diff options
| author | mh <mh@immerda.ch> | 2013-01-04 16:13:46 +0100 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2013-01-04 16:13:46 +0100 |
| commit | b76b3287a6e4393ce7c87c757d7318447ae94f97 (patch) | |
| tree | 876685a05cc61ca69dfafe12254c538bca86ada1 | |
| parent | 94a86ffc5b8b563f5ba7d95e508a4ea6699f6776 (diff) | |
rework how things are getting exported
| -rw-r--r-- | manifests/base.pp | 13 | ||||
| -rw-r--r-- | manifests/init.pp | 12 |
2 files changed, 12 insertions, 13 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index d31b03b..9f0a38e 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -40,17 +40,4 @@ class strongswan::base { ensure => running, enable => true, } - - if $strongswan::auto_remote_host and ($::strongswan_cert != 'false') and ($::strongswan_cert != '') { - # export - @@strongswan::remote_host{$::fqdn: - right_cert_content => $::strongswan_cert, - right_ip_address => $strongswan::default_left_ip_address, - right_subnet => $strongswan::default_left_subnet, - tag => $::fqdn - } - #Strongswan::Remote_Host<<| tag == 'auto' and tag != $::fqdn |>> - Strongswan::Remote_Host<<| tag != $::fqdn |>> - } - } diff --git a/manifests/init.pp b/manifests/init.pp index 5458ed8..35555f6 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -43,6 +43,18 @@ class strongswan( } } + if $auto_remote_host and ($::strongswan_cert != 'false') and ($::strongswan_cert != '') { + # export myself + @@strongswan::remote_host{$::fqdn: + right_cert_content => $::strongswan_cert, + right_ip_address => $strongswan::default_left_ip_address, + right_subnet => $strongswan::default_left_subnet, + tag => 'strongswan_auto' + } + # collect all other auto exported except myself + Strongswan::Remote_Host<<| tag == 'strongswan_auto' and title != $::fqdn |>> + } + if $manage_shorewall { class{'shorewall::rules::ipsec': source => $strongswan::shorewall_source |