From 9b52954ccd0b7ee337cf949fafa34934ab4942a5 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Tue, 16 Nov 2021 22:43:53 +0100
Subject: add simple support for remote subnet routes

---
 roles/network/openvpn/server/templates/conf.j2 | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'roles/network/openvpn/server/templates/conf.j2')

diff --git a/roles/network/openvpn/server/templates/conf.j2 b/roles/network/openvpn/server/templates/conf.j2
index b00d7ec7..7bfff141 100644
--- a/roles/network/openvpn/server/templates/conf.j2
+++ b/roles/network/openvpn/server/templates/conf.j2
@@ -23,3 +23,10 @@ ifconfig {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[inventory_hostname
 push "topology subnet"
 client-config-dir {{ openvpn_zone.name }}-ccd/
 ccd-exclusive
+{% for client, routes in (openvpn_zone.routes | default({})).items() %}
+
+## static routes for client {{ client }}
+{%   for route in routes %}
+route {{ route | ipaddr('network') }} {{ route | ipaddr('netmask') }} {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[client]) | ipaddr('address') }}
+{%   endfor %}
+{% endfor %}
-- 
cgit v1.2.3