Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

decoupled openvpn-ldap-auth package from additional packages. #247

Closed
wants to merge 58 commits into from
Closed

decoupled openvpn-ldap-auth package from additional packages. #247

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
131ff16
Turned up options for encryption
mcrmonkey Oct 8, 2017
7edc281
Added openvpn-auth-ldap package for Redhat/Centos 7
Nov 10, 2017
958edd0
fixed space in package definition
Nov 10, 2017
a2b8ca5
Moved openldap auth plugin package in own "ldap_auth_plugin_package" …
Nov 12, 2017
2861df1
Added ldap_auth_plugin_package as a parameter to the server class
Nov 12, 2017
90f8bc3
modulesync 1.4.1
bastelfreak Nov 12, 2017
e7965d5
changed array to string
Nov 13, 2017
81f3bdf
applied to other os versions
Nov 13, 2017
b253943
Merge pull request #248 from voxpupuli/modulesync
bastelfreak Nov 13, 2017
115526b
release 5.0.0
bastelfreak Nov 13, 2017
55cddc1
Merge pull request #249 from bastelfreak/rel500
llowder Nov 13, 2017
88cce19
[blacksmith] Bump version to 5.0.1-rc0
bastelfreak Nov 13, 2017
aa43843
modulesync 1.5.0
bastelfreak Nov 16, 2017
f57b1f1
Merge pull request #250 from voxpupuli/modulesync
bastelfreak Nov 17, 2017
e115f23
Added reasoning behind encryption choices
mcrmonkey Nov 17, 2017
9a1ab7d
Merge pull request #223 from mcrmonkey/master
bastelfreak Nov 17, 2017
75353a3
purge trailing whitespace
bastelfreak Nov 20, 2017
131fa6e
replace validate_* with datatypes in init.pp
bastelfreak Nov 20, 2017
db8a1bf
Corrected test that adds the Openvpn::Ca as prerequisite to Service
Nov 20, 2017
2217592
Merge pull request #251 from bastelfreak/puppet4
bastelfreak Nov 20, 2017
d52f545
updated unit test for openvpn::server
Nov 20, 2017
d8ed6a8
Merge pull request #253 from cjeanneret/correct-252
bastelfreak Nov 20, 2017
9b711d5
release 6.0.0
bastelfreak Nov 20, 2017
eace060
Merge pull request #254 from bastelfreak/rel600
bastelfreak Nov 21, 2017
abbd32b
[blacksmith] Bump version to 6.0.1-rc0
bastelfreak Nov 21, 2017
7547553
modulesync 1.6.0
bastelfreak Jan 4, 2018
42a5770
Merge pull request #257 from voxpupuli/modulesync
bastelfreak Jan 4, 2018
45aa029
add datatypes to all params
to-kn Jan 4, 2018
0537b0c
fix wrong type for $expire
to-kn Jan 5, 2018
43cf1b1
Merge pull request #259 from to-kn/feat_datatypes
bastelfreak Jan 5, 2018
c7759f3
update crl if validity is less than 1 week
to-kn Apr 21, 2017
bddfaef
Merge pull request #256 from to-kn/add_crl_renewal
bastelfreak Jan 5, 2018
3e8ab63
release 7.0.0
bastelfreak Jan 5, 2018
e991fb9
Merge pull request #260 from bastelfreak/rel700
bastelfreak Jan 6, 2018
13f5ddd
[blacksmith] Bump version to 7.0.1-rc0
bastelfreak Jan 6, 2018
d0fd9f3
add openvpn::deploy::(export/client)
to-kn Apr 21, 2017
ff5cd1d
test if that fixes travis in ruby 2.1.9
to-kn Jan 7, 2018
e1e063c
test if that fixes travis in ruby 2.1.9
to-kn Jan 8, 2018
9f3eb23
change name of fact to "openvpn"
to-kn Jan 10, 2018
085eb26
add short example to documentation
to-kn Jan 10, 2018
652f33a
Merge pull request #261 from to-kn/feat_deploy
bastelfreak Jan 11, 2018
e77dad3
release 7.1.0
bastelfreak Jan 11, 2018
9d3569a
Merge pull request #262 from bastelfreak/rel710
dhollinger Jan 11, 2018
271683a
[blacksmith] Bump version to 7.1.1-rc0
bastelfreak Jan 11, 2018
0fda65e
Added openvpn-auth-ldap package for Redhat/Centos 7
Nov 10, 2017
d595d2d
fixed space in package definition
Nov 10, 2017
224dab1
Moved openldap auth plugin package in own "ldap_auth_plugin_package" …
Nov 12, 2017
79c2eea
changed array to string
Nov 13, 2017
47dc7c8
applied to other os versions
Nov 13, 2017
e45abb3
Merge remote-tracking branch 'origin/master'
metallaw Jan 21, 2018
a5c50af
readded $ldap_auth_plugin_package as param
metallaw Jan 21, 2018
7451c63
Allow to define remote-cert-tls
jkroepke Mar 6, 2018
0d80e1a
Added some spec tests
jkroepke Mar 6, 2018
2f26544
Fixed lint issues
jkroepke Mar 6, 2018
f35ff82
modulesync 1.8.0
bastelfreak Mar 6, 2018
64072b7
Bug Fix: Ensure cipher and tls_cipher can be disabled entirely
jcarr-sailthru Mar 13, 2018
fe4c95d
release 7.2.0
bastelfreak Mar 6, 2018
30fbaf5
[blacksmith] Bump version to 7.2.1-rc0
bastelfreak Mar 17, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 12 additions & 6 deletions manifests/params.pp
View file
Open in desktop
Expand Up @@ -29,11 +29,13 @@
# Redhat/Centos >= 7.0
if(versioncmp($::operatingsystemrelease, '7.0') >= 0) and $::operatingsystem != 'Amazon' {
$additional_packages = ['easy-rsa']
$ldap_auth_plugin_location = undef
$ldap_auth_plugin_package = 'openvpn-auth-ldap'
$ldap_auth_plugin_location = '/usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so'
$systemd = true
# Redhat/Centos == 6.0
} elsif(versioncmp($::operatingsystemrelease, '6.0') >= 0) and $::operatingsystem != 'Amazon' {
$additional_packages = ['easy-rsa','openvpn-auth-ldap']
$additional_packages = ['easy-rsa']
$ldap_auth_plugin_package = 'openvpn-auth-ldap'
$ldap_auth_plugin_location = '/usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so'
$systemd = false
# Redhat/Centos < 6.0
Expand All @@ -54,15 +56,17 @@
'Debian': {
# Version > 8.0, jessie
if(versioncmp($::operatingsystemrelease, '8.0') >= 0) {
$additional_packages = ['easy-rsa','openvpn-auth-ldap']
$additional_packages = ['easy-rsa']
$ldap_auth_plugin_package = 'openvpn-auth-ldap'
$easyrsa_source = '/usr/share/easy-rsa/'
$ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so'
$pam_module_path = '/usr/lib/openvpn/openvpn-plugin-auth-pam.so'
$systemd = true

