3 files changed, 10 insertions, 1 deletions

diff --git a/inventory/group_vars/ovpnzone-test/vars.yml b/inventory/group_vars/ovpnzone-test/vars.yml
index 31ef535b..bea7fa1a 100644
--- a/inventory/group_vars/ovpnzone-test/vars.yml
+++ b/inventory/group_vars/ovpnzone-test/vars.yml
@@ -8,3 +8,6 @@ openvpn_zone:
   offsets:
     sk-testvm: 1
     ch-testvm-prometheus: 61
+  routes:
+    ch-testvm-prometheus:
+    - 192.168.32.0/24
diff --git a/roles/network/openvpn/server/templates/client.j2 b/roles/network/openvpn/server/templates/client.j2
index c6cd6c8d..0a0faf5f 100644
--- a/roles/network/openvpn/server/templates/client.j2
+++ b/roles/network/openvpn/server/templates/client.j2
@@ -1,5 +1,4 @@
 ifconfig-push {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[client]) | ipaddr('address') }} {{ openvpn_zone.subnet | ipaddr('netmask') }}
 {% for route in (openvpn_zone.routes[client] | default([])) %}
 iroute {{ route | ipaddr('network') }} {{ route | ipaddr('netmask') }}
-{# TODO: install route locally... #}
 {% endfor %}
diff --git a/roles/network/openvpn/server/templates/conf.j2 b/roles/network/openvpn/server/templates/conf.j2
index b00d7ec7..7bfff141 100644
--- a/roles/network/openvpn/server/templates/conf.j2
+++ b/roles/network/openvpn/server/templates/conf.j2
@@ -23,3 +23,10 @@ ifconfig {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[inventory_hostname
 push "topology subnet"
 client-config-dir {{ openvpn_zone.name }}-ccd/
 ccd-exclusive
+{% for client, routes in (openvpn_zone.routes | default({})).items() %}
+
+## static routes for client {{ client }}
+{%   for route in routes %}
+route {{ route | ipaddr('network') }} {{ route | ipaddr('netmask') }} {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[client]) | ipaddr('address') }}
+{%   endfor %}
+{% endfor %}