1 files changed, 12 insertions, 7 deletions

diff --git a/manifests/server.pp b/manifests/server.pp
index 78b3df3..b5f0e63 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -30,9 +30,13 @@
 #   Default: tun
 #   Options: tun (routed connections), tap (bridged connections)
 #
+# [*user*]
+#   String.  Group to drop privileges to after startup
+#   Default: nobody
+#
 # [*group*]
 #   String.  User to drop privileges to after startup
-#   Default: nobody
+#   Default: depends on your $::osfamily
 #
 # [*ipp*]
 #   Boolean.  Persist ifconfig information to a file to retain client IP
@@ -62,10 +66,6 @@
 #   String.  Logfile for periodic dumps of the vpn service status
 #   Default: "${name}/openvpn-status.log"
 #
-# [*user*]
-#   String.  Group to drop privileges to after startup
-#   Default: nobody
-#
 # [*server*]
 #   String.  Network to assign client addresses out of
 #   Default: None.  Required in tun mode, not in tap mode
@@ -102,7 +102,8 @@ define openvpn::server(
   $email,
   $compression = 'comp-lzo',
   $dev = 'tun0',
-  $group = 'nobody',
+  $user = 'nobody',
+  $group = false,
   $ipp = false,
   $ip_pool = [],
   $local = $::ipaddress_eth0,
@@ -110,7 +111,6 @@ define openvpn::server(
   $port = '1194',
   $proto = 'tcp',
   $status_log = "${name}/openvpn-status.log",
-  $user = 'nobody',
   $server = '',
   $push = []
 ) {
@@ -135,6 +135,11 @@ define openvpn::server(
       default      => false
     }
 
+    $group_to_set = $group ? {
+      false   => $openvpn::params::group,
+      default => $group
+    }
+
     file {
         ["/etc/openvpn/${name}", "/etc/openvpn/${name}/client-configs", "/etc/openvpn/${name}/download-configs" ]:
             ensure  => directory;