puppet-openvpn

puppet-openvpn copied to clipboard

openvpn-auth-ldap.so plugin not being loaded in CentOS 7

1

I am deploying an openvpn server on CentOS 7, and openvpn fails to start due to an invalid config. I've traced it to this line (https://github.com/voxpupuli/puppet-openvpn/blob/master/manifests/params.pp#L33) unsetting the lib file....

kindred

Client specific configs with extca enabled

1

`clinet_specific_config` type requires `openvpn::client` which fails when server has `extca_enabled => true`. It would be great if we can remove/workaround that dependency and use `clinet_specific_config` type with extca enabled.

spacedog

## Affected Puppet, Ruby, OS and module versions/distributions - Puppet: 4.10.8 - Ruby: 2.0.0p648 - Distribution: Red Hat 7.4 - Module version: 7.1.0 ## How to reproduce (e.g Puppet code...

barrypitman

Adding tls-version-min

3

Hey there, I am a longtime user of this module. But I've used quiet an old version so I did an upgrade, as so much was added / changed. Most...

peterbeck

Server as client (remote => []) doesn't work

3

Hello, The generated configuration for openvpn has (at least) one error when we activate only the "remote" option for `openvpn::server`: ``` Nov 20 14:31:34 ip-192-168-4-8.sandbox.internal puppet-agent[30586]: Nov 20 14:31:34 ip-192-168-4-8.sandbox.internal...

cjeanneret

key direction should be specified in client config

2

When I specify `tls_auth` in the client config, the key-direction isn't put in the client config. ```puppet openvpn::client { 'myclient': server => 'myserver', remote_host => '192.168.0.1', port => '443', proto...

merlijn-sebrechts

Wrong pam_module_path on Centos 7 x64

1

module puppet-openvpn version is 4.0.1 ``` cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) puppet --version 4.10.1 locate openvpn-plugin-auth-pam.so /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so ``` Seems that $pam_module_path is set to `/usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so` for Redhat families....

dupgit

README: update server as client howto ?

2

Hi Luxflux, this is not a "real" issue, just a suggestion for the readme.... Maybe I'm missing something, but if I configure a server as a client exactly as shown...

peterbeck

topology net30 should be set to something else as it's deprecated. I realize it's still defaulted if nothing else is used but it's also suggested that it shouldn't be used....

downspot

Add support for auth-user-pass-verify

1

For those who wish to use custom scripts for user authentication instead of PAM it would be useful to be able to specify "auth-user-pass-verify" in the server config.

ae-dg