summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-06-20 14:34:53 -0700
committerelijah <elijah@riseup.net>2014-06-25 18:17:31 -0700
commitbc42e9bd3a86bb858ef853cf333242c81874209b (patch)
tree023baebd5c1f700b14e8cd586c45741995c70fe4 /puppet/modules
parenta8f6415b0869018fd8d4ac947814529e8e85ace2 (diff)
stunnel: make site_mx and site_webapp use new site_stunnel
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/site_mx/manifests/couchdb.pp23
-rw-r--r--puppet/modules/site_mx/manifests/init.pp2
-rw-r--r--puppet/modules/site_shorewall/manifests/stunnel/server.pp2
-rw-r--r--puppet/modules/site_stunnel/manifests/clients.pp3
-rw-r--r--puppet/modules/site_stunnel/manifests/servers.pp3
-rw-r--r--puppet/modules/site_webapp/manifests/couchdb.pp14
6 files changed, 2 insertions, 45 deletions
diff --git a/puppet/modules/site_mx/manifests/couchdb.pp b/puppet/modules/site_mx/manifests/couchdb.pp
deleted file mode 100644
index b1f3bd02..00000000
--- a/puppet/modules/site_mx/manifests/couchdb.pp
+++ /dev/null
@@ -1,23 +0,0 @@
-class site_mx::couchdb {
-
- $stunnel = hiera('stunnel')
- $couch_client = $stunnel['couch_client']
- $couch_client_connect = $couch_client['connect']
-
- include x509::variables
- $ca_path = "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt"
- $cert_path = "${x509::variables::certs}/${site_config::params::cert_name}.crt"
- $key_path = "${x509::variables::keys}/${site_config::params::cert_name}.key"
-
- include site_stunnel
-
- $couchdb_stunnel_client_defaults = {
- 'connect_port' => $couch_client_connect,
- 'client' => true,
- 'cafile' => $ca_path,
- 'key' => $key_path,
- 'cert' => $cert_path,
- }
-
- create_resources(site_stunnel::clients, $couch_client, $couchdb_stunnel_client_defaults)
-}
diff --git a/puppet/modules/site_mx/manifests/init.pp b/puppet/modules/site_mx/manifests/init.pp
index c3d38a46..91014ed6 100644
--- a/puppet/modules/site_mx/manifests/init.pp
+++ b/puppet/modules/site_mx/manifests/init.pp
@@ -8,12 +8,12 @@ class site_mx {
include site_config::x509::client_ca::ca
include site_config::x509::client_ca::key
+ include site_stunnel
include site_postfix::mx
include site_haproxy
include site_shorewall::mx
include site_shorewall::service::smtp
- include site_mx::couchdb
include leap_mx
include site_check_mk::agent::mx
}
diff --git a/puppet/modules/site_shorewall/manifests/stunnel/server.pp b/puppet/modules/site_shorewall/manifests/stunnel/server.pp
index db3ecd3e..798cd631 100644
--- a/puppet/modules/site_shorewall/manifests/stunnel/server.pp
+++ b/puppet/modules/site_shorewall/manifests/stunnel/server.pp
@@ -12,7 +12,7 @@ define site_shorewall::stunnel::server($port) {
require => Package['shorewall']
}
shorewall::rule {
- 'net2fw-couchdb':
+ "net2fw-stunnel-server-${name}":
source => 'net',
destination => '$FW',
action => "stunnel_server_${name}(ACCEPT)",
diff --git a/puppet/modules/site_stunnel/manifests/clients.pp b/puppet/modules/site_stunnel/manifests/clients.pp
index 44b31aaa..c0958b5f 100644
--- a/puppet/modules/site_stunnel/manifests/clients.pp
+++ b/puppet/modules/site_stunnel/manifests/clients.pp
@@ -1,7 +1,4 @@
#
-# usage:
-# create_resource(site_stunnel::clients, hiera('stunnel')['clients'])
-#
# example hiera yaml:
#
# stunnel:
diff --git a/puppet/modules/site_stunnel/manifests/servers.pp b/puppet/modules/site_stunnel/manifests/servers.pp
index 4419923f..b1da5c59 100644
--- a/puppet/modules/site_stunnel/manifests/servers.pp
+++ b/puppet/modules/site_stunnel/manifests/servers.pp
@@ -1,7 +1,4 @@
#
-# usage:
-# create_resource(site_stunnel::servers, hiera('stunnel')['servers'])
-#
# example hiera yaml:
#
# stunnel:
diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp
index ff743fba..3ae4d266 100644
--- a/puppet/modules/site_webapp/manifests/couchdb.pp
+++ b/puppet/modules/site_webapp/manifests/couchdb.pp
@@ -7,10 +7,6 @@ class site_webapp::couchdb {
$couchdb_webapp_user = $webapp['couchdb_webapp_user']['username']
$couchdb_webapp_password = $webapp['couchdb_webapp_user']['password']
- $stunnel = hiera('stunnel')
- $couch_client = $stunnel['couch_client']
- $couch_client_connect = $couch_client['connect']
-
include x509::variables
file {
@@ -37,14 +33,4 @@ class site_webapp::couchdb {
}
include site_stunnel
-
- $couchdb_stunnel_client_defaults = {
- 'connect_port' => $couch_client_connect,
- 'client' => true,
- 'cafile' => "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt",
- 'key' => "${x509::variables::keys}/${site_config::params::cert_name}.key",
- 'cert' => "${x509::variables::certs}/${site_config::params::cert_name}.crt",
- }
-
- create_resources(site_stunnel::clients, $couch_client, $couchdb_stunnel_client_defaults)
}