diff options
| author | Julien Dessaux | 2018-03-15 12:57:15 +0100 |
|---|---|---|
| committer | Julien Dessaux | 2018-03-15 18:11:22 +0100 |
| commit | f6e0c851b219885e1e829514f214510a31e19a52 (patch) | |
| tree | c02b35fc864c0fbdf276d364eb448255a5a04240 /templates/openvpn/tunnel.conf.cftpl | |
| parent | Fixed update.cf problem no copying all template files (diff) | |
| download | masterfiles-f6e0c851b219885e1e829514f214510a31e19a52.tar.gz masterfiles-f6e0c851b219885e1e829514f214510a31e19a52.tar.bz2 masterfiles-f6e0c851b219885e1e829514f214510a31e19a52.zip | |
Added openvpn management policy
Diffstat (limited to '')
| -rw-r--r-- | templates/openvpn/tunnel.conf.cftpl | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/templates/openvpn/tunnel.conf.cftpl b/templates/openvpn/tunnel.conf.cftpl new file mode 100644 index 0000000..8c718f1 --- /dev/null +++ b/templates/openvpn/tunnel.conf.cftpl @@ -0,0 +1,28 @@ +[%CFEngine BEGIN %] +proto udp +port $(g.host_data[tunnels][$(openvpn_tunnel.tunnel)][port]) +dev-type tun +dev tun_$(openvpn_tunnel.tunnel) +comp-lzo +script-security 2 + +ping 10 +ping-restart 20 +ping-timer-rem +persist-tun +persist-key + +cipher AES-128-CBC + +secret /etc/openvpn/common.key +ifconfig $(g.host_data[tunnels][$(openvpn_tunnel.tunnel)][ip]) $(g.host_data[tunnels][$(openvpn_tunnel.tunnel)][peer]) + +user nobody +[%CFEngine centos:: %] +group nobody +[%CFEngine ubuntu:: %] +group nogroup + +[%CFEngine has_remote:: %] +remote $(g.host_data[tunnels][$(openvpn_tunnel.tunnel)][remote_host]) $(g.host_data[tunnels][$(openvpn_tunnel.tunnel)][remote_port]) +[%CFEngine END %] |