Forge Home

strongswan

StrongSwan Module

9,785 downloads

9,785 latest version

2.9 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.0 (latest)
released Apr 29th 2014

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'echoes-strongswan', '0.1.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add echoes-strongswan
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install echoes-strongswan --version 0.1.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

echoes/strongswan — version 0.1.0 Apr 29th 2014

####Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with strongswan
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - How to contribute to the module

##Overview

This module installs and configures a IPsec connection with pre-shared pass.

##Module Description

This module handles StrongSwan installation, configuration and services on Debian Systems.

##Setup

###What strongswan affects

  • strongswan configuration file :
    • /etc/ipsec.conf: IPsec configuration file.
    • /etc/ipsec.secret: Pre-shared pass.
  • strongswan service
  • strongswan package

###Beginning with strongswan

Each node just needs this minimal declaration :

    class { 'strongswan' :
      remote_public_ip        => <public_IP_of_remote_VPN_server>,
      host_public_ip          => <public_IP_of_local_server>,
      remote_private_network  => <private_network_address_of_remote_VPN_server>,
      host_private_network    => <private_network_address_of_local_server>,
      pass                    => <your_pass>
    }

##Reference

####remote_public_ip Public address of the remote vpn server Default : undef

####host_public_ip Public address of the local vpn server Default : undef

####remote_private_network Private network address of the remote vpn server Netmask needed : Example : 172.16.0.0/16 Default : undef

####host_private_network Private network address of the local vpn server Netmask needed : example : 192.168.56.0/24 Default : undef

####connection_name Name of the connection Default : myconn

####package Package name to install Default : system dependent (only Debian is supported)

####pass Pre shared pass Default : pass

##Limitations

This module only supports Debian systems.

##Development

Issues can be reported on github issues tracker