cri-o/vendor/k8s.io/kubernetes/cluster/saltbase/salt/openvpn/init.sls

/etc/openvpn/server.conf:
  file.managed:
    - source: salt://openvpn/server.conf
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - makedirs: True

{% for minion in salt['mine.get']('roles:kubernetes-pool', 'grains.items', expr_form='grain').values() %}
/etc/openvpn/ccd/{{ minion['hostnamef'] }}:
  file.managed:
    - contents: "iroute {{ minion['cbr-string'] }}\n"
    - user: root
    - group: root
    - mode: 644
    - makedirs: True
{% endfor %}

openssl dhparam -out /etc/openvpn/dh1024.pem 1024:
  cmd.run:
    - creates: /etc/openvpn/dh1024.pem
    - unless: file /etc/openvpn/dh1024.pem

openvpn:
  pkg:
    - latest
  service.running:
    - enable: True
    - watch:
      - file: /etc/openvpn/server.conf
Switch to github.com/golang/dep for vendoring Signed-off-by: Mrunal Patel <mrunalp@gmail.com> 2017-02-01 00:45:59 +00:00			`/etc/openvpn/server.conf:`
			`file.managed:`
			`- source: salt://openvpn/server.conf`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: True`

			`{% for minion in salt['mine.get']('roles:kubernetes-pool', 'grains.items', expr_form='grain').values() %}`
			`/etc/openvpn/ccd/{{ minion['hostnamef'] }}:`
			`file.managed:`
			`- contents: "iroute {{ minion['cbr-string'] }}\n"`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: True`
			`{% endfor %}`

			`openssl dhparam -out /etc/openvpn/dh1024.pem 1024:`
			`cmd.run:`
			`- creates: /etc/openvpn/dh1024.pem`
			`- unless: file /etc/openvpn/dh1024.pem`

			`openvpn:`
			`pkg:`
			`- latest`
			`service.running:`
			`- enable: True`
			`- watch:`
			`- file: /etc/openvpn/server.conf`