paulbsd-salt/states/openvpn_server/config.sls

39 lines
1.1 KiB
Plaintext
Raw Normal View History

2021-12-29 15:45:48 +01:00
---
{%- from "openvpn_server/map.jinja" import openvpn_server with context %}
2022-12-09 23:47:57 +01:00
{%- from "openvpn_client/map.jinja" import openvpn_client with context %}
2021-12-29 15:45:48 +01:00
{%- for key, instance in openvpn_server.config.items() %}
openvpn-server-{{ key }}-config:
file.managed:
- name: /etc/openvpn/{{ key }}.conf
- source: salt://openvpn_server/templates/{{ key }}.conf.j2
- user: root
- group: root
- mode: 0600
- template: jinja
- context:
2023-01-20 13:23:56 +01:00
ca: |
2023-02-10 13:54:48 +01:00
{{ instance.ca|indent(10) }}
2023-01-20 13:23:56 +01:00
cert: |
2023-02-10 13:54:48 +01:00
{{ instance.cert|indent(10) }}
2023-01-20 13:23:56 +01:00
key: |
2023-02-10 13:54:48 +01:00
{{ instance.key|indent(10) }}
2023-01-20 13:23:56 +01:00
dh: |
2023-02-10 13:54:48 +01:00
{{ instance.dh|indent(10) }}
2023-01-20 13:23:56 +01:00
routes: {{ instance.routes }}
config: {{ instance.config }}
tunnel: {{ instance.tunnel }}
dns: {{ instance.dns }}
2021-12-29 15:45:48 +01:00
- watch_in:
- service: openvpn-server-{{ key }}-service
2022-12-09 23:47:57 +01:00
{% for user in openvpn_client.config[key].remote_hosts -%}
openvpn-server-user-{{ user.name }}:
user.present:
- name: {{ user.name }}
- password: {{ user.password }}
- hash_password: true
- shell: /sbin/nologin
2023-12-04 22:37:49 +01:00
- createhome: False
2022-12-09 23:47:57 +01:00
{% endfor -%}
2022-12-17 18:03:46 +01:00
{%- endfor %}