From c6f9e4ff4ac280e4be7ddfee1d037b4a29ae787c Mon Sep 17 00:00:00 2001 From: Raffael Schmid Date: Fri, 10 Feb 2012 17:20:57 +0100 Subject: update readme to link to our dependencies --- README | 112 ------------------------------------------------------ Readme.markdown | 115 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+), 112 deletions(-) delete mode 100644 README create mode 100644 Readme.markdown diff --git a/README b/README deleted file mode 100644 index 59d80a8..0000000 --- a/README +++ /dev/null @@ -1,112 +0,0 @@ -OpenVPN Puppet module -===================== - -Example Usage: --------------- - -# add a server instance -openvpn::server { - "server1": - country => "CH", - province => "ZH", - city => "Winterthur", - organization => "example.org", - email => "root@example.org"; -} - -# configure server -openvpn::option { - "dev server1": - key => "dev", - value => "tun0", - server => "server1"; - "script-security server1": - key => "script-security", - value => "3", - server => "server1"; - "daemon server1": - key => "daemon", - server => "server1"; - "keepalive server1": - key => "keepalive", - value => "10 60", - server => "server1"; - "ping-timer-rem server1": - key => "ping-timer-rem", - server => "server1"; - "persist-tun server1": - key => "persist-tun", - server => "server1"; - "persist-key server1": - key => "persist-key", - server => "server1"; - "proto server1": - key => "proto", - value => "tcp-server", - server => "server1"; - "cipher server1": - key => "cipher", - value => "BF-CBC", - server => "server1"; - "local server1": - key => "local", - value => $ipaddress, - server => "server1"; - "tls-server server1": - key => "tls-server", - server => "server1"; - "server server1": - key => "server", - value => "10.10.10.0 255.255.255.0", - server => "server1"; - "client-config-dir server1": - key => "client-config-dir", - value => "/etc/openvpn/server1/client-configs", - server => "server1"; - "lport server1": - key => "lport", - value => "1194", - server => "server1"; - "management server1": - key => "management", - value => "/var/run/openvpn-server1.sock unix", - server => "server1"; - "comp-lzo server1": - key => "comp-lzo", - server => "server1"; - "topology server1": - key => "topology", - value => "subnet", - server => "server1"; - "client-to-client server1": - key => "client-to-client", - server => "server1"; -} - - - # define clients - openvpn::client { - [ "client1.example.org", "client2.example.org" ]: - server => "server1"; - } - - # add options to the client-config-dir file - openvpn::option { - "iroute server1 client1.example.org home network": - key => "iroute", - value => "192.168.0.0 255.255.255.0", - client => "client1.example.org", - server => "server1", - csc => true; - } - - # add an option to the client config - openvpn::option { - "ifconfig server1 client2.example.org": - key => "ifconfig-push", - value => "10.10.10.2 255.255.255.0", - client => "client2.example.org", - server => "server1"; - } - -Don't forget the sysctl directive 'net.ipv4.ip_forward'! diff --git a/Readme.markdown b/Readme.markdown new file mode 100644 index 0000000..499a48d --- /dev/null +++ b/Readme.markdown @@ -0,0 +1,115 @@ +# OpenVPN Puppet module + +OpenVPN module for puppet including client config/cert creation (tarball to download) + +## Dependencies + - [puppet-concat](https://github.com/ripienaar/puppet-concat) + +## Example + + # add a server instance + openvpn::server { + "server1": + country => "CH", + province => "ZH", + city => "Winterthur", + organization => "example.org", + email => "root@example.org"; + } + + # configure server + openvpn::option { + "dev server1": + key => "dev", + value => "tun0", + server => "server1"; + "script-security server1": + key => "script-security", + value => "3", + server => "server1"; + "daemon server1": + key => "daemon", + server => "server1"; + "keepalive server1": + key => "keepalive", + value => "10 60", + server => "server1"; + "ping-timer-rem server1": + key => "ping-timer-rem", + server => "server1"; + "persist-tun server1": + key => "persist-tun", + server => "server1"; + "persist-key server1": + key => "persist-key", + server => "server1"; + "proto server1": + key => "proto", + value => "tcp-server", + server => "server1"; + "cipher server1": + key => "cipher", + value => "BF-CBC", + server => "server1"; + "local server1": + key => "local", + value => $ipaddress, + server => "server1"; + "tls-server server1": + key => "tls-server", + server => "server1"; + "server server1": + key => "server", + value => "10.10.10.0 255.255.255.0", + server => "server1"; + "client-config-dir server1": + key => "client-config-dir", + value => "/etc/openvpn/server1/client-configs", + server => "server1"; + "lport server1": + key => "lport", + value => "1194", + server => "server1"; + "management server1": + key => "management", + value => "/var/run/openvpn-server1.sock unix", + server => "server1"; + "comp-lzo server1": + key => "comp-lzo", + server => "server1"; + "topology server1": + key => "topology", + value => "subnet", + server => "server1"; + "client-to-client server1": + key => "client-to-client", + server => "server1"; + } + + + # define clients + openvpn::client { + [ "client1.example.org", "client2.example.org" ]: + server => "server1"; + } + + # add options to the client-config-dir file + openvpn::option { + "iroute server1 client1.example.org home network": + key => "iroute", + value => "192.168.0.0 255.255.255.0", + client => "client1.example.org", + server => "server1", + csc => true; + } + + # add an option to the client config + openvpn::option { + "ifconfig server1 client2.example.org": + key => "ifconfig-push", + value => "10.10.10.2 255.255.255.0", + client => "client2.example.org", + server => "server1"; + } + +Don't forget the sysctl directive 'net.ipv4.ip_forward'! -- cgit v1.2.3