openvpn

package
v0.0.0-...-3e34f99 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 25, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Server 

type Server struct {
	pulumi.CustomResourceState

	// Authentication methods that the server will accept.
	Auth pulumi.StringPtrOutput `pulumi:"auth"`
	// Name of the certificate that the OVPN server will use.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// Allowed ciphers.
	Cipher pulumi.StringPtrOutput `pulumi:"cipher"`
	// Default profile to use.
	DefaultProfile pulumi.StringPtrOutput `pulumi:"defaultProfile"`
	// Specifies if IPv6 IP tunneling mode should be possible with this OVPN server.
	EnableTunIpv6 pulumi.BoolPtrOutput `pulumi:"enableTunIpv6"`
	// Defines whether the OVPN server is enabled or not.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side.
	Ipv6PrefixLen pulumi.IntPtrOutput `pulumi:"ipv6PrefixLen"`
	// Defines  the time period (in seconds) after which the router is starting to send  keepalive packets every second. If no traffic and no keepalive  responses have come for that period of time (i.e. 2 *  keepalive-timeout), not responding client is proclaimed disconnected
	KeepaliveTimeout pulumi.StringPtrOutput `pulumi:"keepaliveTimeout"`
	// Automatically generated MAC address of the server.
	MacAddress pulumi.StringOutput `pulumi:"macAddress"`
	// Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation.
	MaxMtu pulumi.IntPtrOutput `pulumi:"maxMtu"`
	// Layer3 or layer2 tunnel mode (alternatively tun, tap)
	Mode pulumi.StringPtrOutput `pulumi:"mode"`
	// Subnet mask to be applied to the client.
	Netmask pulumi.IntPtrOutput `pulumi:"netmask"`
	// Port to run the server on.
	Port pulumi.IntPtrOutput `pulumi:"port"`
	// indicates the protocol to use when connecting with the remote endpoint.
	Protocol pulumi.StringPtrOutput `pulumi:"protocol"`
	// Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and  128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding  but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works  similarly to the def1 flag, that is, more specific IPv6 routes are added  (2000::/4 and 3000::/4), covering the whole IPv6 unicast space.
	RedirectGateway pulumi.StringPtrOutput `pulumi:"redirectGateway"`
	// Renegotiate data channel key after n seconds (default=3600).
	RenegSec pulumi.IntPtrOutput `pulumi:"renegSec"`
	// If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain.
	RequireClientCertificate pulumi.BoolPtrOutput `pulumi:"requireClientCertificate"`
	// Specifies which TLS versions to allow.
	TlsVersion pulumi.StringPtrOutput `pulumi:"tlsVersion"`
	// IPv6 prefix address which will be used when generating the OVPN interface on the server side.
	TunServerIpv6 pulumi.StringPtrOutput `pulumi:"tunServerIpv6"`
	// contains filtered or unexported fields
}

## # OpenVpn.Server (Resource)

##### *<span style="color:red">This resource requires a minimum version of RouterOS 7.8!</span>*

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-routeros/sdk/go/routeros/Iface"
"github.com/pulumi/pulumi-routeros/sdk/go/routeros/Ip"
"github.com/pulumi/pulumi-routeros/sdk/go/routeros/OpenVpn"
"github.com/pulumi/pulumi-routeros/sdk/go/routeros/Ppp"
"github.com/pulumi/pulumi-routeros/sdk/go/routeros/System"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Ip.NewPool(ctx, "ovpn-pool", &Ip.PoolArgs{
			Ranges: pulumi.StringArray{
				pulumi.String("192.168.77.2-192.168.77.254"),
			},
		})
		if err != nil {
			return err
		}
		ovpnCa, err := System.NewCertificate(ctx, "ovpnCa", &System.CertificateArgs{
			CommonName: pulumi.String("OpenVPN Root CA"),
			KeySize:    pulumi.String("prime256v1"),
			KeyUsages: pulumi.StringArray{
				pulumi.String("key-cert-sign"),
				pulumi.String("crl-sign"),
			},
			Trusted: pulumi.Bool(true),
			Signs: system.CertificateSignArray{
				nil,
			},
		})
		if err != nil {
			return err
		}
		ovpnServerCrt, err := System.NewCertificate(ctx, "ovpnServerCrt", &System.CertificateArgs{
			CommonName: pulumi.String("Mikrotik OpenVPN"),
			KeySize:    pulumi.String("prime256v1"),
			KeyUsages: pulumi.StringArray{
				pulumi.String("digital-signature"),
				pulumi.String("key-encipherment"),
				pulumi.String("tls-server"),
			},
			Signs: system.CertificateSignArray{
				&system.CertificateSignArgs{
					Ca: ovpnCa.Name,
				},
			},
		})
		if err != nil {
			return err
		}
		testProfile, err := Ppp.NewProfile(ctx, "testProfile", &Ppp.ProfileArgs{
			LocalAddress:  pulumi.String("192.168.77.1"),
			RemoteAddress: pulumi.String("ovpn-pool"),
			UseUpnp:       pulumi.String("no"),
		})
		if err != nil {
			return err
		}
		_, err = Ppp.NewSecret(ctx, "testSecret", &Ppp.SecretArgs{
			Password: pulumi.String("123"),
			Profile:  testProfile.Name,
		})
		if err != nil {
			return err
		}
		server, err := OpenVpn.NewServer(ctx, "server", &OpenVpn.ServerArgs{
			Enabled:        pulumi.Bool(true),
			Certificate:    ovpnServerCrt.Name,
			Auth:           pulumi.String("sha256,sha512"),
			TlsVersion:     pulumi.String("only-1.2"),
			DefaultProfile: testProfile.Name,
		})
		if err != nil {
			return err
		}
		_, err = Iface.NewOpenVpnServer(ctx, "user1", &Iface.OpenVpnServerArgs{
			User: pulumi.String("user1"),
		}, pulumi.DependsOn([]pulumi.Resource{
			server,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

```sh 

$ pulumi import routeros:OpenVpn/server:Server server .

