Compare commits
No commits in common. "af59d8cbb1437d402d0ed91df38bd3311fddcd7e" and "a49fe71562c75c1fade557fc445c29d1036162ec" have entirely different histories.
af59d8cbb1
...
a49fe71562
|
|
@ -1,53 +0,0 @@
|
|||
#
|
||||
#
|
||||
#
|
||||
|
||||
bundle agent strongswan
|
||||
{
|
||||
vars:
|
||||
"ipsec_conf" string => "/etc/ipsec.conf";
|
||||
"ipsec_secrets" string => "/etc/ipsec.secrets";
|
||||
"service_name" string => "ipsec";
|
||||
"pkgs" slist => {
|
||||
"strongswan"
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
|
||||
bundle agent install_strongswan(cfg)
|
||||
{
|
||||
vars:
|
||||
"js" string => storejson(@(cfg));
|
||||
|
||||
methods:
|
||||
"any" usebundle => wmde_install_packages(@(strongswan.pkgs),"strongswan");
|
||||
"any" usebundle => wmde_service("$(strongswan.service_name)","strongswan_kept","strongswan_repaired"),
|
||||
depends_on => {
|
||||
"strongswan_ipsec_conf_ready",
|
||||
"strongswan_ipsec_secrets_ready"
|
||||
};
|
||||
files:
|
||||
"$(strongswan.ipsec_conf)"
|
||||
create => "true",
|
||||
template_method => "mustache",
|
||||
template_data => bundlestate("$(this.bundle)"),
|
||||
depends_on => {"strongswan_pkgs_installed"},
|
||||
handle => "strongswan_ipsec_conf_ready",
|
||||
classes => if_repaired("strongswan_repaired"),
|
||||
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/strongswan-ipsec.conf.mustache";
|
||||
|
||||
"$(strongswan.ipsec_secrets)"
|
||||
create => "true",
|
||||
template_method => "mustache",
|
||||
template_data => bundlestate("$(this.bundle)"),
|
||||
depends_on => {"strongswan_pkgs_installed"},
|
||||
handle => "strongswan_ipsec_secrets_ready",
|
||||
classes => if_repaired("strongswan_repaired"),
|
||||
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/strongswan-ipsec.secrets.mustache";
|
||||
|
||||
|
||||
|
||||
|
||||
reports:
|
||||
}
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
#
|
||||
# Mqnaged by CFEngine
|
||||
#
|
||||
{{#cfg.tunnel}}
|
||||
{{#.nets}}
|
||||
conn "{{.name}} {{.local}} {{.remote}}"
|
||||
ikelifetime={{.p1_lifetime}}
|
||||
lifetime={{.p2_lifetime}}
|
||||
leftsubnet={{.local}}
|
||||
rightsubnet={{.remote}}
|
||||
left={{.local_ip}}
|
||||
right={{.remote_ip}}
|
||||
esp={{#.p2_encryption}}{{.}}-{{/.p2_encryption}}{{#.p2_hash}}{{.}}-{{/.p2_hash}}modp2048
|
||||
ike={{.p1_encryption}}-{{.p1_hash}}-modp2048
|
||||
auto=route
|
||||
authby=secret
|
||||
keyexchange=ikev1
|
||||
{{/.nets}}
|
||||
{{/cfg.tunnel}}
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
#
|
||||
# Managed by CFEngine
|
||||
#
|
||||
{{#.cfg.tunnel}}
|
||||
{{remote_ip}} : PSK "{{psk}}"
|
||||
{{/.cfg.tunnel}}
|
||||
Loading…
Reference in New Issue