Forge Home

openvpn

OpenVPN server puppet module

1,408,357 downloads

60,364 latest version

4.1 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 4.0.1 (latest)
  • 4.0.0
  • 3.1.0
  • 3.0.0
  • 2.9.0
  • 2.8.0
  • 2.7.1
  • 2.7.0
  • 2.6.0
  • 2.5.0
  • 2.4.0
  • 2.3.0
  • 2.2.1
  • 2.2.0
  • 2.1.0
  • 2.0.1
  • 2.0.0
  • 1.0.2
  • 1.0.1
  • 0.1.0
released Feb 3rd 2015
This module has been deprecated by its author since May 4th 2018.

The author has suggested puppet-openvpn as its replacement.

Start using this module

Tags: vpn, openvpn

Documentation

luxflux/openvpn — version 2.7.0 Feb 3rd 2015

OpenVPN Puppet module Build Status

Puppet module to manage OpenVPN servers

Features

  • Client-specific rules and access policies
  • Generated client configurations and SSL-Certificates
  • Downloadable client configurations and SSL-Certificates for easy client configuration
  • Support for multiple server instances
  • Support for LDAP-Authentication
  • Support for server instance in client mode
  • Support for TLS

Supported OS

  • Ubuntu
  • Debian
  • CentOS
  • RedHat

Dependencies

Example

  # add a server instance
  openvpn::server { 'winterthur':
    country      => 'CH',
    province     => 'ZH',
    city         => 'Winterthur',
    organization => 'example.org',
    email        => 'root@example.org',
    server       => '10.200.200.0 255.255.255.0',
  }

  # define clients
  openvpn::client { 'client1':
    server => 'winterthur',
  }
  openvpn::client { 'client2':
    server   => 'winterthur',
  }

  openvpn::client_specific_config { 'client1':
    server => 'winterthur',
    ifconfig => '10.200.200.50 10.200.200.51',
  }

  # a revoked client
  openvpn::client { 'client3':
    server => 'winterthur',
  }
  openvpn::revoke { 'client3':
    server => 'winterthur',
  }

  # a server in client mode
  file {
    '/etc/openvpn/zurich/keys/ca.crt':
      source => 'puppet:///path/to/ca.crt';
    '/etc/openvpn/zurich/keys/zurich.crt':
      source => 'puppet:///path/to/zurich.crt';
    '/etc/openvpn/zurich/keys/zurich.key':
      source => 'puppet:///path/to/zurich.key';
  }
  openvpn::server { 'zurich':
    remote  => [ 'mgmtnet3.nine.ch 1197', 'mgmtnet2.nine.ch 1197' ],
    require => [ File['/etc/openvpn/zurich/keys/ca.crt'],
                 File['/etc/openvpn/zurich/keys/zurich.crt'],
                 File['/etc/openvpn/zurich/keys/zurich.key'] ];

  }

Don't forget the sysctl directive net.ipv4.ip_forward!

Contributions

Pull requests are very welcome. Join these fine folks who already helped to get this far with this module.

To help guaranteeing the stability of the module, please make sure to add tests to your pull request.