```

func GetServer 

func GetServer(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerState, opts ...pulumi.ResourceOption) (*Server, error)

GetServer gets an existing Server resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServer 

func NewServer(ctx *pulumi.Context,
	name string, args *ServerArgs, opts ...pulumi.ResourceOption) (*Server, error)

NewServer registers a new resource with the given unique name, arguments, and options.

func (*Server) ElementType 

func (*Server) ElementType() reflect.Type

func (*Server) ToServerOutput 

func (i *Server) ToServerOutput() ServerOutput

func (*Server) ToServerOutputWithContext 

func (i *Server) ToServerOutputWithContext(ctx context.Context) ServerOutput

type ServerArgs 

type ServerArgs struct {

	// Authentication methods that the server will accept.
	Auth pulumi.StringPtrInput
	// Name of the certificate that the OVPN server will use.
	Certificate pulumi.StringInput
	// Allowed ciphers.
	Cipher pulumi.StringPtrInput
	// Default profile to use.
	DefaultProfile pulumi.StringPtrInput
	// Specifies if IPv6 IP tunneling mode should be possible with this OVPN server.
	EnableTunIpv6 pulumi.BoolPtrInput
	// Defines whether the OVPN server is enabled or not.
	Enabled pulumi.BoolPtrInput
	// Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side.
	Ipv6PrefixLen pulumi.IntPtrInput
	// Defines  the time period (in seconds) after which the router is starting to send  keepalive packets every second. If no traffic and no keepalive  responses have come for that period of time (i.e. 2 *  keepalive-timeout), not responding client is proclaimed disconnected
	KeepaliveTimeout pulumi.StringPtrInput
	// Automatically generated MAC address of the server.
	MacAddress pulumi.StringPtrInput
	// Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation.
	MaxMtu pulumi.IntPtrInput
	// Layer3 or layer2 tunnel mode (alternatively tun, tap)
	Mode pulumi.StringPtrInput
	// Subnet mask to be applied to the client.
	Netmask pulumi.IntPtrInput
	// Port to run the server on.
	Port pulumi.IntPtrInput
	// indicates the protocol to use when connecting with the remote endpoint.
	Protocol pulumi.StringPtrInput
	// Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and  128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding  but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works  similarly to the def1 flag, that is, more specific IPv6 routes are added  (2000::/4 and 3000::/4), covering the whole IPv6 unicast space.
	RedirectGateway pulumi.StringPtrInput
	// Renegotiate data channel key after n seconds (default=3600).
	RenegSec pulumi.IntPtrInput
	// If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain.
	RequireClientCertificate pulumi.BoolPtrInput
	// Specifies which TLS versions to allow.
	TlsVersion pulumi.StringPtrInput
	// IPv6 prefix address which will be used when generating the OVPN interface on the server side.
	TunServerIpv6 pulumi.StringPtrInput
	// contains filtered or unexported fields
}

The set of arguments for constructing a Server resource.

