make sure required x509 bits are there before stunnel is started

Change-Id: I772c3b6e489e3c1848c45c6bcaa240324fc88928

2 files changed, 10 insertions, 2 deletions

diff --git a/puppet/modules/site_stunnel/manifests/client.pp b/puppet/modules/site_stunnel/manifests/client.pp
index c9e034f1..de9febd4 100644
--- a/puppet/modules/site_stunnel/manifests/client.pp
+++ b/puppet/modules/site_stunnel/manifests/client.pp
@@ -39,7 +39,11 @@ define site_stunnel::client (
     debuglevel => $debuglevel,
     sslversion => 'TLSv1',
     syslog     => 'no',
-    output     => $logfile;
+    output     => $logfile,
+    require    => [
+                   Class['Site_config::X509::Key'],
+                   Class['Site_config::X509::Cert'],
+                   Class['Site_config::X509::Ca'] ];
   }
 
   # define the log files so that we can purge the
diff --git a/puppet/modules/site_stunnel/manifests/servers.pp b/puppet/modules/site_stunnel/manifests/servers.pp
index e76d1e9d..3dc5dce6 100644
--- a/puppet/modules/site_stunnel/manifests/servers.pp
+++ b/puppet/modules/site_stunnel/manifests/servers.pp
@@ -39,7 +39,11 @@ define site_stunnel::servers (
     debuglevel => $debuglevel,
     sslversion => 'TLSv1',
     syslog     => 'no',
-    output     => $logfile;
+    output     => $logfile,
+    require    => [
+                   Class['Site_config::X509::Key'],
+                   Class['Site_config::X509::Cert'],
+                   Class['Site_config::X509::Ca'] ];
   }
 
   # allow incoming connections on $accept_port