# Version > 7.0, wheezy
} elsif(versioncmp($::operatingsystemrelease, '7.0') >= 0) {
$additional_packages = ['openvpn-auth-ldap']
$additional_packages = undef
$ldap_auth_plugin_package = 'openvpn-auth-ldap'
$easyrsa_source = '/usr/share/doc/openvpn/examples/easy-rsa/2.0'
$ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so'
$pam_module_path = '/usr/lib/openvpn/openvpn-auth-pam.so'
Expand All @@ -78,15 +82,17 @@
'Ubuntu': {
# Version > 15.04, vivid
if(versioncmp($::operatingsystemrelease, '15.04') >= 0){
$additional_packages = ['easy-rsa','openvpn-auth-ldap']
$additional_packages = ['easy-rsa']
$ldap_auth_plugin_package = 'openvpn-auth-ldap'
$easyrsa_source = '/usr/share/easy-rsa/'
$ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so'
$pam_module_path = '/usr/lib/openvpn/openvpn-plugin-auth-pam.so'
$systemd = true

# Version > 13.10, saucy
} elsif(versioncmp($::operatingsystemrelease, '13.10') >= 0) {
$additional_packages = ['easy-rsa','openvpn-auth-ldap']
$additional_packages = ['easy-rsa']
$ldap_auth_plugin_package = 'openvpn-auth-ldap'
$easyrsa_source = '/usr/share/easy-rsa/'
$ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so'
$pam_module_path = '/usr/lib/openvpn/openvpn-plugin-auth-pam.so'
Expand Down
4 changes: 4 additions & 0 deletions manifests/server.pp
View file
Open in desktop
Expand Up @@ -478,6 +478,7 @@
$ldap_tls_ca_cert_dir = '',
$ldap_tls_client_cert_file = '',
$ldap_tls_client_key_file = '',
$ldap_auth_plugin_package = '',
$ca_expire = 3650,
$key_expire = 3650,
$key_cn = '',
Expand Down Expand Up @@ -679,6 +680,9 @@
}

if $ldap_enabled == true {
package {$openvpn::params::ldap_auth_plugin_package:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you add ldap_auth_plugin_package as additional param to the server class?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, yeah sure. Thanks!

ensure => present,
}
file {
"${etc_directory}/openvpn/${name}/auth/ldap.conf":
ensure => present,
Expand Down