openswan
Version information
Start using this module
Add this module to your Puppetfile:
mod 'rogierslag-openswan', '0.1.0'Learn more about managing modules with a PuppetfileDocumentation
openswan
Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with openswan
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Overview
This module allows for an easy VPN server configuration. This is especially useful for mobile devices, it works out-of-the-box with iOS and OSX.
Module Description
The module installs a server, which you can also configure through the module. Furthermore, users can be added directly with their respective passwords.
Setup
What openswan affects
- OpenSWAN
- Sysctl
- Iptables
- ppp
Beginning with openswan
Just install the module and call it, just set the IP and gateway of your server and define a secret. Next you can use the users class to add any user to the system
Usage
class { 'openswan': ip => $::ipaddress_eth0, gateway => '111.222.33.44', secret => 'somerandomstring', range => 100, block => 2 }
This creates an openswan server on the IP of eth0 with the specified gatewy (since facter cannot determine the gateway, you will have to provide it yourself).
Additionally a random string is defined.
The block and range combination yield the VPN ip's to be in the range of 192.168.100.1-192.168.100.250.
If you'd like to use the 10.x.x.x range, provide block => 1 instead.
This will yield an VPN ip range o f10.100.100.1-10.100.100.250.
Fair word of warning: the range you specify here should not be in use on any of the NAT layers you may be connecting through, or the VPN cannot be built!
Hence if your internal home network uses 192.168.178.x, you cannot use this range.
Because of this reason, the module defaults to the 10.112.112.1-10.112.112.250 range (I have not seen this one in use so decided it was a safe bet).
Development
In case you have any suggestions or problems, please create an issue directly on Github. https://github.com/rogierslag/rogierslag-openswan/issues
Dependencies
The MIT License (MIT) Copyright (c) 2014 rogierslag Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.