diff --git a/.rspec b/.rspec new file mode 100644 index 00000000..4e1e0d2f --- /dev/null +++ b/.rspec @@ -0,0 +1 @@ +--color diff --git a/CHANGELOG.md b/CHANGELOG.md index dbe019d6..18b0bd57 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,10 @@ ## Next version +* Support for systems without `lsb-release` package ([#134](https://github.com/luxflux/puppet-openvpn/pull/134)) + ## 2.7.1 + * Fix server in client mode ([#137](https://github.com/luxflux/puppet-openvpn/pull/137)) ## 2.7.0 diff --git a/manifests/params.pp b/manifests/params.pp index 0c0f7ba1..de51e2c7 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -15,14 +15,11 @@ # limitations under the License. # class openvpn::params { - - $group = $::osfamily ? { - 'RedHat' => 'nobody', - default => 'nogroup' - } - case $::osfamily { 'RedHat': { + $group = 'nobody' + $link_openssl_cnf = true + # Redhat/Centos >= 7.0 if(versioncmp($::operatingsystemrelease, '7.0') >= 0) { $additional_packages = ['easy-rsa'] @@ -49,16 +46,19 @@ $ldap_auth_plugin_location = undef # no ldap plugin on redhat/centos } 'Debian': { # Debian/Ubuntu - case $::lsbdistid { + $group = 'nogroup' + $link_openssl_cnf = true + + case $::operatingsystem { 'Debian': { - # Version > 8.0.0, jessie - if(versioncmp($::lsbdistrelease, '8.0.0') >= 0) { + # Version > 8.0, jessie + if(versioncmp($::operatingsystemrelease, '8.0') >= 0) { $additional_packages = ['easy-rsa', 'openvpn-auth-ldap'] $easyrsa_source = '/usr/share/easy-rsa/' $ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so' - # Version > 7.0.0, wheezy - } elsif(versioncmp($::lsbdistrelease, '7.0.0') >= 0) { + # Version > 7.0, wheezy + } elsif(versioncmp($::operatingsystemrelease, '7.0') >= 0) { $additional_packages = ['openvpn-auth-ldap'] $easyrsa_source = '/usr/share/doc/openvpn/examples/easy-rsa/2.0' $ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so' @@ -68,7 +68,7 @@ } 'Ubuntu': { # Version > 13.10, saucy - if(versioncmp($::lsbdistrelease, '13.10') >= 0) { + if(versioncmp($::operatingsystemrelease, '13.10') >= 0) { $additional_packages = ['easy-rsa', 'openvpn-auth-ldap'] $easyrsa_source = '/usr/share/easy-rsa/' $ldap_auth_plugin_location = '/usr/lib/openvpn/openvpn-auth-ldap.so' @@ -77,20 +77,28 @@ } } default: { - fail("Not supported OS / Distribution: ${::osfamily}/${::lsbdistid}") + fail("Not supported OS / Distribution: ${::osfamily}/${::operatingsystem}") } } $systemd = false } + 'Linux': { + case $::operatingsystem { + 'Amazon': { + $group = 'nobody' + $additional_packages = ['easy-rsa'] + $easyrsa_source = '/usr/share/easy-rsa/2.0' + $systemd = false + $link_openssl_cnf = true + } + default: { + fail("Not supported OS / Distribution: ${::osfamily}/${::operatingsystem}") + } + } + } default: { fail("Not supported OS family ${::osfamily}") } } - - $link_openssl_cnf = $::osfamily ? { - /(Debian|RedHat)/ => true, - default => false - } - } diff --git a/spec/classes/openvpn_init_spec.rb b/spec/classes/openvpn_init_spec.rb index 25bc2cc3..b40842f1 100644 --- a/spec/classes/openvpn_init_spec.rb +++ b/spec/classes/openvpn_init_spec.rb @@ -5,9 +5,9 @@ context 'non-systemd systems' do let(:facts) { { :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } it { should create_class('openvpn') } @@ -16,8 +16,8 @@ context 'systemd systems' do let(:facts) { { - :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'RedHat', + :concat_basedir => '/var/lib/puppet/concat', + :osfamily => 'RedHat', :operatingsystemrelease => '7.0', } } diff --git a/spec/classes/openvpn_install_spec.rb b/spec/classes/openvpn_install_spec.rb index 84c577b7..ac77cf86 100644 --- a/spec/classes/openvpn_install_spec.rb +++ b/spec/classes/openvpn_install_spec.rb @@ -4,15 +4,15 @@ let(:osfamily) { 'Debian' } let(:operatingsystemmajrelease) { nil } let(:operatingsystemrelease) { nil } - let(:lsbdistid) { 'Ubuntu' } - let(:lsbdistrelease) { '13.10' } + let(:operatingsystem) { 'Ubuntu' } + let(:operatingsystemrelease) { '13.10' } let(:facts) do { :osfamily => osfamily, :operatingsystemmajrelease => operatingsystemmajrelease, :operatingsystemrelease => operatingsystemrelease, - :lsbdistid => lsbdistid, - :lsbdistrelease => lsbdistrelease, + :operatingsystem => operatingsystem, + :operatingsystemrelease => operatingsystemrelease, } end @@ -25,22 +25,22 @@ describe 'installed packages' do context 'debian' do let(:osfamily) { 'Debian' } - let(:lsbdistid) { 'Debian' } + let(:operatingsystem) { 'Debian' } context 'squeeze' do - let(:lsbdistrelease) { '6.5' } + let(:operatingsystemrelease) { '6.5' } it { should_not contain_package('openvpn-auth-ldap') } it { should_not contain_package('easy-rsa') } end context 'wheezy' do - let(:lsbdistrelease) { '7.4' } + let(:operatingsystemrelease) { '7.4' } it { should contain_package('openvpn-auth-ldap') } it { should_not contain_package('easy-rsa') } end context 'jessie' do - let(:lsbdistrelease) { '8.0.0' } + let(:operatingsystemrelease) { '8.0.0' } it { should contain_package('openvpn-auth-ldap') } it { should contain_package('easy-rsa') } end @@ -73,5 +73,14 @@ it { should contain_package('easy-rsa') } end end + + context 'Amazon' do + let(:osfamily) { 'Linux' } + let(:operatingsystem) { 'Amazon' } + let(:operatingsystemrelease) { nil } + + it { should_not contain_package('openvpn-auth-ldap') } + it { should contain_package('easy-rsa') } + end end end diff --git a/spec/defines/openvpn_ca_spec.rb b/spec/defines/openvpn_ca_spec.rb index ebc547b7..414e4845 100644 --- a/spec/defines/openvpn_ca_spec.rb +++ b/spec/defines/openvpn_ca_spec.rb @@ -6,12 +6,12 @@ let(:facts) { { :ipaddress_eth0 => '1.2.3.4', - :network_eth0 => '1.2.3.0', - :netmask_eth0 => '255.255.255.0', + :network_eth0 => '1.2.3.0', + :netmask_eth0 => '255.255.255.0', :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } context "creating a server with the minimum parameters" do @@ -73,8 +73,8 @@ :netmask_eth0 => '255.255.255.0', :concat_basedir => '/var/lib/puppet/concat', :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } it { should contain_file('/etc/openvpn/test_server/easy-rsa/vars').with_content(/^export CA_EXPIRE=365$/) } @@ -148,7 +148,7 @@ 'email' => 'testemail@example.org' } } - let(:facts) { { :osfamily => 'Debian', :lsbdistid => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } + let(:facts) { { :osfamily => 'Debian', :operatingsystem => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } shared_examples_for 'a newer version than wheezy' do it { should contain_package('easy-rsa').with('ensure' => 'present') } @@ -158,24 +158,24 @@ end context "when jessie/sid" do before do - facts[:lsbdistid] = 'Debian' - facts[:lsbdistrelease] = '8.0.1' + facts[:operatingsystem] = 'Debian' + facts[:operatingsystemrelease] = '8.0.1' end it_behaves_like 'a newer version than wheezy' end context 'when ubuntu 13.10' do before do - facts[:lsbdistid] = 'Ubuntu' - facts[:lsbdistrelease] = '13.10' + facts[:operatingsystem] = 'Ubuntu' + facts[:operatingsystemrelease] = '13.10' end