add simple support for remote subnet routes

author: Christian Pointner <equinox@spreadspace.org> 2021-11-16 22:43:53 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2021-11-16 22:43:53 +0100
commit: 9b52954ccd0b7ee337cf949fafa34934ab4942a5 (patch)
tree: a7063619b365494587f9774ea00881cc1078b353 /roles/network/openvpn/server/templates/conf.j2
parent: openvpn: initial support for server/client (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/roles/network/openvpn/server/templates/conf.j2 b/roles/network/openvpn/server/templates/conf.j2
index b00d7ec7..7bfff141 100644
--- a/roles/network/openvpn/server/templates/conf.j2
+++ b/roles/network/openvpn/server/templates/conf.j2
@@ -23,3 +23,10 @@ ifconfig {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[inventory_hostname
 push "topology subnet"
 client-config-dir {{ openvpn_zone.name }}-ccd/
 ccd-exclusive
+{% for client, routes in (openvpn_zone.routes | default({})).items() %}
+
+## static routes for client {{ client }}
+{%   for route in routes %}
+route {{ route | ipaddr('network') }} {{ route | ipaddr('netmask') }} {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[client]) | ipaddr('address') }}
+{%   endfor %}
+{% endfor %}
author	Christian Pointner <equinox@spreadspace.org>	2021-11-16 22:43:53 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2021-11-16 22:43:53 +0100
commit	9b52954ccd0b7ee337cf949fafa34934ab4942a5 (patch)
tree	a7063619b365494587f9774ea00881cc1078b353 /roles/network/openvpn/server/templates/conf.j2
parent	openvpn: initial support for server/client (diff)