From 31cbf602f874ba16ef3504c004f41021fcad153b Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Tue, 2 Apr 2013 16:30:34 -0400
Subject: add $use_monkeysphere variable (default set to false) to enable
 non-monkeysphere deployments

---
 manifests/base.pp | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

(limited to 'manifests/base.pp')

diff --git a/manifests/base.pp b/manifests/base.pp
index 3f1d491..6f28d12 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -1,18 +1,26 @@
 # manage strongswan services
 class strongswan::base {
 
-  package { 'strongswan':
-    ensure  => installed,
-    require => Package['monkeysphere','gnutls-utils'];
-  } -> exec {
-    'ipsec_privatekey':
-      command => "certtool --generate-privkey --bits 2048 --outfile ${strongswan::cert_dir}/private/${::fqdn}.pem",
-      creates => "${strongswan::cert_dir}/private/${::fqdn}.pem";
-  } -> exec {
-    'ipsec_monkeysphere_cert':
-      command => "monkeysphere-host import-key ${strongswan::cert_dir}/private/${::fqdn}.pem ike://${::fqdn} && gpg --homedir /var/lib/monkeysphere/host -a --export =ike://${::fqdn} > ${strongswan::cert_dir}/certs/${::fqdn}.asc",
-      creates => "${strongswan::cert_dir}/certs/${::fqdn}.asc",
-  } -> anchor{'strongswan::certs::done': }
+  if $use_monkeysphere {
+    package { 'strongswan':
+      ensure  => installed,
+      require => Package['monkeysphere','gnutls-utils'],
+      } ->
+
+      exec { 'ipsec_privatekey':
+        command => "certtool --generate-privkey --bits 2048 --outfile ${strongswan::cert_dir}/private/${::fqdn}.pem",
+        creates => "${strongswan::cert_dir}/private/${::fqdn}.pem";
+      } ->
+
+      exec { 'ipsec_monkeysphere_cert':
+        command => "monkeysphere-host import-key ${strongswan::cert_dir}/private/${::fqdn}.pem ike://${::fqdn} && gpg --homedir /var/lib/monkeysphere/host -a --export =ike://${::fqdn} > ${strongswan::cert_dir}/certs/${::fqdn}.asc",
+        creates => "${strongswan::cert_dir}/certs/${::fqdn}.asc",
+        } -> anchor{'strongswan::certs::done': }
+  } else {
+    package { 'strongswan':
+      ensure  => installed,
+    }
+  }
 
   File {
     require => Package['strongswan'],
-- 
cgit v1.2.3