Add support for Ubuntu precise

openssl.cnf has to be linked for precise to work also added the client-specific config dir per default and the required "mode server"
author: Raffael Schmid <raffael@yux.ch> 2012-08-08 12:23:56 +0300
committer: Raffael Schmid <raffael@yux.ch> 2012-08-08 12:23:56 +0300
commit: 46b2c190dd49347015fa7a87ebaf70a4ed6725c7 (patch)
tree: 3561e5d6ca4fcb034234aa999c8350e5d4fedc1a
parent: 5328d66ec5c64616aa446e023e4cc36abf69e542 (diff)
1 files changed, 29 insertions, 1 deletions
diff --git a/manifests/server.pp b/manifests/server.pp
index 82a4ca5..ec2fde9 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -8,6 +8,11 @@ define openvpn::server($country, $province, $city, $organization, $email) {
       default => '/usr/share/doc/openvpn/examples/easy-rsa/2.0'
     }
 
+    $link_openssl_cnf = $lsbdistcodename ? {
+      'precise' => true,
+      default => false
+    }
+
     file {
         "/etc/openvpn/${name}":
             ensure  => directory,
@@ -22,6 +27,18 @@ define openvpn::server($country, $province, $city, $organization, $email) {
             require => File["/etc/openvpn/${name}"];
     }
 
+    openvpn::option {
+        "client-config-dir ${name}":
+            key     => 'client-config-dir',
+            value   => "/etc/openvpn/${name}/client-configs",
+            server  => $name,
+            require => File["/etc/openvpn/${name}"];
+        "mode ${name}":
+            key    => 'mode',
+            value  => 'server',
+            server => $name;
+    }
+
     exec {
         "copy easy-rsa to openvpn config folder ${name}":
             command => "/bin/cp -r ${easyrsa_source} /etc/openvpn/${name}/easy-rsa",
@@ -41,6 +58,17 @@ define openvpn::server($country, $province, $city, $organization, $email) {
             require => Exec["copy easy-rsa to openvpn config folder ${name}"];
     }
 
+    file {
+      "/etc/openvpn/${name}/easy-rsa/openssl.cnf":
+        require => Exec["copy easy-rsa to openvpn config folder ${name}"];
+    }
+    if $link_openssl_cnf == true {
+        File["/etc/openvpn/${name}/easy-rsa/openssl.cnf"] {
+            ensure => link,
+            target => "/etc/openvpn/${name}/easy-rsa/openssl-1.0.0.cnf"
+        }
+    }
+
     exec {
         "generate dh param ${name}":
             command  => ". ./vars && ./clean-all && ./build-dh",
@@ -54,7 +82,7 @@ define openvpn::server($country, $province, $city, $organization, $email) {
             cwd      => "/etc/openvpn/${name}/easy-rsa",
             creates  => "/etc/openvpn/${name}/easy-rsa/keys/ca.key",
             provider => "shell",
-            require  => Exec["generate dh param ${name}"];
+            require  => [ Exec["generate dh param ${name}"], File["/etc/openvpn/${name}/easy-rsa/openssl.cnf"] ];
 
         "generate server cert ${name}":
             command  => ". ./vars && ./pkitool --server server",
author	Raffael Schmid <raffael@yux.ch>	2012-08-08 12:23:56 +0300
committer	Raffael Schmid <raffael@yux.ch>	2012-08-08 12:23:56 +0300
commit	46b2c190dd49347015fa7a87ebaf70a4ed6725c7 (patch)
tree	3561e5d6ca4fcb034234aa999c8350e5d4fedc1a
parent	5328d66ec5c64616aa446e023e4cc36abf69e542 (diff)