix}.1\"", local => $openvpn_gateway_address, management => '127.0.0.1 1001' -- cgit v1.2.3 From 0e1f5ab91e7a613da7ec15495f05386a98626b08 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 29 Jan 2013 11:54:53 -0500 Subject: fix variable scoping --- puppet/modules/site_openvpn/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index b4c573e7..d777aa81 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,7 +1,7 @@ class site_openvpn { # parse hiera config $ip_address = hiera('ip_address') - $interface = getvar("$::{ip_address}_interface") + $interface = getvar("${ip_address}_interface") #$gateway_address = hiera('gateway_address') $openvpn_config = hiera('openvpn') $openvpn_gateway_address = $openvpn_config['gateway_address'] -- cgit v1.2.3 From a3edca1924353a797fffd8fb8506d8be86d930d3 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 29 Jan 2013 13:20:05 -0500 Subject: fix variable name for re-ordered fact --- puppet/modules/site_openvpn/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index d777aa81..0ddb01ae 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,7 +1,7 @@ class site_openvpn { # parse hiera config $ip_address = hiera('ip_address') - $interface = getvar("${ip_address}_interface") + $interface = getvar("interface_${ip_address}") #$gateway_address = hiera('gateway_address') $openvpn_config = hiera('openvpn') $openvpn_gateway_address = $openvpn_config['gateway_address'] -- cgit v1.2.3 From dda36946d405301d9123bb455753650920d0756a Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 31 Jan 2013 11:52:32 +0100 Subject: tag 'service' for all service classes --- puppet/modules/site_openvpn/manifests/init.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 0ddb01ae..df4277cd 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,4 +1,5 @@ class site_openvpn { + tag 'service' # parse hiera config $ip_address = hiera('ip_address') $interface = getvar("interface_${ip_address}") -- cgit v1.2.3 From e6fe80f9460b8bc013068e1dda8be6230b8d60a4 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 31 Jan 2013 19:09:19 +0100 Subject: tag 'base' is a bad idea because it invokes apache::base as well --- puppet/modules/site_openvpn/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_openvpn/manifests/init.pp') diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index df4277cd..e3d2a9af 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -1,5 +1,5 @@ class site_openvpn { - tag 'service' + tag 'leap_service' # parse hiera config $ip_address = hiera('ip_address') $interface = getvar("interface_${ip_address}") -- cgit v1.2.3