From 92d89245a02ce08f5efa12d5416d038033cb313d Mon Sep 17 00:00:00 2001
From: root <root@srv-deploy-01.befritco.be>
Date: Sat, 16 Aug 2014 10:00:39 -0400
Subject: [PATCH] Added possiblility to set the up/down script for client

---
 manifests/client.pp  | 10 +++++++++-
 templates/client.erb |  9 +++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/manifests/client.pp b/manifests/client.pp
index e5b41e89..1e67de0d 100644
--- a/manifests/client.pp
+++ b/manifests/client.pp
@@ -94,6 +94,12 @@
 #     style attack from a malicious or compromised server.
 #   Default: {}
 #
+# [*up*]
+#   String,  Script which we want to run when openvpn client is connecting
+#
+# [*down*]
+#   String,  Script which we want to run when openvpn client is disconneting
+#
 # === Examples
 #
 #   openvpn::client {
@@ -147,7 +153,9 @@
   $cipher = '',
   $authuserpass = false,
   $setenv = {},
-  $setenv_safe = {}
+  $setenv_safe = {},
+  $up = '',
+  $down = '',
 ) {
 
   if $pam {
diff --git a/templates/client.erb b/templates/client.erb
index 9550652e..7fe83ce3 100644
--- a/templates/client.erb
+++ b/templates/client.erb
@@ -37,3 +37,12 @@ setenv <%= key %> <%= value %>
 <% scope.lookupvar('setenv_safe').each do |key, value| -%>
 setenv_safe <%= key %> <%= value %>
 <% end -%>
+<% if scope.lookupvar('up') != '' or scope.lookupvar('down') != ''-%>
+script-security 2
+<% end -%>
+<% if scope.lookupvar('up') != '' -%>
+up "<%= scope.lookupvar('up') %>"
+<% end -%>
+<% if scope.lookupvar('down') != '' -%>
+down "<%= scope.lookupvar('down') %>"
+<% end -%>