Documentation ¶
Index ¶
- type Server
- type ServerArgs
- type ServerArray
- type ServerArrayInput
- type ServerArrayOutput
- type ServerInput
- type ServerMap
- type ServerMapInput
- type ServerMapOutput
- type ServerOutput
- func (o ServerOutput) Auth() pulumi.StringPtrOutput
- func (o ServerOutput) Certificate() pulumi.StringOutput
- func (o ServerOutput) Cipher() pulumi.StringPtrOutput
- func (o ServerOutput) DefaultProfile() pulumi.StringPtrOutput
- func (ServerOutput) ElementType() reflect.Type
- func (o ServerOutput) EnableTunIpv6() pulumi.BoolPtrOutput
- func (o ServerOutput) Enabled() pulumi.BoolPtrOutput
- func (o ServerOutput) Ipv6PrefixLen() pulumi.IntPtrOutput
- func (o ServerOutput) KeepaliveTimeout() pulumi.StringPtrOutput
- func (o ServerOutput) MacAddress() pulumi.StringOutput
- func (o ServerOutput) MaxMtu() pulumi.IntPtrOutput
- func (o ServerOutput) Mode() pulumi.StringPtrOutput
- func (o ServerOutput) Netmask() pulumi.IntPtrOutput
- func (o ServerOutput) Port() pulumi.IntPtrOutput
- func (o ServerOutput) Protocol() pulumi.StringPtrOutput
- func (o ServerOutput) RedirectGateway() pulumi.StringPtrOutput
- func (o ServerOutput) RenegSec() pulumi.IntPtrOutput
- func (o ServerOutput) RequireClientCertificate() pulumi.BoolPtrOutput
- func (o ServerOutput) TlsVersion() pulumi.StringPtrOutput
- func (o ServerOutput) ToServerOutput() ServerOutput
- func (o ServerOutput) ToServerOutputWithContext(ctx context.Context) ServerOutput
- func (o ServerOutput) TunServerIpv6() pulumi.StringPtrOutput
- type ServerState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct { pulumi.CustomResourceState // Authentication methods that the server will accept. Auth pulumi.StringPtrOutput `pulumi:"auth"` // Name of the certificate that the OVPN server will use. Certificate pulumi.StringOutput `pulumi:"certificate"` // Allowed ciphers. Cipher pulumi.StringPtrOutput `pulumi:"cipher"` // Default profile to use. DefaultProfile pulumi.StringPtrOutput `pulumi:"defaultProfile"` // Specifies if IPv6 IP tunneling mode should be possible with this OVPN server. EnableTunIpv6 pulumi.BoolPtrOutput `pulumi:"enableTunIpv6"` // Defines whether the OVPN server is enabled or not. Enabled pulumi.BoolPtrOutput `pulumi:"enabled"` // Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side. Ipv6PrefixLen pulumi.IntPtrOutput `pulumi:"ipv6PrefixLen"` // Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected KeepaliveTimeout pulumi.StringPtrOutput `pulumi:"keepaliveTimeout"` // Automatically generated MAC address of the server. MacAddress pulumi.StringOutput `pulumi:"macAddress"` // Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation. MaxMtu pulumi.IntPtrOutput `pulumi:"maxMtu"` // Layer3 or layer2 tunnel mode (alternatively tun, tap) Mode pulumi.StringPtrOutput `pulumi:"mode"` // Subnet mask to be applied to the client. Netmask pulumi.IntPtrOutput `pulumi:"netmask"` // Port to run the server on. Port pulumi.IntPtrOutput `pulumi:"port"` // indicates the protocol to use when connecting with the remote endpoint. Protocol pulumi.StringPtrOutput `pulumi:"protocol"` // Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works similarly to the def1 flag, that is, more specific IPv6 routes are added (2000::/4 and 3000::/4), covering the whole IPv6 unicast space. RedirectGateway pulumi.StringPtrOutput `pulumi:"redirectGateway"` // Renegotiate data channel key after n seconds (default=3600). RenegSec pulumi.IntPtrOutput `pulumi:"renegSec"` // If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain. RequireClientCertificate pulumi.BoolPtrOutput `pulumi:"requireClientCertificate"` // Specifies which TLS versions to allow. TlsVersion pulumi.StringPtrOutput `pulumi:"tlsVersion"` // IPv6 prefix address which will be used when generating the OVPN interface on the server side. TunServerIpv6 pulumi.StringPtrOutput `pulumi:"tunServerIpv6"` // contains filtered or unexported fields }
