Match Client config to server config, and allow client config statements #189
Labels
Feature Request
Enhancement to existing functionality or new functionality
Comments
jgitlin-p21
added
the
Feature Request
|
I'm about to start on a PR for this issue, because I need the change for myself. Will update issue with PR when ready! |
|
I almost have my code ready for a PR. Thanks to help in #sous-chefs I realized that the "allow me to specify other options, like static-challenge" portion of my request is actually possible, using a node attribute I didn't realize how to use. So I'll address that portion with a README update. I hope to submit a PR within the next few days |
jgitlin-p21
added a commit
to jgitlin-p21/openvpn
that referenced
this issue
May 14, 2021
…fs#189) As described in issue sous-chefs#198, make settings in the client configs (E.G. `auth`, `cipher`, `compress`, etc) match their server counterparts. This eliminates warnings in the OpenVPN log about inconsistent option usage. In addition, document how the `openvpn_user` resource works, including showing how aditional configuration options can be added to client conf files (using `additional_vars` and `cookbook_user_conf`) Squashed commit of the following: commit eda83e5 Author: Josh Gitlin <[email protected]> Date: Fri May 14 12:05:37 2021 -0400 Added documentation for vpn_user resource commit 61172d8 Author: Josh Gitlin <[email protected]> Date: Thu May 13 21:48:09 2021 -0400 Make client settings match server settings commit c14d15a Author: Josh Gitlin <[email protected]> Date: Tue May 11 21:36:18 2021 -0400 Add compression to client configs Signed-off-by: Josh Gitlin <[email protected]>
jgitlin-p21
added a commit
to jgitlin-p21/openvpn
that referenced
this issue
May 14, 2021
…fs#189) As described in issue sous-chefs#198, make settings in the client configs (E.G. `auth`, `cipher`, `compress`, etc) match their server counterparts. This eliminates warnings in the OpenVPN log about inconsistent option usage. In addition, document how the `openvpn_user` resource works, including showing how aditional configuration options can be added to client conf files (using `additional_vars` and `cookbook_user_conf`) Squashed commit of the following: commit dab2949 Author: Josh Gitlin <[email protected]> Date: Fri May 14 14:33:29 2021 -0400 Cookstyle fixes commit d587ae1 Author: Josh Gitlin <[email protected]> Date: Fri May 14 14:31:33 2021 -0400 MDL fixes commit eda83e5 Author: Josh Gitlin <[email protected]> Date: Fri May 14 12:05:37 2021 -0400 Added documentation for vpn_user resource commit 61172d8 Author: Josh Gitlin <[email protected]> Date: Thu May 13 21:48:09 2021 -0400 Make client settings match server settings commit c14d15a Author: Josh Gitlin <[email protected]> Date: Tue May 11 21:36:18 2021 -0400 Add compression to client configs Signed-off-by: Josh Gitlin <[email protected]>
3 tasks
jgitlin-p21
added a commit
to jgitlin-p21/openvpn
that referenced
this issue
May 14, 2021
As described in issue sous-chefs#198, make settings in the client configs (E.G. `auth`, `cipher`, `compress`, etc) match their server counterparts. This eliminates warnings in the OpenVPN log about inconsistent option usage. In addition, document how the `openvpn_user` resource works, including showing how additional configuration options can be added to client conf files (using `additional_vars` and `cookbook_user_conf`) Squashed commit of the following: commit 91542b9 Author: Josh Gitlin <[email protected]> Date: Fri May 14 15:04:28 2021 -0400 Add changelog entry commit 858f41c Author: Josh Gitlin <[email protected]> Date: Fri May 14 15:00:21 2021 -0400 Bugfix node name commit dab2949 Author: Josh Gitlin <[email protected]> Date: Fri May 14 14:33:29 2021 -0400 Cookstyle fixes commit d587ae1 Author: Josh Gitlin <[email protected]> Date: Fri May 14 14:31:33 2021 -0400 MDL fixes commit eda83e5 Author: Josh Gitlin <[email protected]> Date: Fri May 14 12:05:37 2021 -0400 Added documentation for vpn_user resource commit 61172d8 Author: Josh Gitlin <[email protected]> Date: Thu May 13 21:48:09 2021 -0400 Make client settings match server settings commit c14d15a Author: Josh Gitlin <[email protected]> Date: Tue May 11 21:36:18 2021 -0400 Add compression to client configs Signed-off-by: Josh Gitlin <[email protected]>
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
🙍♂️ Problem Statement
When supplying server options like
cipher, andauth, the client config does not get the same options leading to warnings in the OpenVPN log. Also, there's no way to configure clients with options likestatic-challengewithout using push options. Some options, like compression, conflict because the client template hascomp-lzohard coded.This could arguably be a bug report too 🤷
Example openVPN warnings:
❔ Possible Solution
I would like
templates/client.conf.erbto allowcomp-lzo,cipher,auth,keysizeand others to be configurable using variables (ideally matching the same as the node attributes from the server side, if set) and allow me to specify other options, likestatic-challengeI have considered simply generating my own client configs using template resources in my wrapper cookbooks, but submitting a PR upstream seems like a more sensible approach
➕ Additional context
N/A
The text was updated successfully, but these errors were encountered: