From b0b228edb52dc420c9f688c60af054ac6d0c7473 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Thu, 21 Feb 2013 16:33:27 +0100
Subject: linted a bit

---
 puppet/modules/site_openvpn/manifests/server_config.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'puppet/modules/site_openvpn/manifests/server_config.pp')

diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index de273b46..436dd272 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -57,7 +57,7 @@ define site_openvpn::server_config ($port, $proto, $local, $server, $push, $mana
   $openvpn_configname = $name
 
   concat {
-    "/etc/openvpn/$openvpn_configname.conf":
+    "/etc/openvpn/${openvpn_configname}.conf":
         owner   => root,
         group   => root,
         mode    => 644,
-- 
cgit v1.2.3


From ffb88e54c5e4e30fa61ea1009f3eee62f98ab17c Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Wed, 27 Feb 2013 23:46:58 -0800
Subject: openvpn -- added support for optional "free" rate-limited service via
 special client certificates with the FREE prefix in the common name.

---
 puppet/modules/site_openvpn/manifests/server_config.pp | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'puppet/modules/site_openvpn/manifests/server_config.pp')

diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 436dd272..1f42400a 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -52,7 +52,9 @@
 #   note: the default is BF-CBC (blowfish)
 #
 
-define site_openvpn::server_config ($port, $proto, $local, $server, $push, $management ) {
+define site_openvpn::server_config(
+  $port, $proto, $local, $server, $push,
+  $management, $tls_remote = undef, $shaper = undef) {
 
   $openvpn_configname = $name
 
@@ -66,6 +68,20 @@ define site_openvpn::server_config ($port, $proto, $local, $server, $push, $mana
         notify  => Service['openvpn'];
   }
 
+  # special options for the "free" gateway daemons
+  if $shaper != undef {
+    openvpn::option {
+      "shaper $openvpn_configname":
+         key     => 'shaper',
+         value   => $shaper,
+         server  => $openvpn_configname;
+      "tls-remote $openvpn_configname":
+         key     => 'tls-remote',
+         value   => $tls_remote,
+         server  => $openvpn_configname;
+    }
+  }
+
   openvpn::option {
     "ca $openvpn_configname":
         key     => 'ca',
-- 
cgit v1.2.3


From ad62cfdad04c8f8ed9d6454f716c92e850ac53ba Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Sun, 17 Mar 2013 13:15:51 -0700
Subject: added support for "limited" service levels (although vpn is not yet
 actually rate limited).

---
 puppet/modules/site_openvpn/manifests/server_config.pp | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

(limited to 'puppet/modules/site_openvpn/manifests/server_config.pp')

diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 1f42400a..a2e769e1 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -54,7 +54,7 @@
 
 define site_openvpn::server_config(
   $port, $proto, $local, $server, $push,
-  $management, $tls_remote = undef, $shaper = undef) {
+  $management, $tls_remote = undef) {
 
   $openvpn_configname = $name
 
@@ -68,13 +68,8 @@ define site_openvpn::server_config(
         notify  => Service['openvpn'];
   }
 
-  # special options for the "free" gateway daemons
-  if $shaper != undef {
+  if $tls_remote != undef {
     openvpn::option {
-      "shaper $openvpn_configname":
-         key     => 'shaper',
-         value   => $shaper,
-         server  => $openvpn_configname;
       "tls-remote $openvpn_configname":
          key     => 'tls-remote',
          value   => $tls_remote,
-- 
cgit v1.2.3


From 7cbc4d41e35fec9dc0192cc3caf11803b562c06d Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@leap.se>
Date: Thu, 4 Jul 2013 16:35:51 -0400
Subject: more robust openvpn restarting

this ensures that an actual restart is run on the service when config
files are added or removed, instead of relying on the status parameter
of the initscript, which can be confused if config files are removed
out from under it

Change-Id: I1c69fff26933338b707acf7dc4593547f32f92e3
---
 puppet/modules/site_openvpn/manifests/server_config.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'puppet/modules/site_openvpn/manifests/server_config.pp')

diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index a2e769e1..6106cfbb 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -65,7 +65,7 @@ define site_openvpn::server_config(
         mode    => 644,
         warn    => true,
         require => File['/etc/openvpn'],
-        notify  => Service['openvpn'];
+        notify  => Exec['restart_openvpn'];
   }
 
   if $tls_remote != undef {
-- 
cgit v1.2.3