From 207c82e834d1cfd33a6a3c80dea0f7f684d800e0 Mon Sep 17 00:00:00 2001 From: Martin Schuette Date: Sun, 22 Jun 2014 22:41:53 +0200 Subject: [PATCH] vpn: fix cert/username params and conditions --- manifests/init.pp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 02c3350..3105fa9 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,11 +3,12 @@ class ff_gw( $ff_mesh_net, $ff_as, $mesh_mac, - $gw_ipv4, $gw_ipv4_netmask = '255.255.192.0', + $gw_ipv4, $gw_ipv4_netmask = '255.255.192.0', $gw_ipv6, $gw_ipv6_prefixlen = '64', $secret_key, # for fastd $vpn_provider = 'mullvad', # supported: mullvad or hideme - $vpn_ca_crt, $vpn_usr_crt, $vpn_usr_key, # openvpn x.509 credentials + $vpn_ca_crt = false, # openvpn CA cert to verify server + $vpn_usr_crt = false, $vpn_usr_key = false, # openvpn x.509 credentials $vpn_usr_name = false, # openvpn user for auth-user-pass $vpn_usr_pass = false, # openvpn password for auth-user-pass $dhcprange_start, $dhcprange_end, @@ -410,7 +411,7 @@ class ff_gw::vpn($provider, $ca_crt, $usr_crt, $usr_key, $usr_name, $usr_pass, $ # TODO: maybe we should check that provider and auth methods match # atm we trust the caller to give the right combination - if str2bool($usr_name) { + if $usr_name { # hideme config with user/pass file file { "/etc/openvpn/${provider}/auth.txt": @@ -418,7 +419,7 @@ class ff_gw::vpn($provider, $ca_crt, $usr_crt, $usr_key, $usr_name, $usr_pass, $ mode => '0600', content => "$usr_name\n$usr_pass\n"; } - } else { + } elsif $usr_crt { # mullvad config with x.509 file { "/etc/openvpn/${provider}/client.crt":