bump version for the last old version
[puppet_openvpn.git] / Readme.markdown
1 # OpenVPN Puppet module
2
3 OpenVPN module for puppet including client config/cert creation (tarball to download)
4
5 ## Dependencies
6   - [puppet-concat](https://github.com/ripienaar/puppet-concat)
7
8 ## Supported OS
9   - Debian Squeeze (should, as it works on Ubuntu Lucid)
10   - Ubuntu 10.4, 12.04 (other untested)
11   - CentOS
12
13 ## Example
14
15     # add a server instance
16     openvpn::server {
17         "server1":
18             country      => "CH",
19             province     => "ZH",
20             city         => "Winterthur",
21             organization => "example.org",
22             email        => "root@example.org";
23     }
24
25     # configure server
26     openvpn::option {
27         "dev server1":
28             key    => "dev",
29             value  => "tun0",
30             server => "server1";
31         "script-security server1":
32             key    => "script-security",
33             value  => "3",
34             server => "server1";
35         "daemon server1":
36             key    => "daemon",
37             server => "server1";
38         "keepalive server1":
39             key    => "keepalive",
40             value  => "10 60",
41             server => "server1";
42         "ping-timer-rem server1":
43             key    => "ping-timer-rem",
44             server => "server1";
45         "persist-tun server1":
46             key    => "persist-tun",
47             server => "server1";
48         "persist-key server1":
49             key    => "persist-key",
50             server => "server1";
51         "proto server1":
52             key    => "proto",
53             value  => "tcp-server",
54             server => "server1";
55         "cipher server1":
56             key    => "cipher",
57             value  => "BF-CBC",
58             server => "server1";
59         "local server1":
60             key    => "local",
61             value  => $ipaddress,
62             server => "server1";
63         "tls-server server1":
64             key    => "tls-server",
65             server => "server1";
66         "server server1":
67             key    => "server",
68             value  => "10.10.10.0 255.255.255.0",
69             server => "server1";
70         "lport server1":
71             key    => "lport",
72             value  => "1194",
73             server => "server1";
74         "management server1":
75             key    => "management",
76             value  => "/var/run/openvpn-server1.sock unix",
77             server => "server1";
78         "comp-lzo server1":
79             key    => "comp-lzo",
80             server => "server1";
81         "topology server1":
82             key    => "topology",
83             value  => "subnet",
84             server => "server1";
85         "client-to-client server1":
86             key    => "client-to-client",
87             server => "server1";
88     }
89
90
91     # define clients
92     openvpn::client {
93         [ "client1.example.org", "client2.example.org" ]:
94             server      => "server1";
95     }
96
97     # add options to the client-config-dir file
98     openvpn::option {
99         "iroute server1 client1.example.org home network":
100             key    => "iroute",
101             value  => "192.168.0.0 255.255.255.0",
102             client => "client1.example.org",
103             server => "server1",
104             csc    => true;
105     }
106
107     # add an option to the client config
108     openvpn::option {
109         "ifconfig server1 client2.example.org":
110             key    => "ifconfig-push",
111             value  => "10.10.10.2 255.255.255.0",
112             client => "client2.example.org",
113             server => "server1";
114     }
115
116 Don't forget the [sysctl](https://github.com/luxflux/puppet-sysctl) directive ```net.ipv4.ip_forward```!
117
118
119 # Contributors
120
121 These fine folks helped to get this far with this module:
122 * [@jlk](https://github.com/jlk)
123 * [@jlambert121](https://github.com/jlambert121)