OpenVpn Puppet module
Puppet Ruby HTML
Switch branches/tags
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

Puppet module: openvpn


This module is no more actively maintained and will hardly be updated.

Please find an alternative module from other authors or consider Tiny Puppet as replacement.

If you want to maintain this module, contact Alessandro Franceschi

This is a Puppet module for openvpn based on the second generation layout ("NextGen") of Example42 Puppet Modules.

Made by Alessandro Franceschi / Lab42

Official site:

Official git repository:

Released under the terms of Apache 2 License.

This module requires functions provided by the Example42 Puppi module (you need it even if you don't use and install Puppi)

For detailed info about the logic and usage patterns of Example42 modules check the DOCS directory on Example42 main modules set.

USAGE - Basic management

  • Install openvpn with default settings

      class { 'openvpn': }
  • Install a specific version of openvpn package

      class { 'openvpn':
        version => '1.0.1',
  • Disable openvpn service.

      class { 'openvpn':
        disable => true
  • Remove openvpn package

      class { 'openvpn':
        absent => true
  • Enable auditing without without making changes on existing openvpn configuration files

      class { 'openvpn':
        audit_only => true

USAGE - Overrides and Customizations

  • Use custom sources for main config file

      class { 'openvpn':
        source => [ "puppet:///modules/lab42/openvpn/openvpn.conf-${hostname}" , "puppet:///modules/lab42/openvpn/openvpn.conf" ], 
  • Use custom source directory for the whole configuration dir

      class { 'openvpn':
        source_dir       => 'puppet:///modules/lab42/openvpn/conf/',
        source_dir_purge => false, # Set to true to purge any existing file not present in $source_dir
  • Use custom template for main config file. Note that template and source arguments are alternative.

      class { 'openvpn':
        template => 'example42/openvpn/openvpn.conf.erb',
  • Automatically include a custom subclass

      class { 'openvpn':
        my_class => 'openvpn::example42',

USAGE - Example42 extensions management

  • Activate puppi (recommended, but disabled by default)

      class { 'openvpn':
        puppi    => true,
  • Activate puppi and use a custom puppi_helper template (to be provided separately with a puppi::helper define ) to customize the output of puppi commands

      class { 'openvpn':
        puppi        => true,
        puppi_helper => 'myhelper', 
  • Activate automatic monitoring (recommended, but disabled by default). This option requires the usage of Example42 monitor and relevant monitor tools modules

      class { 'openvpn':
        monitor      => true,
        monitor_tool => [ 'nagios' , 'monit' , 'munin' ],
  • Activate automatic firewalling. This option requires the usage of Example42 firewall and relevant firewall tools modules

      class { 'openvpn':       
        firewall      => true,
        firewall_tool => 'iptables',
        firewall_src  => '',
        firewall_dst  => $ipaddress_eth0,

Build Status