From 148f0ae2c87e9c8a8d49fd9d235eb2ded5663319 Mon Sep 17 00:00:00 2001
From: Alexander Weidinger <aw@sz9i.net>
Date: Sat, 12 Feb 2022 02:44:33 +0100
Subject: [PATCH 1/2] fix(freebsd): make kernel module name configurable

With FreeBSD 13 if_tap was merged into if_tuntap.
https://reviews.freebsd.org/D20044
---
 openvpn/general_config.sls                | 5 ++++-
 openvpn/parameters/os_family/FreeBSD.yaml | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/openvpn/general_config.sls b/openvpn/general_config.sls
index 9b43c83..f65ea2b 100644
--- a/openvpn/general_config.sls
+++ b/openvpn/general_config.sls
@@ -42,8 +42,11 @@ openvpn_config_dir:
 {%- if grains.os_family == 'FreeBSD' %}
 openvpn_kldload_if_tap:
   kmod.present:
-    - name: if_tap
+    - name: {{ map.kernel_module_name }}
     - persist: True
+    - unless:
+      # In case the kernel has the module compiled in, we skip this state.
+      - sh -c "kldstat -v | grep --quiet --extended-regexp '^\s+[0-9]+ {{ map.kernel_module_name }}$'"
     - require_in:
       - sls: openvpn.config
 {%- endif %}
diff --git a/openvpn/parameters/os_family/FreeBSD.yaml b/openvpn/parameters/os_family/FreeBSD.yaml
index 8ed7381..8fa57b4 100644
--- a/openvpn/parameters/os_family/FreeBSD.yaml
+++ b/openvpn/parameters/os_family/FreeBSD.yaml
@@ -16,4 +16,5 @@ values:
   user: openvpn
   manage_user: false
   manage_group: false
+  kernel_module_name: if_tap
 ...

From 9f908c2f0b7ba626b5785c8d7efac73de2bf2b8a Mon Sep 17 00:00:00 2001
From: Alexander Weidinger <aw@sz9i.net>
Date: Tue, 2 Jan 2024 22:01:02 +0100
Subject: [PATCH 2/2] fix(dhparams): make sure the config dir exists

---
 openvpn/dhparams.sls | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/openvpn/dhparams.sls b/openvpn/dhparams.sls
index 54aa14c..784a66b 100644
--- a/openvpn/dhparams.sls
+++ b/openvpn/dhparams.sls
@@ -5,6 +5,12 @@
   {#- Some distributions use /etc/openvpn/{client,server} as their working directory #}
   {%- set config_dir = map.get("server", {}).get("conf_dir", map.conf_dir) %}
   {%- for dh in map.dh_files %}
+    {%- if loop.first %}
+openvpn_dh_config_dir:
+  file.directory:
+    - name: {{ config_dir }}
+    - makedirs: True
+    {%- endif %}
     {%- set dh_file = config_dir ~ "/dh" ~ dh ~ ".pem" %}
 openvpn_create_dh_{{ dh }}:
   cmd.run: