diff options
Diffstat (limited to 'data/templates/ipsec/ipsec.secrets.tmpl')
-rw-r--r-- | data/templates/ipsec/ipsec.secrets.tmpl | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/data/templates/ipsec/ipsec.secrets.tmpl b/data/templates/ipsec/ipsec.secrets.tmpl index 0d2654abc..43b5fe0d2 100644 --- a/data/templates/ipsec/ipsec.secrets.tmpl +++ b/data/templates/ipsec/ipsec.secrets.tmpl @@ -1,24 +1,5 @@ # Created by VyOS - manual changes will be overwritten -{% if site_to_site is defined and "peer" in site_to_site %} -{% set ns = namespace(local_key_set=False) %} -{% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %} -{% if peer_conf.authentication.mode == 'pre-shared-secret' %} -{{ (peer_conf.local_address if "local_address" in peer_conf else "%any") ~ - (" " ~ peer) ~ - ((" " ~ peer_conf.authentication.id) if "id" in peer_conf.authentication else "") ~ - ((" " ~ peer_conf.authentication.remote_id) if "remote_id" in peer_conf.authentication else "") -}} : PSK "{{ peer_conf.authentication.pre_shared_secret }}" # dhcp:{{ peer_conf.dhcp_interface if 'dhcp_interface' in peer_conf else 'no' }} -{% elif peer_conf.authentication.mode == 'x509' %} -{% set key_file = peer_conf.authentication.x509.key.file %} -: RSA {{ key_file if key_file.startswith(x509_path) else (x509_path + key_file) }}{% if "password" in peer_conf.authentication.x509.key and peer_conf.authentication.x509.key.password %} "{{ peer_conf.authentication.x509.key.password}}"{% endif %} -{% elif peer_conf.authentication.mode == 'rsa' and not ns.local_key_set %} -{% set ns.local_key_set = True %} -: RSA {{ rsa_local_key }} -{% endif %} -{% endfor %} -{% endif %} - {% if include_ipsec_secrets is defined %} include {{ include_ipsec_secrets }} {% endif %} |