Forge Home

openvpn

Puppet powered OpenVPN

Zach Leslie

zleslie

16,048 downloads

1,660 latest version

4.3 quality score

Version information

  • 2.1.1 (latest)
  • 2.1.0
  • 2.0.3
  • 2.0.2
  • 1.1.5
  • 1.1.4
  • 1.1.3
  • 1.1.2
  • 1.1.1
  • 1.1.0
  • 1.0.0
  • 0.0.2 (deleted)
  • 0.0.1 (deleted)
released Feb 5th 2020
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet 4.x
  • FreeBSD
    ,
    OpenBSD
    ,
    Ubuntu
    ,
    Debian
    ,
    CentOS

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this declaration to your Puppetfile:

mod 'zleslie-openvpn', '2.1.1'
Learn more about managing modules with a Puppetfile

Add this module to a Bolt project:

bolt module add zleslie-openvpn
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install zleslie-openvpn --version 2.1.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

zleslie/openvpn — version 2.1.1 Feb 5th 2020

OpenVPN

Puppet Forge Build Status

A Puppet module to manage the OpenVPN client and server.

Supported Platforms

  • CentOS
  • Debian
  • FreeBSD
  • OpenBSD
  • Ubuntu

Usage

Server Setup

The configuration for the OpenVPN server can be accomplished using the openvpn::server class.

class { "openvpn::server":
  server => "10.0.0.0 255.255.255.0",
  route  => [
    "10.0.1.0 255.255.255.0",
    "10.0.2.0 255.255.255.0",
    "10.0.3.0 255.255.255.0",
    ],
  dns => '10.0.0.10',
  crl => 'mysite/crl.pem',
}

To include pushing IPv6 routes, the route_ipv6 and the server_ipv6 parameters have been added to the openvpn::server class.

class { "openvpn::server":
  server_ipv6 => "10.0.0.0 255.255.255.0",
  route_ipv6  => [
    "fc00::/64",
    ],
  dns => 'fc00::',
  crl => 'mysite/crl.pem',
}

Basic Client Setup

Clients can be configured using the openvpn::client defined type. Multiple connections can be specified if you have multiple locations to connect to.

openvpn::client { "node_${hostname}_dc1":
  server => "vpn.dc1.example.com",
  cert   => "node_${hostname}";
}

openvpn::client { "node_${hostname}_office":
  server => "vpn.office.example.com",
  cert   => "node_${hostname}";
}

Client Specific Configurations

Clients can have a more specific and static configuration. For example, if you wanted to specify the IP address a specific client should use, something like the following will work for this purpose.

openvpn::server::csc { "srv1.example.com":
  content => "ifconfig-push 10.0.0.50 10.0.0.51",
}