From 75611f5920aa275ca6ae3b0c3c51a3915fcf224d Mon Sep 17 00:00:00 2001 From: Justin Lambert Date: Fri, 28 Dec 2012 14:29:16 -0700 Subject: puppet-lint cleanup --- manifests/client.pp | 68 ++++++++++++++++++++++++++--------------------------- manifests/init.pp | 24 +++++++++---------- manifests/option.pp | 6 ++--- manifests/server.pp | 48 ++++++++++++++++++------------------- 4 files changed, 73 insertions(+), 73 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index fd94796..d45d29b 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -6,7 +6,7 @@ define openvpn::client($server, $remote_host = $fqdn) { command => ". ./vars && ./pkitool ${name}", cwd => "/etc/openvpn/${server}/easy-rsa", creates => "/etc/openvpn/${server}/easy-rsa/keys/${name}.crt", - provider => "shell", + provider => 'shell', require => Exec["generate server cert ${server}"]; } @@ -20,98 +20,98 @@ define openvpn::client($server, $remote_host = $fqdn) { require => File["/etc/openvpn/${server}/download-configs/${name}"]; "/etc/openvpn/${server}/download-configs/${name}/keys/${name}.crt": - ensure => link, - target => "/etc/openvpn/${server}/easy-rsa/keys/${name}.crt", + ensure => link, + target => "/etc/openvpn/${server}/easy-rsa/keys/${name}.crt", require => [ Exec["generate certificate for ${name} in context of ${server}"], - File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; + File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; "/etc/openvpn/${server}/download-configs/${name}/keys/${name}.key": - ensure => link, - target => "/etc/openvpn/${server}/easy-rsa/keys/${name}.key", + ensure => link, + target => "/etc/openvpn/${server}/easy-rsa/keys/${name}.key", require => [ Exec["generate certificate for ${name} in context of ${server}"], - File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; + File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; "/etc/openvpn/${server}/download-configs/${name}/keys/ca.crt": - ensure => link, - target => "/etc/openvpn/${server}/easy-rsa/keys/ca.crt", + ensure => link, + target => "/etc/openvpn/${server}/easy-rsa/keys/ca.crt", require => [ Exec["generate certificate for ${name} in context of ${server}"], - File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; + File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; } openvpn::option { "ca ${server} with ${name}": - key => "ca", - value => "keys/ca.crt", + key => 'ca', + value => 'keys/ca.crt', client => $name, server => $server; "cert ${server} with ${name}": - key => "cert", + key => 'cert', value => "keys/${name}.crt", client => $name, server => $server; "key ${server} with ${name}": - key => "key", + key => 'key', value => "keys/${name}.key", client => $name, server => $server; "client ${server} with ${name}": - key => "client", + key => 'client', client => $name, server => $server; "dev ${server} with ${name}": - key => "dev", - value => "tun", + key => 'dev', + value => 'tun', client => $name, server => $server; "proto ${server} with ${name}": - key => "proto", - value => "tcp", + key => 'proto', + value => 'tcp', client => $name, server => $server; "remote ${server} with ${name}": - key => "remote", + key => 'remote', value => "${remote_host} 1194", client => $name, server => $server; "resolv-retry ${server} with ${name}": - key => "resolv-retry", - value => "infinite", + key => 'resolv-retry', + value => 'infinite', client => $name, server => $server; "nobind ${server} with ${name}": - key => "nobind", + key => 'nobind', client => $name, server => $server; "persist-key ${server} with ${name}": - key => "persist-key", + key => 'persist-key', client => $name, server => $server; "persist-tun ${server} with ${name}": - key => "persist-tun", + key => 'persist-tun', client => $name, server => $server; "mute-replay-warnings ${server} with ${name}": - key => "mute-replay-warnings", + key => 'mute-replay-warnings', client => $name, server => $server; "ns-cert-type ${server} with ${name}": - key => "ns-cert-type", - value => "server", + key => 'ns-cert-type', + value => 'server', client => $name, server => $server; "comp-lzo ${server} with ${name}": - key => "comp-lzo", + key => 'comp-lzo', client => $name, server => $server; "verb ${server} with ${name}": - key => "verb", - value => "3", + key => 'verb', + value => '3', client => $name, server => $server; "mute ${server} with ${name}": - key => "mute", - value => "20", + key => 'mute', + value => '20', client => $name, server => $server; } @@ -136,7 +136,7 @@ define openvpn::client($server, $remote_host = $fqdn) { warn => true, force => true, notify => Exec["tar the thing ${server} with ${name}"], - require => [ File["/etc/openvpn"], File["/etc/openvpn/${server}/download-configs/${name}"] ]; + require => [ File['/etc/openvpn'], File["/etc/openvpn/${server}/download-configs/${name}"] ]; } } diff --git a/manifests/init.pp b/manifests/init.pp index 7e7fe32..6fd4510 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -2,42 +2,42 @@ class openvpn { package { - "openvpn": + 'openvpn': ensure => installed; } service { - "openvpn": + 'openvpn': ensure => running, hasrestart => true, hasstatus => true, - require => Exec["concat_/etc/default/openvpn"]; + require => Exec['concat_/etc/default/openvpn']; } file { - "/etc/openvpn": + '/etc/openvpn': ensure => directory, - require => Package["openvpn"]; + require => Package['openvpn']; } file { - "/etc/openvpn/keys": + '/etc/openvpn/keys': ensure => directory, - require => File["/etc/openvpn"]; + require => File['/etc/openvpn']; } include concat::setup concat { - "/etc/default/openvpn": + '/etc/default/openvpn': owner => root, group => root, mode => 644, warn => true, - notify => Service["openvpn"]; + notify => Service['openvpn']; } concat::fragment { - "openvpn.default.header": - content => template("openvpn/etc-default-openvpn.erb"), - target => "/etc/default/openvpn", + 'openvpn.default.header': + content => template('openvpn/etc-default-openvpn.erb'), + target => '/etc/default/openvpn', order => 01; } diff --git a/manifests/option.pp b/manifests/option.pp index 5cadb31..eb3d5a7 100644 --- a/manifests/option.pp +++ b/manifests/option.pp @@ -1,12 +1,12 @@ # option.pp -define openvpn::option($key, $value = "", $server, $client = "", $csc = false) { +define openvpn::option($key, $server, $value = '', $client = '', $csc = false) { $content = $value ? { - "" => "${key}", + '' => $key, default => "${key} ${value}" } - if $client == "" { + if $client == '' { $path = "/etc/openvpn/${server}.conf" } else { if $csc { diff --git a/manifests/server.pp b/manifests/server.pp index ec2fde9..8a516eb 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -3,12 +3,12 @@ define openvpn::server($country, $province, $city, $organization, $email) { include openvpn - $easyrsa_source = $operatingsystem ? { + $easyrsa_source = $::operatingsystem ? { 'centos' => '/usr/share/doc/openvpn-2.2.0/easy-rsa/2.0', default => '/usr/share/doc/openvpn/examples/easy-rsa/2.0' } - $link_openssl_cnf = $lsbdistcodename ? { + $link_openssl_cnf = $::lsbdistcodename ? { 'precise' => true, default => false } @@ -16,7 +16,7 @@ define openvpn::server($country, $province, $city, $organization, $email) { file { "/etc/openvpn/${name}": ensure => directory, - require => Package["openvpn"]; + require => Package['openvpn']; } file { "/etc/openvpn/${name}/client-configs": @@ -43,18 +43,18 @@ define openvpn::server($country, $province, $city, $organization, $email) { "copy easy-rsa to openvpn config folder ${name}": command => "/bin/cp -r ${easyrsa_source} /etc/openvpn/${name}/easy-rsa", creates => "/etc/openvpn/${name}/easy-rsa", - notify => Exec["fix_easyrsa_file_permissions"], + notify => Exec['fix_easyrsa_file_permissions'], require => File["/etc/openvpn/${name}"]; } exec { - "fix_easyrsa_file_permissions": - refreshonly => "true", + 'fix_easyrsa_file_permissions': + refreshonly => true, command => "/bin/chmod 755 /etc/openvpn/${name}/easy-rsa/*"; } file { "/etc/openvpn/${name}/easy-rsa/vars": ensure => present, - content => template("openvpn/vars.erb"), + content => template('openvpn/vars.erb'), require => Exec["copy easy-rsa to openvpn config folder ${name}"]; } @@ -71,24 +71,24 @@ define openvpn::server($country, $province, $city, $organization, $email) { exec { "generate dh param ${name}": - command => ". ./vars && ./clean-all && ./build-dh", + command => '. ./vars && ./clean-all && ./build-dh', cwd => "/etc/openvpn/${name}/easy-rsa", creates => "/etc/openvpn/${name}/easy-rsa/keys/dh1024.pem", - provider => "shell", + provider => 'shell', require => File["/etc/openvpn/${name}/easy-rsa/vars"]; "initca ${name}": - command => ". ./vars && ./pkitool --initca", + command => '. ./vars && ./pkitool --initca', cwd => "/etc/openvpn/${name}/easy-rsa", creates => "/etc/openvpn/${name}/easy-rsa/keys/ca.key", - provider => "shell", + provider => 'shell', require => [ Exec["generate dh param ${name}"], File["/etc/openvpn/${name}/easy-rsa/openssl.cnf"] ]; "generate server cert ${name}": - command => ". ./vars && ./pkitool --server server", + command => '. ./vars && ./pkitool --server server', cwd => "/etc/openvpn/${name}/easy-rsa", creates => "/etc/openvpn/${name}/easy-rsa/keys/server.key", - provider => "shell", + provider => 'shell', require => Exec["initca ${name}"]; } @@ -101,31 +101,31 @@ define openvpn::server($country, $province, $city, $organization, $email) { openvpn::option { "ca ${name}": - key => "ca", + key => 'ca', value => "/etc/openvpn/${name}/keys/ca.crt", require => Exec["initca ${name}"], - server => "${name}"; + server => $name; "cert ${name}": - key => "cert", + key => 'cert', value => "/etc/openvpn/${name}/keys/server.crt", require => Exec["generate server cert ${name}"], - server => "${name}"; + server => $name; "key ${name}": - key => "key", + key => 'key', value => "/etc/openvpn/${name}/keys/server.key", require => Exec["generate server cert ${name}"], - server => "${name}"; + server => $name; "dh ${name}": - key => "dh", + key => 'dh', value => "/etc/openvpn/${name}/keys/dh1024.pem", require => Exec["generate dh param ${name}"], - server => "${name}"; + server => $name; } concat::fragment { "openvpn.default.autostart.${name}": content => "AUTOSTART=\"\$AUTOSTART ${name}\"\n", - target => "/etc/default/openvpn", + target => '/etc/default/openvpn', order => 10; } @@ -135,8 +135,8 @@ define openvpn::server($country, $province, $city, $organization, $email) { group => root, mode => 644, warn => true, - require => File["/etc/openvpn"], - notify => Service["openvpn"]; + require => File['/etc/openvpn'], + notify => Service['openvpn']; } } -- cgit v1.2.3 From be29a25a726d339f69a99ccf4ff2592b681cd622 Mon Sep 17 00:00:00 2001 From: Justin Lambert Date: Fri, 28 Dec 2012 19:01:34 -0700 Subject: version bump to 2.2.2, minor redhat change, specify params that are in client.pp --- manifests/server.pp | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 8a516eb..79ca4da 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -3,14 +3,14 @@ define openvpn::server($country, $province, $city, $organization, $email) { include openvpn - $easyrsa_source = $::operatingsystem ? { - 'centos' => '/usr/share/doc/openvpn-2.2.0/easy-rsa/2.0', + $easyrsa_source = $operatingsystem ? { + 'centos' => '/usr/share/doc/openvpn-2.2.2/easy-rsa/2.0', default => '/usr/share/doc/openvpn/examples/easy-rsa/2.0' } - $link_openssl_cnf = $::lsbdistcodename ? { - 'precise' => true, - default => false + $link_openssl_cnf = $::osfamily ? { + /(Ubuntu|RedHat)/ => true, + default => false } file { @@ -120,6 +120,17 @@ define openvpn::server($country, $province, $city, $organization, $email) { value => "/etc/openvpn/${name}/keys/dh1024.pem", require => Exec["generate dh param ${name}"], server => $name; + + "proto ${name}": + key => 'proto', + value => 'tcp', + require => Exec["generate dh param ${name}"], + server => $name; + + "comp-lzo ${name}": + key => 'comp-lzo', + require => Exec["generate dh param ${name}"], + server => $name; } concat::fragment { -- cgit v1.2.3 From b0552bab409590c565dc01b2a6889ad16213dc82 Mon Sep 17 00:00:00 2001 From: Justin Lambert Date: Sat, 29 Dec 2012 07:05:45 -0700 Subject: Fixed Ubuntu's lsbdistcodename --- manifests/server.