From ffb88e54c5e4e30fa61ea1009f3eee62f98ab17c Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Wed, 27 Feb 2013 23:46:58 -0800
Subject: openvpn -- added support for optional "free" rate-limited service via
 special client certificates with the FREE prefix in the common name.

---
 puppet/modules/site_webapp/templates/config.yml.erb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'puppet/modules/site_webapp/templates/config.yml.erb')

diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index 9cf85f0c..cd67d1fd 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -1,5 +1,13 @@
+<%- cert_options = @webapp['client_certificates'] -%>
 production:
   admins: [admin]
   domain: <%= @provider_domain %>
   client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %>
   client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
+
+cert_options:
+  client_cert_lifespan: <%= cert_options['life_span'].to_i     %>
+  client_cert_bit_size: <%= cert_options['bit_size'].to_i      %>
+  client_cert_hash: <%=     cert_options['digest']             %>
+  free_certs_enabled: <%=   @webapp['allow_free'].inspect      %>
+  free_cert_prefix: "<%=    cert_options['free_prefix']        %>"
-- 
cgit v1.2.3


From ad62cfdad04c8f8ed9d6454f716c92e850ac53ba Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Sun, 17 Mar 2013 13:15:51 -0700
Subject: added support for "limited" service levels (although vpn is not yet
 actually rate limited).

---
 puppet/modules/site_webapp/templates/config.yml.erb | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'puppet/modules/site_webapp/templates/config.yml.erb')

diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index cd67d1fd..af778212 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -6,8 +6,11 @@ production:
   client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
 
 cert_options:
-  client_cert_lifespan: <%= cert_options['life_span'].to_i     %>
-  client_cert_bit_size: <%= cert_options['bit_size'].to_i      %>
-  client_cert_hash: <%=     cert_options['digest']             %>
-  free_certs_enabled: <%=   @webapp['allow_free'].inspect      %>
-  free_cert_prefix: "<%=    cert_options['free_prefix']        %>"
+  client_cert_lifespan: <%= cert_options['life_span'].to_i %>
+  client_cert_bit_size: <%= cert_options['bit_size'].to_i %>
+  client_cert_hash: <%= cert_options['digest'] %>
+  allow_limited_certs: <%= @webapp['allow_limited_certs'].inspect %>
+  allow_unlimited_certs: <%= @webapp['allow_unlimited_certs'].inspect %>
+  allow_anonymous_certs: <%= @webapp['allow_anonymous_certs'].inspect %>
+  limited_cert_prefix: "<%= cert_options['limited_prefix'] %>"
+  unlimited_cert_prefix: "<%= cert_options['unlimited_prefix'] %>"
-- 
cgit v1.2.3


From 7b6882212da16b7f3e778919f6c8c018c6d1111b Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Tue, 16 Apr 2013 13:58:43 -0400
Subject: move secret token into the config.yaml

---
 puppet/modules/site_webapp/templates/config.yml.erb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'puppet/modules/site_webapp/templates/config.yml.erb')

diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index af778212..83348d94 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -4,6 +4,7 @@ production:
   domain: <%= @provider_domain %>
   client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %>
   client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
+  secret_token: "<%= @secret_token %>"
 
 cert_options:
   client_cert_lifespan: <%= cert_options['life_span'].to_i %>
-- 
cgit v1.2.3


From 14dae1c1f5e2f12a37c6a4e71a89ef2f6a784712 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Mon, 22 Apr 2013 15:36:45 -0700
Subject: webapp -- fixed bug in configuration

---
 puppet/modules/site_webapp/templates/config.yml.erb | 2 --
 1 file changed, 2 deletions(-)

(limited to 'puppet/modules/site_webapp/templates/config.yml.erb')

diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index 83348d94..df562cd9 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -5,8 +5,6 @@ production:
   client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %>
   client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
   secret_token: "<%= @secret_token %>"
-
-cert_options:
   client_cert_lifespan: <%= cert_options['life_span'].to_i %>
   client_cert_bit_size: <%= cert_options['bit_size'].to_i %>
   client_cert_hash: <%= cert_options['digest'] %>
-- 
cgit v1.2.3