## # OpenVpn.Server (Resource)
##### *<span style="color:red">This resource requires a minimum version of RouterOS 7.8!</span>*
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-routeros/sdk/go/routeros/Iface" "github.com/pulumi/pulumi-routeros/sdk/go/routeros/Ip" "github.com/pulumi/pulumi-routeros/sdk/go/routeros/OpenVpn" "github.com/pulumi/pulumi-routeros/sdk/go/routeros/Ppp" "github.com/pulumi/pulumi-routeros/sdk/go/routeros/System" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := Ip.NewPool(ctx, "ovpn-pool", &Ip.PoolArgs{ Ranges: pulumi.StringArray{ pulumi.String("192.168.77.2-192.168.77.254"), }, }) if err != nil { return err } ovpnCa, err := System.NewCertificate(ctx, "ovpnCa", &System.CertificateArgs{ CommonName: pulumi.String("OpenVPN Root CA"), KeySize: pulumi.String("prime256v1"), KeyUsages: pulumi.StringArray{ pulumi.String("key-cert-sign"), pulumi.String("crl-sign"), }, Trusted: pulumi.Bool(true), Signs: system.CertificateSignArray{ nil, }, }) if err != nil { return err } ovpnServerCrt, err := System.NewCertificate(ctx, "ovpnServerCrt", &System.CertificateArgs{ CommonName: pulumi.String("Mikrotik OpenVPN"), KeySize: pulumi.String("prime256v1"), KeyUsages: pulumi.StringArray{ pulumi.String("digital-signature"), pulumi.String("key-encipherment"), pulumi.String("tls-server"), }, Signs: system.CertificateSignArray{ &system.CertificateSignArgs{ Ca: ovpnCa.Name, }, }, }) if err != nil { return err } testProfile, err := Ppp.NewProfile(ctx, "testProfile", &Ppp.ProfileArgs{ LocalAddress: pulumi.String("192.168.77.1"), RemoteAddress: pulumi.String("ovpn-pool"), UseUpnp: pulumi.String("no"), }) if err != nil { return err } _, err = Ppp.NewSecret(ctx, "testSecret", &Ppp.SecretArgs{ Password: pulumi.String("123"), Profile: testProfile.Name, }) if err != nil { return err } server, err := OpenVpn.NewServer(ctx, "server", &OpenVpn.ServerArgs{ Enabled: pulumi.Bool(true), Certificate: ovpnServerCrt.Name, Auth: pulumi.String("sha256,sha512"), TlsVersion: pulumi.String("only-1.2"), DefaultProfile: testProfile.Name, }) if err != nil { return err } _, err = Iface.NewOpenVpnServer(ctx, "user1", &Iface.OpenVpnServerArgs{ User: pulumi.String("user1"), }, pulumi.DependsOn([]pulumi.Resource{ server, })) if err != nil { return err } return nil }) }
```
## Import
```sh
$ pulumi import routeros:OpenVpn/server:Server server .
```
func GetServer ¶
func GetServer(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ServerState, opts ...pulumi.ResourceOption) (*Server, error)
GetServer gets an existing Server resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewServer ¶
func NewServer(ctx *pulumi.Context, name string, args *ServerArgs, opts ...pulumi.ResourceOption) (*Server, error)
NewServer registers a new resource with the given unique name, arguments, and options.
func (*Server) ElementType ¶
func (*Server) ToServerOutput ¶
func (i *Server) ToServerOutput() ServerOutput
func (*Server) ToServerOutputWithContext ¶
func (i *Server) ToServerOutputWithContext(ctx context.Context) ServerOutput
type ServerArgs ¶
type ServerArgs struct { // Authentication methods that the server will accept. Auth pulumi.StringPtrInput // Name of the certificate that the OVPN server will use. Certificate pulumi.StringInput // Allowed ciphers. Cipher pulumi.StringPtrInput // Default profile to use. DefaultProfile pulumi.StringPtrInput // Specifies if IPv6 IP tunneling mode should be possible with this OVPN server. EnableTunIpv6 pulumi.BoolPtrInput // Defines whether the OVPN server is enabled or not. Enabled pulumi.BoolPtrInput // Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side. Ipv6PrefixLen pulumi.IntPtrInput // Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected KeepaliveTimeout pulumi.StringPtrInput // Automatically generated MAC address of the server. MacAddress pulumi.StringPtrInput // Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation. MaxMtu pulumi.IntPtrInput // Layer3 or layer2 tunnel mode (alternatively tun, tap) Mode pulumi.StringPtrInput // Subnet mask to be applied to the client. Netmask pulumi.IntPtrInput // Port to run the server on. Port pulumi.IntPtrInput // indicates the protocol to use when connecting with the remote endpoint. Protocol pulumi.StringPtrInput // Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works similarly to the def1 flag, that is, more specific IPv6 routes are added (2000::/4 and 3000::/4), covering the whole IPv6 unicast space. RedirectGateway pulumi.StringPtrInput // Renegotiate data channel key after n seconds (default=3600). RenegSec pulumi.IntPtrInput // If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain. RequireClientCertificate pulumi.BoolPtrInput // Specifies which TLS versions to allow. TlsVersion pulumi.StringPtrInput // IPv6 prefix address which will be used when generating the OVPN interface on the server side. TunServerIpv6 pulumi.StringPtrInput // contains filtered or unexported fields }
The set of arguments for constructing a Server resource.
