Pull Request (PR) description
Fix of deprecation warning:
Warning: The source_permissions parameter is deprecated. Explicitly set owner, group, and mode.
(file: .../manifests/ca.pp, line: 127)
This Pull Request (PR) fixes the following issues
Replaced:
source_permissions => 'use',
With:
owner => 'root',
mode => '0755',
This is tested on puppet-agent 5.5.7-1 on Ubuntu Xenial, puppetserver 5.3.6-1 Ubuntu Xenial.
See documentation for proto:
–proto p
Use protocol p for communicating with remote host. p can be udp, tcp-client, or tcp-server.The default protocol is udp when –proto is not specified.
This might be wron implemented as there is also a proto field for the
remote argument:
–remote host [port] [proto]
Remote host name or IP address. On the client, multiple –remote options may be specified for redundancy, each referring to a different OpenVPN server. Specifying multiple –remote options for this purpose is a special case of the more general connection-profile feature. See the documentation below.The OpenVPN client will try to connect to a server at host:port in the order specified by the list of –remote options.
proto indicates the protocol to use when connecting with the remote, and may be “tcp” or “udp”.
For forcing IPv4 or IPv6 connection suffix tcp or udp with 4/6 like udp4/udp6/tcp4/tcp6.
<!--
Thank you for contributing to this project!
-->
Pull Request (PR) description
<!--
Replace this comment with a description of your pull request.
-->
This Pull Request (PR) fixes the following issues
<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->
Pull Request (PR) description
If using crlautorenew and the crl is recreated, the service has to be reloaded,
otherwise clients can't connect if crl is getting verified. (seen on centos7)
This Pull Request (PR) fixes the following issues
no issue created, but i can if it helps
Pull Request (PR) description
When configuring IPv6 routes, I noticed that I can add client-specific routes for IPv4, but not for IPv6.
This PR resolves this.
This Pull Request (PR) fixes the following issues
no issue created.
Fixes #211
Should manage the service for openvpn client service correctly. Service restart on configuration changes does not work due to dependency cycles I wasn't able to solve.
Only tested on Amazon linux (like RedHat 7).
Pull Request (PR) description
RHEL 9 has the same layout as RHEL 8
This PR also serves to identify failing tests
Pull Request (PR) description
This pull request addresses 3 problems:
1. Since easy-rsa version 3.0.3 the name of the easy-rsa configuration file did change from "openssl-1.0.cnf" to "openssl-easyrsa.cnf"
The following is a link to the corresponding commit:
https://github.com/OpenVPN/easy-rsa/commit/e8cd6c980742bb86c34286e655346778275cc36d.
To tackle that problem I would like to introduce easy-rsa version ranges and change the file name if a version above 3.0.3 is used.
2. I did also run into a problem with the "./easy-rsa build-server-full" command which opened an input prompt, which could be suppressed using the "--batch" option
3. The whole openssl output with text gets copied to the client configuration file. I've added a exec resource which runs the "openssl" command with the "-noout" option to suppress the unnecessary text output.
Pull Request (PR) description
When puppet-openvpn runs ./easyrsa gen-crl, it fails with:
```
Found: /opt/local/etc/easyrsa/vars
Found: /opt/local/etc/openvpn/someName/easy-rsa/vars
Easy-RSA error:
Conflicting 'vars' files found.
Priority should be given to your PKI vars file:
* /opt/local/etc/openvpn/someName/easy-rsa/pki/vars
EasyRSA Version Information
Version: 3.1.4
Generated: Wed May 24 07:02:30 CDT 2023
SSL Lib: OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023)
Git Commit: a7284a1857dcd157d5f606561c86cb79c9c5091f
Source Repo: https://github.com/OpenVPN/easy-rsa
Host: 3.1.4 | nix | SunOS | /bin/bash
```
This PR sets the EASYRSA_VARS_FILE environment variable, so that easyrsa knows which vars file to use.
This Pull Request (PR) fixes the following issues
n/a
