# Yeah, it's very insecure, but sometimes it's the only
# thing a system provides :(
class nodo::subsystem::vpn::pptp(
  $chap_secrets = '',
) {
  include nodo::utils::network::pptp

  # Secrets
  # Example content:
  #
  # #Secrets for authentication using CHAP
  # #client        server         secret                  IP addresses
  # user           remoteserver   password                *
  file { '/etc/ppp/chap-secrets':
    ensure  => present,
    owner   => root,
    group   => root,
    mode    => '0600',
    content => $chap_secrets,
    require => Package['pptp-linux'],
  }
 
  # Custom peers
  # Example content:
  #
  # pty "pptp vpn.example.org --nolaunchpppd"
  # name user
  # remotename remoteserver
  # require-mppe-128
  # file /etc/ppp/options.pptp
  file { '/etc/ppp/peers/custom':
    ensure  => present,
    owner   => root,
    group   => dip,
    mode    => '0660',
    source  => 'puppet:///modules/site_nodo/etc/ppp/peers/custom',
    require => Package['pptp-linux'],
  }
}