func (ServerArgs) ElementType ¶
func (ServerArgs) ElementType() reflect.Type
type ServerArray ¶
type ServerArray []ServerInput
func (ServerArray) ElementType ¶
func (ServerArray) ElementType() reflect.Type
func (ServerArray) ToServerArrayOutput ¶
func (i ServerArray) ToServerArrayOutput() ServerArrayOutput
func (ServerArray) ToServerArrayOutputWithContext ¶
func (i ServerArray) ToServerArrayOutputWithContext(ctx context.Context) ServerArrayOutput
type ServerArrayInput ¶
type ServerArrayInput interface { pulumi.Input ToServerArrayOutput() ServerArrayOutput ToServerArrayOutputWithContext(context.Context) ServerArrayOutput }
ServerArrayInput is an input type that accepts ServerArray and ServerArrayOutput values. You can construct a concrete instance of `ServerArrayInput` via:
ServerArray{ ServerArgs{...} }
type ServerArrayOutput ¶
type ServerArrayOutput struct{ *pulumi.OutputState }
func (ServerArrayOutput) ElementType ¶
func (ServerArrayOutput) ElementType() reflect.Type
func (ServerArrayOutput) Index ¶
func (o ServerArrayOutput) Index(i pulumi.IntInput) ServerOutput
func (ServerArrayOutput) ToServerArrayOutput ¶
func (o ServerArrayOutput) ToServerArrayOutput() ServerArrayOutput
func (ServerArrayOutput) ToServerArrayOutputWithContext ¶
func (o ServerArrayOutput) ToServerArrayOutputWithContext(ctx context.Context) ServerArrayOutput
type ServerInput ¶
type ServerInput interface { pulumi.Input ToServerOutput() ServerOutput ToServerOutputWithContext(ctx context.Context) ServerOutput }
type ServerMap ¶
type ServerMap map[string]ServerInput
func (ServerMap) ElementType ¶
func (ServerMap) ToServerMapOutput ¶
func (i ServerMap) ToServerMapOutput() ServerMapOutput
func (ServerMap) ToServerMapOutputWithContext ¶
func (i ServerMap) ToServerMapOutputWithContext(ctx context.Context) ServerMapOutput
type ServerMapInput ¶
type ServerMapInput interface { pulumi.Input ToServerMapOutput() ServerMapOutput ToServerMapOutputWithContext(context.Context) ServerMapOutput }
ServerMapInput is an input type that accepts ServerMap and ServerMapOutput values. You can construct a concrete instance of `ServerMapInput` via:
ServerMap{ "key": ServerArgs{...} }
type ServerMapOutput ¶
type ServerMapOutput struct{ *pulumi.OutputState }
func (ServerMapOutput) ElementType ¶
func (ServerMapOutput) ElementType() reflect.Type
func (ServerMapOutput) MapIndex ¶
func (o ServerMapOutput) MapIndex(k pulumi.StringInput) ServerOutput
func (ServerMapOutput) ToServerMapOutput ¶
func (o ServerMapOutput) ToServerMapOutput() ServerMapOutput
func (ServerMapOutput) ToServerMapOutputWithContext ¶
func (o ServerMapOutput) ToServerMapOutputWithContext(ctx context.Context) ServerMapOutput
type ServerOutput ¶
type ServerOutput struct{ *pulumi.OutputState }
func (ServerOutput) Auth ¶
func (o ServerOutput) Auth() pulumi.StringPtrOutput
Authentication methods that the server will accept.
func (ServerOutput) Certificate ¶
func (o ServerOutput) Certificate() pulumi.StringOutput
Name of the certificate that the OVPN server will use.
func (ServerOutput) DefaultProfile ¶
func (o ServerOutput) DefaultProfile() pulumi.StringPtrOutput
Default profile to use.
func (ServerOutput) ElementType ¶
func (ServerOutput) ElementType() reflect.Type
func (ServerOutput) EnableTunIpv6 ¶
func (o ServerOutput) EnableTunIpv6() pulumi.BoolPtrOutput
Specifies if IPv6 IP tunneling mode should be possible with this OVPN server.
