From 9b52954ccd0b7ee337cf949fafa34934ab4942a5 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Tue, 16 Nov 2021 22:43:53 +0100
Subject: add simple support for remote subnet routes

---
 roles/network/openvpn/server/templates/client.j2 | 1 -
 roles/network/openvpn/server/templates/conf.j2   | 7 +++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

(limited to 'roles/network/openvpn/server')

diff --git a/roles/network/openvpn/server/templates/client.j2 b/roles/network/openvpn/server/templates/client.j2
index c6cd6c8d..0a0faf5f 100644
--- a/roles/network/openvpn/server/templates/client.j2
+++ b/roles/network/openvpn/server/templates/client.j2
@@ -1,5 +1,4 @@
 ifconfig-push {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[client]) | ipaddr('address') }} {{ openvpn_zone.subnet | ipaddr('netmask') }}
 {% for route in (openvpn_zone.routes[client] | default([])) %}
 iroute {{ route | ipaddr('network') }} {{ route | ipaddr('netmask') }}
-{# TODO: install route locally... #}
 {% endfor %}
diff --git a/roles/network/openvpn/server/templates/conf.j2 b/roles/network/openvpn/server/templates/conf.j2
index b00d7ec7..7bfff141 100644
--- a/roles/network/openvpn/server/templates/conf.j2
+++ b/roles/network/openvpn/server/templates/conf.j2
@@ -23,3 +23,10 @@ ifconfig {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[inventory_hostname
 push "topology subnet"
 client-config-dir {{ openvpn_zone.name }}-ccd/
 ccd-exclusive
+{% for client, routes in (openvpn_zone.routes | default({})).items() %}
+
+## static routes for client {{ client }}
+{%   for route in routes %}
+route {{ route | ipaddr('network') }} {{ route | ipaddr('netmask') }} {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[client]) | ipaddr('address') }}
+{%   endfor %}
+{% endfor %}
-- 
cgit v1.2.3