Add scripts with server

Add tests

Co-Authored-By: Tim Meusel <[email protected]>

Author: yakatz

manifests/server.pp

@@ -95,6 +95,7 @@
 # @param remote_cert_tls Enable or disable use of remote-cert-tls for the session. Generally used with client configuration
 # @param nobind Whether or not to bind to a specific port number.#
 # @param secret A pre-shared static key.
+# @param scripts Hash of scripts to copy with this instance.
 # @param custom_options Hash of additional options to append to the configuration file.
 #
 # @example install
@@ -218,6 +219,7 @@
   Boolean $remote_cert_tls                                          = false,
   Boolean $nobind                                                   = false,
   Optional[String] $secret                                          = undef,
+  Hash[String, Hash] $scripts                                       = {},
   Hash $custom_options                                              = {},
 ) {
 
@@ -294,6 +296,12 @@
     mode   => '0750',
     notify => $lnotify,
   }
+  file {
+    [ "${etc_directory}/openvpn/${name}/scripts", ]:
+      ensure  => directory,
+      mode    => '0750',
+      recurse => true,
+  }
   if $shared_ca {
     ensure_resource(file, "${etc_directory}/openvpn/${ca_name}", {
       ensure => directory,
@@ -432,6 +440,12 @@
     notify  => $lnotify,
   }
 
+  $scripts.each |String $scriptname, Hash $properties| {
+    file { "${etc_directory}/openvpn/${name}/scripts/${scriptname}":
+      * => $properties,
+    }
+  }
+
   if $ldap_enabled == true {
     file {
       "${etc_directory}/openvpn/${name}/auth/ldap.conf":

spec/defines/openvpn_server_spec.rb

@@ -614,6 +614,25 @@
           it { is_expected.to contain_file('/etc/openvpn/test_server/keys/pre-shared.secret').with(ensure: 'absent') }
         end
 
+        context 'when pushing scripts' do
+          let(:params) do
+            {
+              'country'       => 'CO',
+              'province'      => 'ST',
+              'city'          => 'Some City',
+              'organization'  => 'example.org',
+              'email'         => '[email protected]',
+              'scripts'       => {
+                'add-tap-to-bridge.sh' => {
+                  'ensure' => 'present'
+                }
+              }
+            }
+          end
+
+          it { is_expected.to contain_file('/etc/openvpn/test_server/scripts/add-tap-to-bridge.sh').with(ensure: 'present') }
+        end
+
         case facts[:os]['family']
         when %r{FreeBSD}
           context 'when FreeBSD based machine' do
@@ -662,6 +681,10 @@
               is_expected.to contain_file('/etc/openvpn/test_server/auth').
                 with(ensure: 'directory', mode: '0750', recurse: true, group: 'nogroup')
             }
+            it {
+              is_expected.to contain_file('/etc/openvpn/test_server/scripts').
+                with(ensure: 'directory', mode: '0750', recurse: true, group: 'nogroup')
+            }
 
             # VPN server config file itself
 
@@ -698,6 +721,10 @@
               is_expected.to contain_file('/etc/openvpn/test_server/auth').
                 with(ensure: 'directory', mode: '0750', recurse: true, group: 'nogroup')
             }
+            it {
+              is_expected.to contain_file('/etc/openvpn/test_server/scripts').
+                with(ensure: 'directory', mode: '0750', recurse: true, group: 'nogroup')
+            }
 
             # VPN server config file itself
 
@@ -902,6 +929,10 @@
               is_expected.to contain_file('/etc/openvpn/test_server/auth').
                 with(ensure: 'directory', mode: '0750', recurse: true, group: 'nobody')
             }
+            it {
+              is_expected.to contain_file('/etc/openvpn/test_server/scripts').
+                with(ensure: 'directory', mode: '0750', recurse: true, group: 'nobody')
+            }
 
             # VPN server config file itself