feat(auth_gen_token): support for auth-gen-token

Server config can now have auth-gen-token, which is kinda required for OTP authentications.
myii · Sep 6, 2019 · 333edd7 · 333edd7
1 parent a743093
commit 333edd7
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/openvpn/files/server.jinja b/openvpn/files/server.jinja
@@ -112,6 +112,13 @@ management {{ config.management }}
 auth-user-pass-verify {{ config.auth_user_pass_verify }}
 {%- endif %}
 
+{#- `false is number` and `true is number` both also return true... #}
+{%- if config.auth_gen_token is defined
+        and (config.auth_gen_token|int is sameas (config.auth_gen_token)
+             or config.auth_gen_token is sameas true) %}
+auth-gen-token{% if config.auth_gen_token is not sameas true %} {{ config.auth_gen_token|int }}{% endif %}
+{%- endif %}
+
 {%- if config.setenv is defined %}
 {%- for setenv in config.setenv %}
 setenv {{ setenv }}

diff --git a/pillar.example b/pillar.example
@@ -156,6 +156,9 @@ openvpn:
       verb: 3
       mute: 20
       management: 'tunnel 7505'
+      auth_gen_token: true
+      # or, a lifetime in seconds:
+      # auth_gen_token: 604800
     myserver3:
       daemon:
       port: 443