func (ServerArgs) ElementType 

func (ServerArgs) ElementType() reflect.Type

type ServerArray 

type ServerArray []ServerInput

func (ServerArray) ElementType 

func (ServerArray) ElementType() reflect.Type

func (ServerArray) ToServerArrayOutput 

func (i ServerArray) ToServerArrayOutput() ServerArrayOutput

func (ServerArray) ToServerArrayOutputWithContext 

func (i ServerArray) ToServerArrayOutputWithContext(ctx context.Context) ServerArrayOutput

type ServerArrayInput 

type ServerArrayInput interface {
	pulumi.Input

	ToServerArrayOutput() ServerArrayOutput
	ToServerArrayOutputWithContext(context.Context) ServerArrayOutput
}

ServerArrayInput is an input type that accepts ServerArray and ServerArrayOutput values. You can construct a concrete instance of `ServerArrayInput` via: 

ServerArray{ ServerArgs{...} }

type ServerArrayOutput 

type ServerArrayOutput struct{ *pulumi.OutputState }

func (ServerArrayOutput) ElementType 

func (ServerArrayOutput) ElementType() reflect.Type

func (ServerArrayOutput) Index 

func (o ServerArrayOutput) Index(i pulumi.IntInput) ServerOutput

func (ServerArrayOutput) ToServerArrayOutput 

func (o ServerArrayOutput) ToServerArrayOutput() ServerArrayOutput

func (ServerArrayOutput) ToServerArrayOutputWithContext 

func (o ServerArrayOutput) ToServerArrayOutputWithContext(ctx context.Context) ServerArrayOutput

type ServerInput 

type ServerInput interface {
	pulumi.Input

	ToServerOutput() ServerOutput
	ToServerOutputWithContext(ctx context.Context) ServerOutput
}

type ServerMap 

type ServerMap map[string]ServerInput

func (ServerMap) ElementType 

func (ServerMap) ElementType() reflect.Type

func (ServerMap) ToServerMapOutput 

func (i ServerMap) ToServerMapOutput() ServerMapOutput

func (ServerMap) ToServerMapOutputWithContext 

func (i ServerMap) ToServerMapOutputWithContext(ctx context.Context) ServerMapOutput

type ServerMapInput 

type ServerMapInput interface {
	pulumi.Input

	ToServerMapOutput() ServerMapOutput
	ToServerMapOutputWithContext(context.Context) ServerMapOutput
}

ServerMapInput is an input type that accepts ServerMap and ServerMapOutput values. You can construct a concrete instance of `ServerMapInput` via: 

ServerMap{ "key": ServerArgs{...} }

type ServerMapOutput 

type ServerMapOutput struct{ *pulumi.OutputState }

func (ServerMapOutput) ElementType 

func (ServerMapOutput) ElementType() reflect.Type

func (ServerMapOutput) MapIndex 

func (o ServerMapOutput) MapIndex(k pulumi.StringInput) ServerOutput

func (ServerMapOutput) ToServerMapOutput 

func (o ServerMapOutput) ToServerMapOutput() ServerMapOutput

func (ServerMapOutput) ToServerMapOutputWithContext 

func (o ServerMapOutput) ToServerMapOutputWithContext(ctx context.Context) ServerMapOutput

type ServerOutput 

type ServerOutput struct{ *pulumi.OutputState }

func (ServerOutput) Auth 

func (o ServerOutput) Auth() pulumi.StringPtrOutput

Authentication methods that the server will accept.

func (ServerOutput) Certificate 

func (o ServerOutput) Certificate() pulumi.StringOutput

Name of the certificate that the OVPN server will use.

func (ServerOutput) Cipher 

func (o ServerOutput) Cipher() pulumi.StringPtrOutput

Allowed ciphers.

func (ServerOutput) DefaultProfile 

func (o ServerOutput) DefaultProfile() pulumi.StringPtrOutput

Default profile to use.

func (ServerOutput) ElementType 

func (ServerOutput) ElementType() reflect.Type

func (ServerOutput) EnableTunIpv6 

func (o ServerOutput) EnableTunIpv6() pulumi.BoolPtrOutput

Specifies if IPv6 IP tunneling mode should be possible with this OVPN server.

func (ServerOutput) Enabled 

func (o ServerOutput) Enabled() pulumi.BoolPtrOutput

Defines whether the OVPN server is enabled or not.

func (ServerOutput) Ipv6PrefixLen 

func (o ServerOutput) Ipv6PrefixLen() pulumi.IntPtrOutput

Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side.

func (ServerOutput) KeepaliveTimeout 

func (o ServerOutput) KeepaliveTimeout() pulumi.StringPtrOutput

Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected

func (ServerOutput) MacAddress 

func (o ServerOutput) MacAddress() pulumi.StringOutput

Automatically generated MAC address of the server.

