80 lines
2.1 KiB
CFEngine3
80 lines
2.1 KiB
CFEngine3
#
|
|
#
|
|
#
|
|
|
|
bundle agent strongswan
|
|
{
|
|
vars:
|
|
freebsd::
|
|
"pkgs" slist => {
|
|
"strongswan"
|
|
};
|
|
"ipsec_conf" string => "/usr/local/etc/ipsec.conf";
|
|
"ipsec_secrets" string => "/usr/local/etc/ipsec.secrets";
|
|
"service_name" string => "strongswan";
|
|
|
|
debian::
|
|
"pkgs" slist => {
|
|
"strongswan"
|
|
};
|
|
"ipsec_conf" string => "/etc/ipsec.conf";
|
|
"ipsec_secrets" string => "/etc/ipsec.secrets";
|
|
"service_name" string => "ipsec";
|
|
|
|
centos::
|
|
"pkgs" slist => {
|
|
"strongswan"
|
|
};
|
|
"ipsec_conf" string => "/etc/strongswan/ipsec.conf";
|
|
"ipsec_secrets" string => "/etc/strongswan/ipsec.secrets";
|
|
"service_name" string => "strongswan-starter";
|
|
|
|
|
|
}
|
|
|
|
|
|
bundle agent install_strongswan(cfg)
|
|
{
|
|
vars:
|
|
"service_deps" slist => { "strongswan_ipsec_conf_ready", "strongswan_ipsec_secrets_ready" };
|
|
freebsd::
|
|
"service_deps" slist => { "strongswan_ipsec_conf_ready", "strongswan_ipsec_secrets_ready","strongswan_bsdcfg_ready" };
|
|
|
|
|
|
methods:
|
|
"any" usebundle => install_system_repos;
|
|
"any" usebundle => wmde_install_packages(@(strongswan.pkgs),"strongswan"),
|
|
depends_on => {"system_repos_pkgs_installed"};
|
|
"any" usebundle => wmde_service("$(strongswan.service_name)","strongswan_kept","strongswan_repaired"),
|
|
depends_on => @(service_deps);
|
|
files:
|
|
"$(strongswan.ipsec_conf)"
|
|
create => "true",
|
|
template_method => "mustache",
|
|
template_data => bundlestate("$(this.bundle)"),
|
|
depends_on => {"strongswan_pkgs_installed"},
|
|
handle => "strongswan_ipsec_conf_ready",
|
|
classes => if_repaired("strongswan_repaired"),
|
|
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/strongswan-ipsec.conf.mustache";
|
|
|
|
"$(strongswan.ipsec_secrets)"
|
|
create => "true",
|
|
template_method => "mustache",
|
|
template_data => bundlestate("$(this.bundle)"),
|
|
depends_on => {"strongswan_pkgs_installed"},
|
|
handle => "strongswan_ipsec_secrets_ready",
|
|
classes => if_repaired("strongswan_repaired"),
|
|
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/strongswan-ipsec.secrets.mustache";
|
|
|
|
freebsd::
|
|
"/etc/rc.conf.d/strongswan"
|
|
create => "true",
|
|
content =>"strongswan_interface=stroke
|
|
strongswan_enable=\"YES\"
|
|
",
|
|
handle => "strongswan_bsdcfg_ready";
|
|
|
|
reports:
|
|
|
|
}
|