diff options
author | Raffael Schmid <raffael@yux.ch> | 2011-08-12 10:27:21 +0200 |
---|---|---|
committer | Raffael Schmid <raffael@yux.ch> | 2011-08-12 10:27:21 +0200 |
commit | 2a1d6e8f721d2a921b30106faff99a529098ee3a (patch) | |
tree | 4cb3ace5d88e7eeccb8888f5023efcedc1e90150 /README | |
parent | 55b874ebf13d218437f3edd7002d2ff41c7ef457 (diff) |
add README
Diffstat (limited to 'README')
-rw-r--r-- | README | 110 |
1 files changed, 110 insertions, 0 deletions
@@ -0,0 +1,110 @@ +OpenVPN Puppet module +===================== + +Example Usage: +-------------- + +openvpn::server { + "server1": + country => "CH", + province => "ZH", + city => "Winterthur", + organization => "example.org", + email => "root@example.org"; +} + + openvpn::option { + "dev server1": + key => "dev", + value => "tun0", + server => "server1"; + "script-security server1": + key => "script-security", + value => "3", + server => "server1"; + "daemon server1": + key => "daemon", + server => "server1"; + "keepalive server1": + key => "keepalive", + value => "10 60", + server => "server1"; + "ping-timer-rem server1": + key => "ping-timer-rem", + server => "server1"; + "persist-tun server1": + key => "persist-tun", + server => "server1"; + "persist-key server1": + key => "persist-key", + server => "server1"; + "proto server1": + key => "proto", + value => "tcp-server", + server => "server1"; + "cipher server1": + key => "cipher", + value => "BF-CBC", + server => "server1"; + "local server1": + key => "local", + value => $ipaddress, + server => "server1"; + "tls-server server1": + key => "tls-server", + server => "server1"; + "server server1": + key => "server", + value => "10.10.10.0 255.255.255.0", + server => "server1"; + "client-config-dir server1": + key => "client-config-dir", + value => "/etc/openvpn/server1/client-configs", + server => "server1"; + "lport server1": + key => "lport", + value => "1194", + server => "server1"; + "management server1": + key => "management", + value => "/var/run/openvpn-server1.sock unix", + server => "server1"; + "comp-lzo server1": + key => "comp-lzo", + server => "server1"; + "topology server1": + key => "topology", + value => "subnet", + server => "server1"; + "client-to-client server1": + key => "client-to-client", + server => "server1"; + } + + + # define clients + openvpn::client { + [ "client1.example.org", "client2.example.org" ]: + server => "server1"; + } + + # add options to the client-config-dir file + openvpn::option { + "iroute server1 client1.example.org home network": + key => "iroute", + value => "192.168.0.0 255.255.255.0", + client => "client1.example.org", + server => "server1", + csc => true; + } + + # add an option to the client config + openvpn::option { + "ifconfig server1 client2.example.org": + key => "ifconfig-push", + value => "10.10.10.2 255.255.255.0", + client => "client2.example.org", + server => "server1"; + } + +Don't forget the sysctl directive 'net.ipv4.ip_forward'! |