Skip to content

Commit

Permalink
Merge pull request #327 from jkroepke/tcp6
Browse files Browse the repository at this point in the history 
Allow 4 and 6 suffix inside proto to limit ip4 or ip6 connection only.
  • Loading branch information
@ghoneycutt
ghoneycutt authored Feb 3, 2019
2 parents 6c3e2ce + 05962e5 commit d6b7ad0
Show file tree
Hide file tree
Showing 3 changed files with 77 additions and 2 deletions.
2 changes: 1 addition & 1 deletion manifests/server.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@
Variant[Boolean, String] $logfile = false,
String $port = '1194',
Optional[String] $portshare = undef,
Enum['tcp', 'udp'] $proto = 'tcp',
Enum['tcp', 'tcp4', 'tcp6', 'udp', 'udp4', 'udp6'] $proto = 'tcp',
Enum['1', '2', '3', ''] $status_version = '',
String $status_log = "/var/log/openvpn/${name}-status.log",
String $server = '',
Expand Down
75 changes: 75 additions & 0 deletions spec/defines/openvpn_server_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,81 @@
it { is_expected.to contain_file('/etc/openvpn/test_server.conf').with_content(%r{^rcvbuf\s+393215$}) }
end

context 'when using udp4' do
let(:params) do
{
'country' => 'CO',
'province' => 'ST',
'city' => 'Some City',
'organization' => 'example.org',
'email' => '[email protected]',
'proto' => 'udp4'
}
end

it { is_expected.to contain_file('/etc/openvpn/test_server.conf').with_content(%r{^proto\s+udp4$}) }
end

context 'when using udp6' do
let(:params) do
{
'country' => 'CO',
'province' => 'ST',
'city' => 'Some City',
'organization' => 'example.org',
'email' => '[email protected]',
'proto' => 'udp6'
}
end

it { is_expected.to contain_file('/etc/openvpn/test_server.conf').with_content(%r{^proto\s+udp6$}) }
end

context 'when using tcp4' do
let(:params) do
{
'country' => 'CO',
'province' => 'ST',
'city' => 'Some City',
'organization' => 'example.org',
'email' => '[email protected]',
'proto' => 'tcp4'
}
end

it { is_expected.to contain_file('/etc/openvpn/test_server.conf').with_content(%r{^proto\s+tcp4-server$}) }
end

context 'when using tcp6' do
let(:params) do
{
'country' => 'CO',
'province' => 'ST',
'city' => 'Some City',
'organization' => 'example.org',
'email' => '[email protected]',
'proto' => 'tcp6'
}
end

it { is_expected.to contain_file('/etc/openvpn/test_server.conf').with_content(%r{^proto\s+tcp6-server$}) }
end

context 'when using invalid value for proto' do
let(:params) do
{
'country' => 'CO',
'province' => 'ST',
'city' => 'Some City',
'organization' => 'example.org',
'email' => '[email protected]',
'proto' => 'tcp5'
}
end

it { expect { is_expected.to contain_file('/etc/openvpn/test_server') }.to raise_error(Puppet::PreformattedError) }
end

context 'creating a server in client mode' do
let(:title) { 'test_client' }
let(:nobind) { false }
Expand Down
2 changes: 1 addition & 1 deletion templates/server.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ dh <%= @etc_directory -%>/openvpn/<%= @ca_name %>/keys/dh.pem
crl-verify <%= @etc_directory -%>/openvpn/<%= @ca_name %>/crl.pem
<% end -%>
<% end -%>
<% if @proto == 'tcp' -%>
<% if @proto.include?('tcp') -%>
proto <%= @proto %>-server
<% else -%>
proto <%= @proto %>
Expand Down

0 comments on commit d6b7ad0

Please sign in to comment.