diff options
author | Raffael Schmid <raffael@yux.ch> | 2012-02-10 16:32:16 +0100 |
---|---|---|
committer | Raffael Schmid <raffael@yux.ch> | 2012-02-10 16:32:16 +0100 |
commit | 938c06b1c4d6c77f85b05112d7312131eafbd4ec (patch) | |
tree | 1ec6ff7b64927f5b2966c3caf5cae6bce79ae1d3 /manifests/server.pp | |
parent | feac1f6d0d8174b7e2827f08d7108eaf20da33c5 (diff) |
ready for 2.7 module structure
Diffstat (limited to 'manifests/server.pp')
-rw-r--r-- | manifests/server.pp | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/manifests/server.pp b/manifests/server.pp new file mode 100644 index 0000000..2bf2f64 --- /dev/null +++ b/manifests/server.pp @@ -0,0 +1,92 @@ +# server.pp + +define openvpn::server($country, $province, $city, $organization, $email) { + include openvpn + + file { + "/etc/openvpn/${name}": + ensure => directory, + require => Package["openvpn"]; + } + file { + "/etc/openvpn/${name}/client-configs": + ensure => directory, + require => File["/etc/openvpn/${name}"]; + "/etc/openvpn/${name}/download-configs": + ensure => directory, + require => File["/etc/openvpn/${name}"]; + } + + exec { + "copy easy-rsa to openvpn config folder ${name}": + command => "cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/${name}/easy-rsa", + creates => "/etc/openvpn/${name}/easy-rsa", + require => File["/etc/openvpn/${name}"]; + } + file { + "/etc/openvpn/${name}/easy-rsa/vars": + ensure => present, + content => template("openvpn/vars.erb"), + require => Exec["copy easy-rsa to openvpn config folder ${name}"]; + } + + exec { + "generate dh param ${name}": + command => ". ./vars && ./clean-all && ./build-dh", + cwd => "/etc/openvpn/${name}/easy-rsa", + creates => "/etc/openvpn/${name}/easy-rsa/keys/dh1024.pem", + provider => "shell", + require => File["/etc/openvpn/${name}/easy-rsa/vars"]; + + "initca ${name}": + command => ". ./vars && ./pkitool --initca", + cwd => "/etc/openvpn/${name}/easy-rsa", + creates => "/etc/openvpn/${name}/easy-rsa/keys/ca.key", + provider => "shell", + require => Exec["generate dh param ${name}"]; + + "generate server cert ${name}": + command => ". ./vars && ./pkitool --server server", + cwd => "/etc/openvpn/${name}/easy-rsa", + creates => "/etc/openvpn/${name}/easy-rsa/keys/server.key", + provider => "shell", + require => Exec["initca ${name}"]; + } + + file { + "/etc/openvpn/${name}/keys": + ensure => link, + target => "/etc/openvpn/${name}/easy-rsa/keys", + require => Exec["copy easy-rsa to openvpn config folder ${name}"]; + } + + openvpn::option { + "ca ${name}": + key => "ca", + value => "/etc/openvpn/${name}/keys/ca.crt", + require => Exec["initca ${name}"], + server => "${name}"; + "cert ${name}": + key => "cert", + value => "/etc/openvpn/${name}/keys/server.crt", + require => Exec["generate server cert ${name}"], + server => "${name}"; + "key ${name}": + key => "key", + value => "/etc/openvpn/${name}/keys/server.key", + require => Exec["generate server cert ${name}"], + server => "${name}"; + "dh ${name}": + key => "dh", + value => "/etc/openvpn/${name}/keys/dh1024.pem", + require => Exec["generate dh param ${name}"], + server => "${name}"; + } + + common::concatfilepart { + "etc-default-openvpn autostart for ${name}": + ensure => present, + content => "AUTOSTART=\"\$AUTOSTART ${name}\"\n", + file => "/etc/default/openvpn"; + } +} |