---
{%- from "openvpn_server/map.jinja" import openvpn_server with context %}
{%- from "openvpn_client/map.jinja" import openvpn_client with context %}
{%- for key, instance in openvpn_server.config.items() %}
openvpn-server-{{ key }}-config:
  file.managed:
    - name: /etc/openvpn/{{ key }}.conf
    - source: salt://openvpn_server/templates/{{ key }}.conf.j2
    - user: root
    - group: root
    - mode: 0600
    - template: jinja
    - context:
        ca: |
          {{ instance.ca|indent(10) }}
        cert: |
          {{ instance.cert|indent(10) }}
        key: |
          {{ instance.key|indent(10) }}
        dh: |
          {{ instance.dh|indent(10) }}
        routes: {{ instance.routes }}
        config: {{ instance.config }}
        tunnel: {{ instance.tunnel }}
        dns: {{ instance.dns }}
    - watch_in:
      - service: openvpn-server-{{ key }}-service

{% for user in openvpn_client.config[key].remote_hosts -%}
openvpn-server-user-{{ user.name }}:
  user.present:
    - name: {{ user.name }}
    - password: {{ user.password }}
    - hash_password: true
    - shell: /sbin/nologin
    - createhome: False
{% endfor -%}
{%- endfor %}