Forge Home

gvpe

GNU-VPE module for puppet to pnp vpn network

10,307 downloads

9,324 latest version

4.5 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.2 (latest)
  • 0.1.1
  • 0.1.0
released Mar 27th 2015
This version is compatible with:

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'guimaluf-gvpe', '0.1.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add guimaluf-gvpe
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install guimaluf-gvpe --version 0.1.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

guimaluf/gvpe — version 0.1.2 Mar 27th 2015

gvpe

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with gvpe
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module

Overview

The gvpe module enables you to install, configure and run a point-to-point VPN.

Module Description

GVPE is a suite designed to provide a virtual private network for multiple nodes over an untrusted network.

This module will setup a GNU Virtual Private Ethernet across multiple nodes in a point-to-point fashion; it will install gvpe, share public keys and configure all nodes.

Setup

What gvpe does

  • add ppa:guimaluf/gvpe repository (Ubuntu 12.04 only)
  • install gvpe and gvpectrl binaries
  • setup configuration files for gvpe
  • generate rsa key pair
  • export and collect nodes configuration and public key
  • ensure service is running(no init/upstart/systemd scripts)

Setup Requirements

  • pluginsync
  • storeconfigs (puppetdb)

Beginning with gvpe

Usage

include gvpe

Changing the VPN Network

By default VPN network address is 10.0.0.0/8 and VPN IP address is built from $::ipaddress variable using the last three octets. This is done in order to have a single fixed VPN IP address to each node.

vpn_network => '10.0.0.0/8',
vpn_ip      => regsubst(
    $::ipaddress,
    '^([0-9]+)[.]([0-9]+)[.]([0-9]+)[.]([0-9]+)$',
    '10.\2.\3.\4'
    )

If you want to change VPN network address, change vpn_network a vpn_ip

class { 'gvpe::config':
  vpn_network => '172.16.0.0/12',
  vpn_ip      => regsubst(
      $::ipaddress,
      '^([0-9]+)[.]([0-9]+)[.]([0-9]+)[.]([0-9]+)$',
      '172.16.\3.\4'
      )
}
include gvpe

vpn_ip in the example above is using the two last octets(\3.\4) of $::ipaddress

IMPORTANT

First time run it's necessary to execute puppet agent -t twice in order to generate rsa key pairs and propagate them, cause RSA public key is retrieved by gvpe_pubkey fact.

Reference

gvpe will include gvpe::install class and gvpe::node resource, which includes gvpe::config and gvpe::service classes.

Limitations

This module it's mainly focused on Ubuntu 12.04.

First time run it's necessary to execute puppet agent -t two times.

Development

This is my first module, so any suggestion or problem, please fell free to report or let me know.