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/server.pp b/manifests/server.pp index 79ca4da..dbc8bb6 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -9,7 +9,7 @@ define openvpn::server($country, $province, $city, $organization, $email) { } $link_openssl_cnf = $::osfamily ? { - /(Ubuntu|RedHat)/ => true, + /(Debian|RedHat)/ => true, default => false } -- cgit v1.2.3 From 5754d3c5a10afbc7e3242299088bb3e1978cf7c7 Mon Sep 17 00:00:00 2001 From: Justin Lambert Date: Sat, 29 Dec 2012 07:20:49 -0700 Subject: updated spacing for multi-line arrays. updated selector for consistency --- manifests/client.pp | 14 +++++++------- manifests/server.pp | 12 ++++++------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/manifests/client.pp b/manifests/client.pp index d45d29b..7927000 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -22,19 +22,19 @@ define openvpn::client($server, $remote_host = $fqdn) { "/etc/openvpn/${server}/download-configs/${name}/keys/${name}.crt": ensure => link, target => "/etc/openvpn/${server}/easy-rsa/keys/${name}.crt", - require => [ Exec["generate certificate for ${name} in context of ${server}"], + require => [ Exec["generate certificate for ${name} in context of ${server}"], File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; "/etc/openvpn/${server}/download-configs/${name}/keys/${name}.key": ensure => link, target => "/etc/openvpn/${server}/easy-rsa/keys/${name}.key", - require => [ Exec["generate certificate for ${name} in context of ${server}"], + require => [ Exec["generate certificate for ${name} in context of ${server}"], File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; "/etc/openvpn/${server}/download-configs/${name}/keys/ca.crt": ensure => link, target => "/etc/openvpn/${server}/easy-rsa/keys/ca.crt", - require => [ Exec["generate certificate for ${name} in context of ${server}"], + require => [ Exec["generate certificate for ${name} in context of ${server}"], File["/etc/openvpn/${server}/download-configs/${name}/keys"] ]; } @@ -121,10 +121,10 @@ define openvpn::client($server, $remote_host = $fqdn) { cwd => "/etc/openvpn/${server}/download-configs/", command => "/bin/rm ${name}.tar.gz; tar --exclude=\\*.conf.d -chzvf ${name}.tar.gz ${name}", refreshonly => true, - require => [ File["/etc/openvpn/${server}/download-configs/${name}/${name}.conf"], - File["/etc/openvpn/${server}/download-configs/${name}/keys/ca.crt"], - File["/etc/openvpn/${server}/download-configs/${name}/keys/${name}.key"], - File["/etc/openvpn/${server}/download-configs/${name}/keys/${name}.crt"] ]; + require => [ File["/etc/openvpn/${server}/download-configs/${name}/${name}.conf"], + File["/etc/openvpn/${server}/download-configs/${name}/keys/ca.crt"], + File["/etc/openvpn/${server}/download-configs/${name}/keys/${name}.key"], + File["/etc/openvpn/${server}/download-configs/${name}/keys/${name}.crt"] ]; } diff --git a/manifests/server.pp b/manifests/server.pp index dbc8bb6..bfcaad8 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -3,9 +3,9 @@ define openvpn::server($country, $province, $city, $organization, $email) { include openvpn - $easyrsa_source = $operatingsystem ? { - 'centos' => '/usr/share/doc/openvpn-2.2.2/easy-rsa/2.0', - default => '/usr/share/doc/openvpn/examples/easy-rsa/2.0' + $easyrsa_source = $::osfamily ? { + 'RedHat' => '/usr/share/doc/openvpn-2.2.2/easy-rsa/2.0', + default => '/usr/share/doc/openvpn/examples/easy-rsa/2.0' } $link_openssl_cnf = $::osfamily ? { @@ -34,9 +34,9 @@ define openvpn::server($country, $province, $city, $organization, $email) { server => $name, require => File["/etc/openvpn/${name}"]; "mode ${name}": - key => 'mode', - value => 'server', - server => $name; + key => 'mode', + value => 'server', + server => $name; } exec { -- cgit v1.2.3