From 6eacb8e10c9a3141b1ddc534a7fba41444b8fcd5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iwan=20Cl=C3=A9ment?= <iwan@fedg70.ivanclement.maison>
Date: Fri, 3 May 2019 17:04:02 +0200
Subject: [PATCH] =?UTF-8?q?En=20r=C3=A9daction?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 softwares/secure_tunnel.sls     | 10 +++++++++-
 templates/secure-tunnel.service | 11 ++++-------
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/softwares/secure_tunnel.sls b/softwares/secure_tunnel.sls
index be2a410..a3ca1fe 100644
--- a/softwares/secure_tunnel.sls
+++ b/softwares/secure_tunnel.sls
@@ -19,6 +19,14 @@ secure_tunnel_systemd_file:
     - name: /etc/systemd/system/secure-tunnel.service
     - user: root
     - group: root
+    - template: jinja
+
+secure_tunnel_default_file:
+  file.managed:
+    - source: salt://templates/secure-tunnel.dft
+    - name: /etc/default/secure-tunnel
+    - user: root
+    - group: root
+    - template: jinja
 
-    
 {% endif %}
\ No newline at end of file
diff --git a/templates/secure-tunnel.service b/templates/secure-tunnel.service
index 4077b34..40fe3db 100644
--- a/templates/secure-tunnel.service
+++ b/templates/secure-tunnel.service
@@ -1,15 +1,12 @@
 # Must be sent to /etc/systemd/system
 [Unit]
-Description=Setup a secure tunnel to %I
+Description=Setup a secure tunnel to {{ANS_ADDR_TARGET}}
 After=network.target
 
 [Service]
-User=ansusr
-Environment="LOCAL_ADDR=localhost"
-EnvironmentFile=/etc/default/secure-tunnel@%i
-#ExecStart=/usr/bin/ssh -NT -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -R ${LOCAL_ADDR}:${LOCAL_PORT}:localhost:${REMOTE_PORT} ${TARGET}
-#ExecStart=/usr/bin/ssh -p ${REMOTE_PORT} -NT -o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -R ${RTARGET_PORT}:localhost:22 ${TARGET}
-ExecStart=/usr/bin/ssh -p ${REMOTE_PORT} -NT -o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -R ${RTARGET_PORT}:localhost:22 ${TARGET}
+User=${ANS_TARGET_USER}
+EnvironmentFile=/etc/default/secure-tunnel
+ExecStart=/usr/bin/ssh -p ${REMOTE_PORT} -NT -o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -R ${RTARGET_PORT}:localhost:22 ${ANS_TARGET_USER}@${TARGET}
 
 # Restart every >2 seconds to avoid StartLimitInterval failure
 RestartSec=5