1 files changed, 22 insertions, 12 deletions

diff --git a/manifests/init.pp b/manifests/init.pp
index 88cf48c..53e84bb 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -2,17 +2,27 @@
 class strongswan(
   $manage_shorewall         = false,
   $shorewall_source         = 'net',
+  $use_monkeysphere         = false,
   $monkeysphere_publish_key = false,
   $ipsec_nat                = false,
   $default_left_ip_address  = $::ipaddress,
   $default_left_subnet      = reject(split($::strongswan_ips,','),$::ipaddress),
   $additional_options       = '',
-  $auto_remote_host         = false
+  $auto_remote_host         = false,
+  $ipsec_conf_template      = 'strongswan/ipsec.conf.erb',
+  $custom_hostname          = $::fqdn
 ) {
 
-  class{'monkeysphere':
-    publish_key => $monkeysphere_publish_key
-  } -> class{'certtool': }
+  if $use_monkeysphere != false {
+    class { 'monkeysphere':
+      publish_key => $monkeysphere_publish_key
+    } -> class { 'certtool': }
+
+    $require_monkeysphere = $use_monkeysphere ? {
+      true  => Class['monkeysphere'],
+      false => ''
+    }
+  }
 
   case $::operatingsystem {
     centos: {
@@ -22,16 +32,16 @@ class strongswan(
           $cert_dir   = '/etc/ipsec.d'
           $binary     = '/usr/sbin/ipsec'
 
-          class{'strongswan::centos::five':
-            require => Class['monkeysphere'],
+          class { 'strongswan::centos::five':
+            require => $require_monkeysphere
           }
         }
         default: {
           $config_dir = '/etc/strongswan'
           $cert_dir   = '/etc/strongswan/ipsec.d'
           $binary     = '/usr/sbin/strongswan'
-          class{'strongswan::centos::six':
-            require => Class['monkeysphere'],
+          class { 'strongswan::centos::six':
+            require => $require_monkeysphere
           }
         }
       }
@@ -40,15 +50,15 @@ class strongswan(
       $config_dir = '/etc/ipsec.d'
       $cert_dir   = '/etc/ipsec.d'
       $binary     = '/usr/sbin/ipsec'
-      class{'strongswan::base':
-        require => Class['monkeysphere'],
+      class { 'strongswan::base':
+        require => $require_monkeysphere
       }
     }
   }
 
   if $auto_remote_host and ($::strongswan_cert != 'false') and ($::strongswan_cert != '') {
     # export myself
-    @@strongswan::remote_host{$::fqdn:
+    @@strongswan::remote_host { $strongswan::custom_hostname:
       right_cert_content  => $::strongswan_cert,
       right_ip_address    => $strongswan::default_left_ip_address,
       right_subnet        => $strongswan::default_left_subnet,
@@ -60,7 +70,7 @@ class strongswan(
   }
 
   if $manage_shorewall {
-    shorewall::rules::ipsec{
+    shorewall::rules::ipsec {
       $strongswan::shorewall_source:
     }
     if $ipsec_nat {