blob: dbe39451eb23ba13b37aaaa5f24d8955611987c4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# host <%= name %>
<% if !(right_id =~ /#{scope.lookupvar('::fqdn')}/) -%>
conn <%= name %>
<% if left_ip_address != 'absent' -%>
left=<%= left_ip_address %>
<% end -%>
<% if left_id != 'absent' -%>
leftid=@<%= left_id %>
<% end -%>
<% unless left_subnet.empty? -%>
leftsubnet=<%= left_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %>
<% end -%>
right=<%= right_ip_address %>
rightid=@<%= right_id %>
rightcert=<%= right_cert_name %>.asc
<% if right_subnet.empty? -%>
<% unless (subn=scope.lookupvar('strongswan::default_left_subnet')).empty? -%>
# Override the public subnet definition for the internal links
rightsubnet=<%= right_ip_address %>/32
<% end %>
<% else -%>
rightsubnet=<%= right_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %>
<% end -%>
type=transport
auto=start
<% else -%>
# placeholder to not add ourself to the hostlist
# this is due to a limitations how puppet can collect
# exported resources
<% end -%>
|
