From 492468d87aa6ea31b137fb2361b6bf7da88f3d1d Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Mon, 31 Dec 2012 18:51:06 +0100
Subject: fully auto remote host configuration

we do not only export the certificate, but also the config snippet itself
so hosts configure themself fully with an ipsec configuration.
---
 templates/ipsec.conf.erb  | 2 +-
 templates/remote_host.erb | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 templates/remote_host.erb

(limited to 'templates')

diff --git a/templates/ipsec.conf.erb b/templates/ipsec.conf.erb
index ca0daa9..5527c5f 100644
--- a/templates/ipsec.conf.erb
+++ b/templates/ipsec.conf.erb
@@ -20,4 +20,4 @@ conn %default
 <%= scope.lookupvar('strongswan::additional_options') %>
 
 <% end -%>
-include <%= scope.lookupvar('strongswan::config_dir') %>/ipsec.hosts.*.conf
+include <%= scope.lookupvar('strongswan::config_dir') %>/hosts/*.conf
diff --git a/templates/remote_host.erb b/templates/remote_host.erb
new file mode 100644
index 0000000..4193506
--- /dev/null
+++ b/templates/remote_host.erb
@@ -0,0 +1,8 @@
+# host <%= name %>
+conn <%= name %>
+        right=<%= right_ip_address %>
+        rightid=@<%= right_id %>
+        rightcert=<%= right_cert_name %>.asc
+        type=transport
+        auto=start
+
-- 
cgit v1.2.3