Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


openvpn (48) Versions 0.7.0

Installs and configures openvpn and includes rake tasks for managing certs.

cookbook 'openvpn', '= 0.7.0', :supermarket
cookbook 'openvpn', '= 0.7.0'
knife supermarket install openvpn
knife supermarket download openvpn
Quality -%
= DESCRIPTION: Installs OpenVPN and sets up a fairly basic configuration. Since OpenVPN is very complex, we provide a baseline, but your site will need probably need to customize. = REQUIREMENTS: == Platform: Tested on Ubuntu 8.10, but should work anywhere that has a package for OpenVPN. == Cookbooks: No other cookbooks are required. = ATTRIBUTES: These attributes are set by the cookbook by default. * openvpn[:local] - IP to listen on, defaults to node[:ipaddress] * openvpn[:proto] - Valid values are 'udp' or 'tcp', defaults to 'udp'. * openvpn[:type] - Valid values are 'server' or 'server-bridge'. Default is 'server' and it will create a routed IP tunnel, and use the 'tun' device. 'server-bridge' will create an ethernet bridge and requires a tap0 device bridged with the ethernet interface, and is beyond the scope of the cookbook at this time. * openvpn[:subnet] - Used for server mode to configure a VPN subnet to draw client addresses. Default is, which is what the sample OpenVPN config package uses. * openvpn[:netmask] - Netmask for the subnet, default is = USAGE: OpenVPN uses SSL certificates for authentication. We provide a Rakefile to make it easier to set everything up. The rake tasks need to be run before deploying the cookbook so the configured server has the proper certificate files. These tasks wrap around the easy-rsa scripts provided with OpenVPN. Be sure to edit the 'vars' file, files/default/easy-rsa/vars, to set site-specific SSL certificate parameters. This cookbook also provides an 'up' script that runs when OpenVPN is started. This script is for setting up firewall rules and kernel networking parameters as needed for your environment. For example, you'll probably want to enable IP forwarding (sample Linux setting is commented out). == Server: Use the rake task from the easy-rsa directory in this cookbook. cd files/default/easy-rsa . vars rake server This will create the certificates in files/default/keys. == Client: For security reasons, certificates should be generated on a per-user basis. The client task requires two variables, the username and the VPN gateway hostname. cd files/default/easy-rsa . vars rake client name="username" gateway="" This will create a ZIP file, /tmp/"username".zip. This file should be sent to the user and removed from the server where generated. = LICENSE and AUTHOR: Author:: Joshua Timberman (<>) Copyright:: 2009, Opscode, Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

No quality metric results found