From fcbf7c0b4df14149269b646b5ac8e66acd63647e Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Fri, 6 Sep 2013 17:37:03 +0200
Subject: use define instead of class for site_stunnel::setup (#3817)

so it can be called multiple times
---
 puppet/modules/site_couchdb/manifests/stunnel.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'puppet/modules/site_couchdb/manifests/stunnel.pp')

diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index d982013e..481da279 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -27,7 +27,7 @@ class site_couchdb::stunnel ($key, $cert, $ca) {
 
   # basic setup: ensure cert, key, ca files are in place, and some generic
   # stunnel things are done
-  class { 'site_stunnel::setup':
+  site_stunnel::setup { 'couchdb_couchdb':
     cert_name => $cert_name,
     key       => $key,
     cert      => $cert,
-- 
cgit v1.2.3


From 3e5e685200e9b5c3ac8567100e552929ea55d8e8 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Fri, 13 Sep 2013 16:20:07 +0200
Subject: setup stunnel config to use default x509 cert,key+ca (#3837)

* fix stunnel setups for couchdb, mx, webapp services
---
 puppet/modules/site_couchdb/manifests/stunnel.pp | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

(limited to 'puppet/modules/site_couchdb/manifests/stunnel.pp')

diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index 481da279..993555cb 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -1,4 +1,4 @@
-class site_couchdb::stunnel ($key, $cert, $ca) {
+class site_couchdb::stunnel {
 
   $stunnel              = hiera('stunnel')
 
@@ -19,21 +19,9 @@ class site_couchdb::stunnel ($key, $cert, $ca) {
   $ednp_clients         = $stunnel['ednp_clients']
 
   include x509::variables
-  $cert_name = 'leap_couchdb'
-  $ca_name   = 'leap_ca'
-  $ca_path   = "${x509::variables::local_CAs}/${ca_name}.crt"
-  $cert_path = "${x509::variables::certs}/${cert_name}.crt"
-  $key_path  = "${x509::variables::keys}/${cert_name}.key"
-
-  # basic setup: ensure cert, key, ca files are in place, and some generic
-  # stunnel things are done
-  site_stunnel::setup { 'couchdb_couchdb':
-    cert_name => $cert_name,
-    key       => $key,
-    cert      => $cert,
-    ca_name   => $ca_name,
-    ca        => $ca
-  }
+  $ca_path   = "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt"
+  $cert_path = "${x509::variables::certs}/${site_config::params::cert_name}.crt"
+  $key_path  = "${x509::variables::keys}/${site_config::params::cert_name}.key"
 
   # setup a stunnel server for the webapp to connect to couchdb
   stunnel::service { 'couch_server':
-- 
cgit v1.2.3


From 1ce6cb5a30c5ee73d6474ac9c1bbd4c7819d9a73 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Thu, 19 Sep 2013 12:19:00 +0200
Subject: only deploy x509 stuff for nodes if it existes in hiera (Feature
 #3875)

---
 puppet/modules/site_couchdb/manifests/stunnel.pp | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'puppet/modules/site_couchdb/manifests/stunnel.pp')

diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index 993555cb..fbb75000 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -18,6 +18,11 @@ class site_couchdb::stunnel {
   $ednp_server_connect  = $ednp_server['connect']
   $ednp_clients         = $stunnel['ednp_clients']
 
+
+
+  include site_config::x509::cert_key
+  include site_config::x509::ca
+
   include x509::variables
   $ca_path   = "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt"
   $cert_path = "${x509::variables::certs}/${site_config::params::cert_name}.crt"
-- 
cgit v1.2.3


From d7aca479f254ce4cbe58ee2a2197ea5c6d02de53 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Thu, 19 Sep 2013 12:44:30 +0200
Subject: Depend services on deployment of default key, cert and ca (Feature
 #3838)

