diff options
author | mh <mh@immerda.ch> | 2012-12-31 17:58:22 +0100 |
---|---|---|
committer | mh <mh@immerda.ch> | 2012-12-31 17:58:22 +0100 |
commit | 690f05e2888bb862ce300125045f1cb21a0f5856 (patch) | |
tree | 5a93869e8352b4e8511754b13df90641472dc4f2 /manifests/base.pp | |
parent | cc53a58dfa6aef4791bb77b24d40a05f3e621643 (diff) |
generate the base config from a template -> include everything else
Diffstat (limited to 'manifests/base.pp')
-rw-r--r-- | manifests/base.pp | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 4f72ae6..17c219c 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -12,21 +12,23 @@ class strongswan::base { creates => "${strongswan::config_dir}/certs/${::fqdn}.asc", } + File { + require => Package['strongswan'], + notify => Service['ipsec'], + owner => 'root', + group => 0, + mode => '0400', + } + file{ '/etc/ipsec.secrets': - content => ": RSA ${::fqdn}.pem\n", - require => Package['strongswan'], - notify => Service['ipsec'], - owner => 'root', - group => 0, - mode => '0400'; + content => ": RSA ${::fqdn}.pem\n"; + # this is needed because if the glob-include in the config + # doesn't find anything it fails. + "${strongswan::config_dir}/ipsec.hosts.__dummy__.conf": + ensure => 'present'; '/etc/ipsec.conf': - source => "puppet:///modules/site_strongswan/configs/${::fqdn}", - require => Package['strongswan'], - notify => Service['ipsec'], - owner => 'root', - group => 0, - mode => '0400'; + content => template('strongswan/ipsec.conf.erb'); } service{'ipsec': |