/
inline.pp
54 lines (53 loc) · 1.86 KB
/
inline.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#
# == Define: openvpn::server::inline
#
# Setup a new OpenVPN server instance that uses a pre-made configuration with
# the certificates inlined. This kind of configuration files are typically used
# with Access Server, but can be generated using other tools, too.
#
# This module expects to find the inline configuration files in Puppet
# fileserver's root directory, named using this naming convention:
#
# openvpn-${title}-${::fqdn}.conf
#
# == Parameters
#
# [*manage_packetfilter*]
# Manage packet filtering rules. Valid values are true (default) and false.
# [*manage_monit*]
# Manage monit rules. Valid values are true (default) and false.
# [*tunif*]
# The name of the tunnel interface to use. Setting this manually is necessary
# to allow setup of proper iptables/ip6tables rules. The default value is
# 'tun5'.
# [*local_port*]
# The local port on which OpenVPN listens for requests. Defaults to 1194.
# [*nat*]
# NAT configuration as a hash:
# source: the source network (VPN address pool), for example 10.44.55.0/24
# destination: the destination network, for example 192.168.1.0/24
# [*files_baseurl*]
# Base URL for static OpenVPN config files and keys. Defaults to
# 'puppet:///files'.
#
define openvpn::server::inline
(
Boolean $manage_packetfilter = true,
Boolean $manage_monit = true,
Optional[String] $tunif='tun5',
Integer $local_port = 1194,
Optional[Hash] $nat=undef,
Optional[String] $files_baseurl = undef
)
{
include ::openvpn::params
openvpn::server::generic { $title:
manage_packetfilter => $manage_packetfilter,
manage_monit => $manage_monit,
dynamic => false,
files_baseurl => $files_baseurl,
tunif => $tunif,
local_port => $local_port,
nat => $nat
}
}