---
 puppet/modules/site_couchdb/manifests/stunnel.pp | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'puppet/modules/site_couchdb/manifests/stunnel.pp')

diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index fbb75000..7ba303fe 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -39,7 +39,10 @@ class site_couchdb::stunnel {
     verify     => '2',
     pid        => '/var/run/stunnel4/couchserver.pid',
     rndfile    => '/var/lib/stunnel4/.rnd',
-    debuglevel => '4'
+    debuglevel => '4',
+    require    => [
+      Class['Site_config::X509::Cert_key'],
+      Class['Site_config::X509::Ca'] ];
   }
 
 
@@ -55,7 +58,10 @@ class site_couchdb::stunnel {
     verify     => '2',
     pid        => '/var/run/stunnel4/epmd_server.pid',
     rndfile    => '/var/lib/stunnel4/.rnd',
-    debuglevel => '4'
+    debuglevel => '4',
+    require    => [
+      Class['Site_config::X509::Cert_key'],
+      Class['Site_config::X509::Ca'] ];
   }
 
   # setup stunnel clients for Erlang Port Mapper Daemon (epmd) to connect
@@ -81,7 +87,10 @@ class site_couchdb::stunnel {
     verify     => '2',
     pid        => '/var/run/stunnel4/ednp_server.pid',
     rndfile    => '/var/lib/stunnel4/.rnd',
-    debuglevel => '4'
+    debuglevel => '4',
+    require    => [
+      Class['Site_config::X509::Cert_key'],
+      Class['Site_config::X509::Ca'] ];
   }
 
   # setup stunnel clients for Erlang Distributed Node Protocol (ednp) to connect
-- 
cgit v1.2.3


From ffa4504f81c0abecc62b068951ec147741028128 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Tue, 24 Sep 2013 09:09:30 +0200
Subject: seperate cert and key deployment (#3918)

---
 puppet/modules/site_couchdb/manifests/stunnel.pp | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'puppet/modules/site_couchdb/manifests/stunnel.pp')

diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index 7ba303fe..87c35f05 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -20,7 +20,8 @@ class site_couchdb::stunnel {
 
 
 
-  include site_config::x509::cert_key
+  include site_config::x509::cert
+  include site_config::x509::key
   include site_config::x509::ca
 
   include x509::variables
@@ -41,7 +42,8 @@ class site_couchdb::stunnel {
     rndfile    => '/var/lib/stunnel4/.rnd',
     debuglevel => '4',
     require    => [
-      Class['Site_config::X509::Cert_key'],
+      Class['Site_config::X509::Key'],
+      Class['Site_config::X509::Cert'],
       Class['Site_config::X509::Ca'] ];
   }
 
@@ -60,7 +62,8 @@ class site_couchdb::stunnel {
     rndfile    => '/var/lib/stunnel4/.rnd',
     debuglevel => '4',
     require    => [
-      Class['Site_config::X509::Cert_key'],
+      Class['Site_config::X509::Key'],
+      Class['Site_config::X509::Cert'],
       Class['Site_config::X509::Ca'] ];
   }
 
@@ -89,7 +92,8 @@ class site_couchdb::stunnel {
     rndfile    => '/var/lib/stunnel4/.rnd',
     debuglevel => '4',
     require    => [
-      Class['Site_config::X509::Cert_key'],
+      Class['Site_config::X509::Key'],
+      Class['Site_config::X509::Cert'],
       Class['Site_config::X509::Ca'] ];
   }
 
-- 
cgit v1.2.3


From f6c633699adbce362b3101ea3b140083e8698f3a Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Tue, 4 Mar 2014 13:43:47 +0100
Subject: watch syslog for stunnel issues on couch nodes

---
 puppet/modules/site_couchdb/manifests/stunnel.pp | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'puppet/modules/site_couchdb/manifests/stunnel.pp')

diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index 87c35f05..91f1e3aa 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -107,4 +107,6 @@ class site_couchdb::stunnel {
   }
 
   create_resources(site_stunnel::clients, $ednp_clients, $ednp_client_defaults)
+
+  include site_check_mk::agent::stunnel
 }
-- 
cgit v1.2.3