1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# configure a simple remote host
define strongswan::remote_host(
$right_ip_address,
$right_subnet = [],
$ensure = 'present',
$left_id = 'absent',
$left_ip_address = 'absent',
$left_subnet = [],
$right_id = $name,
$right_cert_name = $name,
$right_cert_content = 'absent'
){
file { "${strongswan::config_dir}/hosts/${name}.conf":
ensure => $ensure,
require => Package['strongswan'],
notify => Service['ipsec'],
}
if $ensure == 'present' {
File["${strongswan::config_dir}/hosts/${name}.conf"]{
content => template('strongswan/remote_host.erb'),
owner => 'root',
group => 0,
mode => '0400',
}
}
if $right_cert_content != 'unmanaged' {
strongswan::cert { $right_cert_name: }
if ($right_cert_content != 'absent') and ($ensure == 'present') {
Strongswan::Cert[$right_cert_name]{
ensure => $ensure,
cert => $right_cert_content,
}
} else {
Strongswan::Cert[$right_cert_name]{
ensure => 'absent',
}
}
}
}
|
