diff options
Diffstat (limited to 'puppet/modules/site_stunnel')
-rw-r--r-- | puppet/modules/site_stunnel/manifests/init.pp | 4 | ||||
-rw-r--r-- | puppet/modules/site_stunnel/manifests/override_service.pp | 5 | ||||
-rw-r--r-- | puppet/modules/site_stunnel/manifests/servers.pp | 6 |
3 files changed, 12 insertions, 3 deletions
diff --git a/puppet/modules/site_stunnel/manifests/init.pp b/puppet/modules/site_stunnel/manifests/init.pp index d919a072..a874721f 100644 --- a/puppet/modules/site_stunnel/manifests/init.pp +++ b/puppet/modules/site_stunnel/manifests/init.pp @@ -36,8 +36,8 @@ class site_stunnel { # the default is to keep 356 log files for each stunnel. # here we set a more reasonable number. augeas { - "logrotate_stunnel": - context => "/files/etc/logrotate.d/stunnel4/rule", + 'logrotate_stunnel': + context => '/files/etc/logrotate.d/stunnel4/rule', changes => [ 'set rotate 5', ] diff --git a/puppet/modules/site_stunnel/manifests/override_service.pp b/puppet/modules/site_stunnel/manifests/override_service.pp index 96187048..435b9aa0 100644 --- a/puppet/modules/site_stunnel/manifests/override_service.pp +++ b/puppet/modules/site_stunnel/manifests/override_service.pp @@ -1,4 +1,9 @@ +# override stunnel::debian defaults +# +# ignore puppet lint error about inheriting from different namespace +# lint:ignore:inherits_across_namespaces class site_stunnel::override_service inherits stunnel::debian { +# lint:endignore include site_config::x509::cert include site_config::x509::key diff --git a/puppet/modules/site_stunnel/manifests/servers.pp b/puppet/modules/site_stunnel/manifests/servers.pp index b6fac319..e76d1e9d 100644 --- a/puppet/modules/site_stunnel/manifests/servers.pp +++ b/puppet/modules/site_stunnel/manifests/servers.pp @@ -16,6 +16,8 @@ define site_stunnel::servers ( $rndfile = '/var/lib/stunnel4/.rnd', $debuglevel = '4' ) { + $logfile = "/var/log/stunnel4/${name}.log" + include site_config::x509::cert include site_config::x509::key include site_config::x509::ca @@ -35,7 +37,9 @@ define site_stunnel::servers ( pid => "/var/run/stunnel4/${pid}.pid", rndfile => '/var/lib/stunnel4/.rnd', debuglevel => $debuglevel, - sslversion => 'TLSv1'; + sslversion => 'TLSv1', + syslog => 'no', + output => $logfile; } # allow incoming connections on $accept_port |