diff options
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/client.pp | 18 | ||||
-rw-r--r-- | manifests/option.pp | 24 | ||||
-rw-r--r-- | manifests/server.pp | 27 |
3 files changed, 20 insertions, 49 deletions
diff --git a/manifests/client.pp b/manifests/client.pp index 71b720d..6abef5e 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -2,6 +2,7 @@ define openvpn::client( $server, + $compression = 'comp-lzo', $dev = 'tun', $mute = '20', $mute_replay_warnings = true, @@ -12,7 +13,7 @@ define openvpn::client( $port = '1194', $proto = 'tcp', $remote_host = $::fqdn, - $resolve_retry = 'infinite', + $resolv_retry = 'infinite', $verb = '3', ) { exec { @@ -50,10 +51,17 @@ define openvpn::client( target => "/etc/openvpn/${server}/easy-rsa/keys/ca.crt", require => [ Exec["generate certificate for ${name} in context of ${server}"], File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; + + "/etc/openvpn/${server}/download-configs/${name}/${name}.conf": + owner => root, + group => root, + mode => '0444', + content => template('openvpn/client.erb'), + notify => Exec["tar the thing ${server} with ${name}"]; } concat { - [ "/etc/openvpn/${server}/client-configs/${name}", "/etc/openvpn/${server}/download-configs/${name}/${name}.conf" ]: + "/etc/openvpn/${server}/client-configs/${name}": owner => root, group => root, mode => 644, @@ -63,12 +71,6 @@ define openvpn::client( require => [ File['/etc/openvpn'], File["/etc/openvpn/${server}/download-configs/${name}"] ]; } - concat::fragment { - "openvpn.${server}.client.${name}": - target => "/etc/openvpn/${server}/download-configs/${name}/${name}.conf", - content => "${content}\n"; - } - exec { "tar the thing ${server} with ${name}": cwd => "/etc/openvpn/${server}/download-configs/", diff --git a/manifests/option.pp b/manifests/option.pp deleted file mode 100644 index eb3d5a7..0000000 --- a/manifests/option.pp +++ /dev/null @@ -1,24 +0,0 @@ -# option.pp - -define openvpn::option($key, $server, $value = '', $client = '', $csc = false) { - $content = $value ? { - '' => $key, - default => "${key} ${value}" - } - - if $client == '' { - $path = "/etc/openvpn/${server}.conf" - } else { - if $csc { - $path = "/etc/openvpn/${server}/client-configs/${client}" - } else { - $path = "/etc/openvpn/${server}/download-configs/${client}/${client}.conf" - } - } - - concat::fragment { - "openvpn.${server}.${client}.${name}": - target => $path, - content => "${content}\n"; - } -} diff --git a/manifests/server.pp b/manifests/server.pp index 9355327..ad9351a 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -12,11 +12,11 @@ define openvpn::server( $group = 'nobody', $user = 'nobody', $logfile = "${name}/openvpn.log", - $status-log = "${name}/openvpn-status.log", + $status_log = "${name}/openvpn-status.log", $dev = 'tun0', $local = $::ipaddress_eth0, $ipp = false, - $server = "${network_eth0} ${netmask_eth0}", + $server = "${::network_eth0} ${::netmask_eth0}", $push = [] ) { include openvpn @@ -103,20 +103,13 @@ define openvpn::server( target => '/etc/default/openvpn', order => 10; } - - concat { - "/etc/openvpn/${name}.conf": - owner => root, - group => root, - mode => 644, - warn => true, - require => File['/etc/openvpn'], - notify => Service['openvpn']; - } - - concat::fragment { - "openvpn.${server}.${name}": - target => "/etc/openvpn/${name}.conf", - content => template('openvpn/server.erb') + + file { + "/etc/openvpn/${name}.conf": + owner => root, + group => root, + mode => '0444', + content => template('openvpn/server.erb'), + notify => Service['openvpn']; } } |