it_behaves_like 'a newer version than wheezy' end context 'when ubuntu 14.04' do before do - facts[:lsbdistid] = 'Ubuntu' - facts[:lsbdistrelease] = '14.04' + facts[:operatingsystem] = 'Ubuntu' + facts[:operatingsystemrelease] = '14.04' end it_behaves_like 'a newer version than wheezy' end diff --git a/spec/defines/openvpn_client_spec.rb b/spec/defines/openvpn_client_spec.rb index 971313f1..bef88a30 100644 --- a/spec/defines/openvpn_client_spec.rb +++ b/spec/defines/openvpn_client_spec.rb @@ -4,11 +4,11 @@ let(:title) { 'test_client' } let(:params) { { 'server' => 'test_server' } } let(:facts) { { - :fqdn => 'somehost', + :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } let(:pre_condition) do 'openvpn::server { "test_server": @@ -89,11 +89,11 @@ 'rcvbuf' => 393215, } } let(:facts) { { - :fqdn => 'somehost', + :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^client$/)} diff --git a/spec/defines/openvpn_client_specific_config_spec.rb b/spec/defines/openvpn_client_specific_config_spec.rb index 520ea773..2689ffb7 100644 --- a/spec/defines/openvpn_client_specific_config_spec.rb +++ b/spec/defines/openvpn_client_specific_config_spec.rb @@ -4,11 +4,11 @@ let(:title) { 'test_client' } let(:params) { { 'server' => 'test_server' } } let(:facts) { { - :fqdn => 'somehost', + :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } let(:pre_condition) do [ diff --git a/spec/defines/openvpn_revoke_spec.rb b/spec/defines/openvpn_revoke_spec.rb index 822ba80f..04b65918 100644 --- a/spec/defines/openvpn_revoke_spec.rb +++ b/spec/defines/openvpn_revoke_spec.rb @@ -4,11 +4,11 @@ let(:title) { 'test_client' } let(:params) { { 'server' => 'test_server' } } let(:facts) { { - :fqdn => 'somehost', + :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } let(:pre_condition) do [ diff --git a/spec/defines/openvpn_server_spec.rb b/spec/defines/openvpn_server_spec.rb index 14f0bdb8..b3fb54f0 100644 --- a/spec/defines/openvpn_server_spec.rb +++ b/spec/defines/openvpn_server_spec.rb @@ -6,12 +6,12 @@ let(:facts) { { :ipaddress_eth0 => '1.2.3.4', - :network_eth0 => '1.2.3.0', - :netmask_eth0 => '255.255.255.0', + :network_eth0 => '1.2.3.0', + :netmask_eth0 => '255.255.255.0', :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } context 'creating a server without any parameter' do @@ -155,8 +155,8 @@ :netmask_eth0 => '255.255.255.0', :concat_basedir => '/var/lib/puppet/concat', :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^mode\s+server$/) } @@ -235,8 +235,8 @@ :netmask_eth0 => '255.255.255.0', :concat_basedir => '/var/lib/puppet/concat', :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '12.04', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.04', } } it { should contain_file('/etc/openvpn/test_client.conf').with_content(/^client$/) } @@ -334,7 +334,7 @@ 'email' => 'testemail@example.org' } } - let(:facts) { { :osfamily => 'Debian', :lsbdistid => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } + let(:facts) { { :osfamily => 'Debian', :operatingsystem => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } # Configure to start vpn session it { should contain_concat__fragment('openvpn.default.autostart.test_server').with( @@ -348,8 +348,8 @@ context 'ldap' do before do facts[:osfamily] = 'Debian' - facts[:lsbdistid] = 'Debian' - facts[:lsbdistrelease] = '8.0.0' + facts[:operatingsystem] = 'Debian' + facts[:operatingsystemrelease] = '8.0.0' end let(:params) { { 'country' => 'CO',