func (ServerOutput) MaxMtu 

func (o ServerOutput) MaxMtu() pulumi.IntPtrOutput

Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation.

func (ServerOutput) Mode 

func (o ServerOutput) Mode() pulumi.StringPtrOutput

Layer3 or layer2 tunnel mode (alternatively tun, tap)

func (ServerOutput) Netmask 

func (o ServerOutput) Netmask() pulumi.IntPtrOutput

Subnet mask to be applied to the client.

func (ServerOutput) Port 

func (o ServerOutput) Port() pulumi.IntPtrOutput

Port to run the server on.

func (ServerOutput) Protocol 

func (o ServerOutput) Protocol() pulumi.StringPtrOutput

indicates the protocol to use when connecting with the remote endpoint.

func (ServerOutput) RedirectGateway 

func (o ServerOutput) RedirectGateway() pulumi.StringPtrOutput

Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works similarly to the def1 flag, that is, more specific IPv6 routes are added (2000::/4 and 3000::/4), covering the whole IPv6 unicast space.

func (ServerOutput) RenegSec 

func (o ServerOutput) RenegSec() pulumi.IntPtrOutput

Renegotiate data channel key after n seconds (default=3600).

func (ServerOutput) RequireClientCertificate 

func (o ServerOutput) RequireClientCertificate() pulumi.BoolPtrOutput

If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain.

func (ServerOutput) TlsVersion 

func (o ServerOutput) TlsVersion() pulumi.StringPtrOutput

Specifies which TLS versions to allow.

func (ServerOutput) ToServerOutput 

func (o ServerOutput) ToServerOutput() ServerOutput

func (ServerOutput) ToServerOutputWithContext 

func (o ServerOutput) ToServerOutputWithContext(ctx context.Context) ServerOutput

func (ServerOutput) TunServerIpv6 

func (o ServerOutput) TunServerIpv6() pulumi.StringPtrOutput

IPv6 prefix address which will be used when generating the OVPN interface on the server side.

type ServerState 

type ServerState struct {

	// Authentication methods that the server will accept.
	Auth pulumi.StringPtrInput
	// Name of the certificate that the OVPN server will use.
	Certificate pulumi.StringPtrInput
	// Allowed ciphers.
	Cipher pulumi.StringPtrInput
	// Default profile to use.
	DefaultProfile pulumi.StringPtrInput
	// Specifies if IPv6 IP tunneling mode should be possible with this OVPN server.
	EnableTunIpv6 pulumi.BoolPtrInput
	// Defines whether the OVPN server is enabled or not.
	Enabled pulumi.BoolPtrInput
	// Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side.
	Ipv6PrefixLen pulumi.IntPtrInput
	// Defines  the time period (in seconds) after which the router is starting to send  keepalive packets every second. If no traffic and no keepalive  responses have come for that period of time (i.e. 2 *  keepalive-timeout), not responding client is proclaimed disconnected
	KeepaliveTimeout pulumi.StringPtrInput
	// Automatically generated MAC address of the server.
	MacAddress pulumi.StringPtrInput
	// Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation.
	MaxMtu pulumi.IntPtrInput
	// Layer3 or layer2 tunnel mode (alternatively tun, tap)
	Mode pulumi.StringPtrInput
	// Subnet mask to be applied to the client.
	Netmask pulumi.IntPtrInput
	// Port to run the server on.
	Port pulumi.IntPtrInput
	// indicates the protocol to use when connecting with the remote endpoint.
	Protocol pulumi.StringPtrInput
	// Specifies what kind of routes the OVPN client must add to the routing table. def1 – Use this flag to override the default gateway by using 0.0.0.0/1 and  128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding  but not wiping out the original default gateway. disabled - Do not send redirect-gateway flags to the OVPN client. ipv6 - Redirect IPv6 routing into the tunnel on the client side. This works  similarly to the def1 flag, that is, more specific IPv6 routes are added  (2000::/4 and 3000::/4), covering the whole IPv6 unicast space.
	RedirectGateway pulumi.StringPtrInput
	// Renegotiate data channel key after n seconds (default=3600).
	RenegSec pulumi.IntPtrInput
	// If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain.
	RequireClientCertificate pulumi.BoolPtrInput
	// Specifies which TLS versions to allow.
	TlsVersion pulumi.StringPtrInput
	// IPv6 prefix address which will be used when generating the OVPN interface on the server side.
	TunServerIpv6 pulumi.StringPtrInput
	// contains filtered or unexported fields
}

func (ServerState) ElementType 

func (ServerState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.