2 files changed, 50 insertions, 0 deletions

diff --git a/puppet/modules/site_stunnel/manifests/clients.pp b/puppet/modules/site_stunnel/manifests/clients.pp
new file mode 100644
index 00000000..ed766e1a
--- /dev/null
+++ b/puppet/modules/site_stunnel/manifests/clients.pp
@@ -0,0 +1,26 @@
+define site_stunnel::clients (
+  $accept_port,
+  $connect_port,
+  $connect,
+  $cafile,
+  $key,
+  $cert,
+  $client     = true,
+  $verify     = '2',
+  $pid        = $name,
+  $rndfile    = '/var/lib/stunnel4/.rnd',
+  $debuglevel = '4' ) {
+
+  stunnel::service { $name:
+    accept     => "127.0.0.1:${accept_port}",
+    connect    => "${connect}:${connect_port}",
+    client     => $client,
+    cafile     => $cafile,
+    key        => $key,
+    cert       => $cert,
+    verify     => $verify,
+    pid        => "/var/run/stunnel4/${pid}.pid",
+    rndfile    => $rndfile,
+    debuglevel => $debuglevel
+  }
+}
diff --git a/puppet/modules/site_stunnel/manifests/setup.pp b/puppet/modules/site_stunnel/manifests/setup.pp
new file mode 100644
index 00000000..7ec2378f
--- /dev/null
+++ b/puppet/modules/site_stunnel/manifests/setup.pp
@@ -0,0 +1,24 @@
+class site_stunnel::setup ($cert_name, $key, $cert, $ca) {
+
+  include site_stunnel
+
+  x509::key {
+    $cert_name:
+      content => $key,
+      notify  => Service['stunnel'];
+  }
+
+  x509::cert {
+    $cert_name:
+      content => $cert,
+      notify  => Service['stunnel'];
+  }
+
+  x509::ca {
+    $ca_name:
+      content => $ca,
+      notify  => Service['stunnel'];
+  }
+
+}
+