func (ServerOutput) Enabled ¶
func (o ServerOutput) Enabled() pulumi.BoolPtrOutput
Defines whether the OVPN server is enabled or not.
func (ServerOutput) Ipv6PrefixLen ¶
func (o ServerOutput) Ipv6PrefixLen() pulumi.IntPtrOutput
Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side.
func (ServerOutput) KeepaliveTimeout ¶
func (o ServerOutput) KeepaliveTimeout() pulumi.StringPtrOutput
Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected
func (ServerOutput) MacAddress ¶
func (o ServerOutput) MacAddress() pulumi.StringOutput
Automatically generated MAC address of the server.
func (ServerOutput) MaxMtu ¶
func (o ServerOutput) MaxMtu() pulumi.IntPtrOutput
Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation.
func (ServerOutput) Mode ¶
func (o ServerOutput) Mode() pulumi.StringPtrOutput
Layer3 or layer2 tunnel mode (alternatively tun, tap)
func (ServerOutput) Netmask ¶
func (o ServerOutput) Netmask() pulumi.IntPtrOutput
Subnet mask to be applied to the client.
func (ServerOutput) Port ¶
func (o ServerOutput) Port() pulumi.IntPtrOutput
Port to run the server on.
func (ServerOutput) Protocol ¶
func (o ServerOutput) Protocol() pulumi.StringPtrOutput
indicates the protocol to use when connecting with the remote endpoint.
func (ServerOutput) RedirectGateway ¶
func (o ServerOutput) RedirectGateway() pulumi.StringPtrOutput
Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works similarly to the def1 flag, that is, more specific IPv6 routes are added (2000::/4 and 3000::/4), covering the whole IPv6 unicast space.
func (ServerOutput) RenegSec ¶
func (o ServerOutput) RenegSec() pulumi.IntPtrOutput
Renegotiate data channel key after n seconds (default=3600).
func (ServerOutput) RequireClientCertificate ¶
func (o ServerOutput) RequireClientCertificate() pulumi.BoolPtrOutput
If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain.
func (ServerOutput) TlsVersion ¶
func (o ServerOutput) TlsVersion() pulumi.StringPtrOutput
Specifies which TLS versions to allow.
func (ServerOutput) ToServerOutput ¶
func (o ServerOutput) ToServerOutput() ServerOutput
func (ServerOutput) ToServerOutputWithContext ¶
func (o ServerOutput) ToServerOutputWithContext(ctx context.Context) ServerOutput
func (ServerOutput) TunServerIpv6 ¶
func (o ServerOutput) TunServerIpv6() pulumi.StringPtrOutput
IPv6 prefix address which will be used when generating the OVPN interface on the server side.
type ServerState ¶
type ServerState struct { // Authentication methods that the server will accept. Auth pulumi.StringPtrInput // Name of the certificate that the OVPN server will use. Certificate pulumi.StringPtrInput // Allowed ciphers. Cipher pulumi.StringPtrInput // Default profile to use. DefaultProfile pulumi.StringPtrInput // Specifies if IPv6 IP tunneling mode should be possible with this OVPN server. EnableTunIpv6 pulumi.BoolPtrInput // Defines whether the OVPN server is enabled or not. Enabled pulumi.BoolPtrInput // Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side. Ipv6PrefixLen pulumi.IntPtrInput // Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected KeepaliveTimeout pulumi.StringPtrInput // Automatically generated MAC address of the server. MacAddress pulumi.StringPtrInput // Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation. MaxMtu pulumi.IntPtrInput // Layer3 or layer2 tunnel mode (alternatively tun, tap) Mode pulumi.StringPtrInput // Subnet mask to be applied to the client. Netmask pulumi.IntPtrInput // Port to run the server on. Port pulumi.IntPtrInput // indicates the protocol to use when connecting with the remote endpoint. Protocol pulumi.StringPtrInput // Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works similarly to the def1 flag, that is, more specific IPv6 routes are added (2000::/4 and 3000::/4), covering the whole IPv6 unicast space. RedirectGateway pulumi.StringPtrInput // Renegotiate data channel key after n seconds (default=3600). RenegSec pulumi.IntPtrInput // If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain. RequireClientCertificate pulumi.BoolPtrInput // Specifies which TLS versions to allow. TlsVersion pulumi.StringPtrInput // IPv6 prefix address which will be used when generating the OVPN interface on the server side. TunServerIpv6 pulumi.StringPtrInput // contains filtered or unexported fields }
func (ServerState) ElementType ¶
func (ServerState) ElementType() reflect.Type