jgitlin-p21
commented
3 years ago I'm about to start on a PR for this issue, because I need the change for myself. Will update issue with PR when ready!
Open jgitlin-p21 opened 3 years ago
jgitlin-p21
commented
3 years ago I'm about to start on a PR for this issue, because I need the change for myself. Will update issue with PR when ready!
jgitlin-p21
commented
3 years ago I almost have my code ready for a PR. Thanks to help in #sous-chefs I realized that the "allow me to specify other options, like static-challenge" portion of my request is actually possible, using a node attribute I didn't realize how to use. So I'll address that portion with a README update.
I hope to submit a PR within the next few days
🙍♂️ Problem Statement
When supplying server options like
cipher, andauth, the client config does not get the same options leading to warnings in the OpenVPN log. Also, there's no way to configure clients with options likestatic-challengewithout using push options. Some options, like compression, conflict because the client template hascomp-lzohard coded.This could arguably be a bug report too 🤷
Example openVPN warnings:
:grey_question: Possible Solution
I would like
templates/client.conf.erbto allowcomp-lzo,cipher,auth,keysizeand others to be configurable using variables (ideally matching the same as the node attributes from the server side, if set) and allow me to specify other options, likestatic-challenge:arrow_heading_up: Describe alternatives you've considered
I have considered simply generating my own client configs using template resources in my wrapper cookbooks, but submitting a PR upstream seems like a more sensible approach
:heavy_plus_sign: Additional context
N/A