projects / mirror / dsa-puppet.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 254e83e) | patch
Move the single ipsec tunnel we have to my new system.
authorPeter Palfrader <peter@palfrader.org>
Fri, 30 Aug 2019 10:10:15 +0000 (12:10 +0200)
committerPeter Palfrader <peter@palfrader.org>
Fri, 30 Aug 2019 10:14:27 +0000 (12:14 +0200)
commitdd128c4ffc861f6c3bb480f6098fb46014fc12cf
treef77652117a5786f6519ac6fc3c7bdbf6a47f5f50tree | snapshot
parent254e83ede9b801423a9d6459d459e5f0865332bbcommit | diff
Move the single ipsec tunnel we have to my new system.

There are named ipsec "networks".  And any host that is in a named
network will set up ipsec to all the other hosts on that network.

A host can be on more than one network at a time.

Currently we only have the fasolo-storace tunnel, though.  It is
configured in modules/profile/manifests/ipsec/fasolo_storace.pp.
hieradata/nodes/fasolo.debian.org.yaml [new file with mode: 0644] blob
hieradata/nodes/storace.debian.org.yaml [new file with mode: 0644] blob
modules/ipsec/manifests/init.pp diff | blob | history
modules/ipsec/manifests/init.pp.orig [new file with mode: 0644] blob
modules/ipsec/manifests/network.pp [new file with mode: 0644] blob
modules/ipsec/manifests/peer.pp [new file with mode: 0644] blob
modules/ipsec/templates/ferm.erb [deleted file] blob | history
modules/ipsec/templates/ipsec.conf-10-puppet-peers.conf.erb [deleted file] blob | history
modules/ipsec/templates/ipsec.secrets-10-puppet-peers.secrets.erb [deleted file] blob | history
modules/ipsec/templates/strongswan-charon-logging.conf [new file with mode: 0644] blob
modules/profile/manifests/ipsec/fasolo_storace.pp [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.