From 8797784be546346d5db904a980efcbd546a1f881 Mon Sep 17 00:00:00 2001
From: Richard Hillmann <rhillmann@intelliad.de>
Date: Tue, 26 Apr 2016 10:13:35 +0200
Subject: [PATCH] Add client pull option and allow remote_host to be an array
 of servers

---
 manifests/client.pp                 | 7 ++++++-
 spec/defines/openvpn_client_spec.rb | 7 ++++++-
 templates/client.erb                | 8 +++++++-
 3 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/manifests/client.pp b/manifests/client.pp
index f0dc4136..c95fa66b 100644
--- a/manifests/client.pp
+++ b/manifests/client.pp
@@ -52,7 +52,7 @@
 #   Options: tcp or udp
 #
 # [*remote_host*]
-#   String.  The IP or hostname of the openvpn server service
+#   String/Array.  The IP or hostname of the openvpn server service.
 #   Default: FQDN
 #
 # [*cipher*]
@@ -141,6 +141,10 @@
 #   archive.
 #   Default: undef
 #
+# [*pull*]
+#   Boolean. Allow server to push options like dns or routes
+#   Default: false
+#
 # === Examples
 #
 #   openvpn::client {
@@ -206,6 +210,7 @@
   $custom_options       = {},
   $expire               = undef,
   $readme               = undef,
+  $pull                 = false,
 ) {
 
   if $pam {
diff --git a/spec/defines/openvpn_client_spec.rb b/spec/defines/openvpn_client_spec.rb
index 24afc7c6..4f6c24a1 100644
--- a/spec/defines/openvpn_client_spec.rb
+++ b/spec/defines/openvpn_client_spec.rb
@@ -62,6 +62,7 @@
     it { should_not contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^verify-x509-name/)}
     it { should_not contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^sndbuf/)}
     it { should_not contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^rcvbuf/)}
+    it { should_not contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^pull/)}
   end
 
   context "setting all of the parameters" do
@@ -78,7 +79,7 @@
       'tls_cipher'            => 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA',
       'port'                  => '123',
       'proto'                 => 'udp',
-      'remote_host'           => 'somewhere',
+      'remote_host'           => ['somewhere', 'galaxy'],
       'resolv_retry'          => '2m',
       'auth_retry'            => 'interact',
       'verb'                  => '1',
@@ -89,6 +90,7 @@
       'sndbuf'                => 393216,
       'rcvbuf'                => 393215,
       'readme'                => 'readme text',
+      'pull'                  => true,
     } }
     let(:facts) { {
       :fqdn => 'somehost',
@@ -105,6 +107,7 @@
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^dev\s+tap$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^proto\s+udp$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^remote\s+somewhere\s+123$/)}
+    it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^remote\s+galaxy\s+123$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^comp-something$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^resolv-retry\s+2m$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^verb\s+1$/)}
@@ -119,6 +122,8 @@
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^sndbuf\s+393216$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^rcvbuf\s+393215$/)}
     it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/README').with_content(/^readme text$/)}
+    it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^pull$/)}
+
   end
 
   context "omitting the cipher key" do
diff --git a/templates/client.erb b/templates/client.erb
index f3035989..ebcf51df 100644
--- a/templates/client.erb
+++ b/templates/client.erb
@@ -4,12 +4,18 @@ cert keys/<%= @name %>/<%= @name %>.crt
 key keys/<%= @name %>/<%= @name %>.key
 dev <%= @dev %>
 proto <%= @proto %>
-remote <%= @remote_host %> <%= @port %>
+<% @remote_host = [@remote_host] unless @remote_host.kind_of?(Array) -%>
+<% @remote_host.each do |item| -%>
+remote <%= item %> <%= @port %>
+<% end -%>
 <% if @compression != '' -%>
 <%= @compression %>
 <% end -%>
 resolv-retry <%= @resolv_retry %>
 auth-retry <%= @auth_retry %>
+<% if @pull -%>
+pull
+<% end -%>
 <% if @nobind -%>
 nobind
 <% end -%>