diff options
Diffstat (limited to 'templates/ipsec.conf.erb')
| -rw-r--r-- | templates/ipsec.conf.erb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/templates/ipsec.conf.erb b/templates/ipsec.conf.erb new file mode 100644 index 0000000..40a04c1 --- /dev/null +++ b/templates/ipsec.conf.erb @@ -0,0 +1,23 @@ +config setup + crlcheckinterval=180 + strictcrlpolicy=no + plutostart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + mobike=no + keyexchange=ikev2 + rightsendcert=never + leftsendcert=never + left=<%= scope.lookupvar('strongswan::default_left_ip_address') %>.asc + leftcert=<%= scope.lookupvar('::fqdn') %>.asc + leftid=@<%= scope.lookupvar('::fqdn') %> + +<% unless scope.lookupvar('strongswan::additional_options').empty? -%> +<%= scope.lookupvar('strongswan::additional_options') %> + +<% end -%> +include <%= scope.lookupvar('strongswan::config_dir') %>/ipsec.hosts.*.conf |