use tags to notify service, new dependency for tls_auth generation

service should start after tls_auth certificate is generated.
zachfi · Jan 4, 2021 · 75bc781 · 75bc781
1 parent 4e3e32a
commit 75bc781
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -24,6 +24,9 @@
   }
 
   if $manage_service {
+    Exec <| tag == 'openvpn' |> ~> Service['openvpn']
+    File <| tag == 'openvpn' |> ~> Service['openvpn']
+
     service { 'openvpn':
       ensure  => running,
       enable  => true,

diff --git a/manifests/server.pp b/manifests/server.pp
@@ -81,6 +81,7 @@
     group   => 0,
     mode    => '0600',
     content => template('openvpn/server.conf.erb'),
+    tag     => 'openvpn',
   }
 
   $fq_dh = $dh ? {
@@ -91,19 +92,15 @@
     cwd     => $openvpn_dir,
     command => "${openssl} dhparam -out ${fq_dh} ${dh_size}",
     creates => $fq_dh,
+    tag     => 'openvpn',
   }
 
   if $tls_auth {
     exec { 'create tls_auth key':
       cwd     => $openvpn_dir,
       command => "${openvpn_path} --genkey --secret ta.key",
       creates => "${openvpn_dir}/ta.key",
+      tag     => 'openvpn',
     }
   }
-
-  if $openvpn::manage_service {
-    Exec["create ${dh}"] ~> Service['openvpn']
-
-    File["${openvpn_dir}/openvpn.conf"] ~> Service['openvpn']
-  }
 }