Hi list, I am in the process of writing a module to manage strongSwan, an IKE keying daemon for IPsec VPNs on Linux [1]. The strongSwan daemon's (charon) configuration file is basically formatted like a hash, with sections containing key-value pairs that may themselves contain further sections [2]. Sections may also be empty. I don't think there is a maximum depth defined.
It seems to me that this kind of configuration file format is easily
modelled as a Puppet/Ruby hash, so now I am wondering how I can go about
rendering the configuration file from such a hash.
Is it feasibly to use an ERB template for this? You may notice that I am
(still) not much of a Ruby guy and I don't want to reinvent any wheels,
so I am asking: what are my options?
Can ERB templates in Puppet be used to render hashes of arbitrary depth?
Or should I look to something else? Can this even be done?
I'd appreciate any and all pointers and ideas.
Here is an example hash that I would supply as a parameter to my
strongswan class:
charon_config => {
ikesa_limit => '0',
install_virtual_ip => 'yes',
keep_alive => '20s',
host_resolver => {
max_threads => '3'
},
processor => {
priority_threads => {
high => '1',
medium => '4'
}
},
tls => {},
x509 => {}
}
This should result in the following configuration file content (sorting
the keys is only of secondary concern):
charon {
ikesa_limit = 0
install_virtual_ip = yes
keep_alive = 20s
host_resolver {
max_threads = 3
}
processor {
priority_threads {
high = 1
medium = 4
}
}
tls {
}
x509 {
}
}
Thanks in advance,
Andreas
[1] http://www.strongswan.org/
[2] http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf
signature.asc
Description: OpenPGP digital signature
