server: Support multiple "local" options

Starting with OpenVPN 2.7 "local" can be specified
multiple times (with differing addresses/ports/protocols).

Signed-off-by: Frank Lichtenheld <[email protected]>

Author: flichtenheld

REFERENCE.md

@@ -1188,9 +1188,9 @@ Default value: `false`
 
 ##### <a name="-openvpn--server--local"></a>`local`
 
-Data type: `String`
+Data type: `Variant[String, Array[String]]`
 
-Interface for openvpn to bind to.
+Interface(s) for openvpn to bind to. To use the array form you need OpenVPN 2.7 or newer.
 
 Default value: `$facts['networking']['ip']`
 

manifests/server.pp

@@ -17,7 +17,7 @@
 # @param group User to drop privileges to after startup
 # @param ipp Persist ifconfig information to a file to retain client IP addresses between sessions
 # @param duplicate_cn Allow multiple connections on one cn
-# @param local Interface for openvpn to bind to.
+# @param local Interface(s) for openvpn to bind to. To use the array form you need OpenVPN 2.7 or newer.
 # @param logfile Logfile for this openvpn server
 # @param manage_logfile_directory Manage the directory that the logfile is located in
 # @param logdirectory_user The owner user of the logfile directory
@@ -163,7 +163,7 @@
   Optional[String] $group                                           = undef,
   Boolean $ipp                                                      = false,
   Boolean $duplicate_cn                                             = false,
-  String $local                                                     = $facts['networking']['ip'],
+  Variant[String, Array[String]] $local                             = $facts['networking']['ip'],
   Variant[Boolean, String] $logfile                                 = false,
   Boolean $manage_logfile_directory                                 = false,
   String[1] $logdirectory_user                                      = 'nobody',

spec/defines/openvpn_server_spec.rb

@@ -201,6 +201,40 @@
         it { is_expected.to contain_file("#{server_directory}/test_server.conf").with_content(%r{^rcvbuf\s+393215$}) }
       end
 
+      context 'with empty local' do
+        let(:params) do
+          {
+            'country' => 'CO',
+            'province' => 'ST',
+            'city' => 'Some City',
+            'organization' => 'example.org',
+            'email' => '[email protected]',
+            'local' => '',
+          }
+        end
+
+        it { is_expected.to contain_file("#{server_directory}/test_server.conf").
+                              without_content(%r{^local}) }
+      end
+
+      context 'with array local' do
+        let(:params) do
+          {
+            'country' => 'CO',
+            'province' => 'ST',
+            'city' => 'Some City',
+            'organization' => 'example.org',
+            'email' => '[email protected]',
+            'local' => ['1.2.3.4 1194 udp4', '1111::2:3:4 1194 udp6'],
+          }
+        end
+
+        it { is_expected.to contain_file("#{server_directory}/test_server.conf").
+                              with_content(%r{^local\s+1\.2\.3\.4 1194 udp4}).
+                              with_content(%r{^local\s+1111::2:3:4 1194 udp6}) }
+      end
+
+
       %w[udp tcp udp4 tcp4 udp6 tcp6].each do |proto|
         context "with proto=#{proto}" do
           let(:params) do

templates/server.erb

@@ -88,8 +88,11 @@ status <%= @status_log %>
 status-version <%= @status_version %>
 <% end -%>
 dev <%= @dev %>
-<% if @local != '' -%>
-local <%= @local %>
+<% @local = [@local] unless @local.kind_of?(Array) -%>
+<% @local.each do |item| -%>
+<% if item != '' -%>
+local <%= item %>
+<% end -%>
 <% end -%>
 <% if @ipp -%>
 ifconfig-pool-persist <%= @name %>/vpn-ipp.txt