# # stunnel puppet module # # Copyright 2009, Riseup Networks <micah@riseup.net> # # # This program is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License version 3 as published by # the Free Software Foundation. # # 1. include stunnel: this will automatically include stunnel::debian, # which automatically includes stunnel::linux, which automatically # includes stunnel::base # 2. stunnel::client allows you to configure different /etc/stunnel/*.conf files # to provide various stunnel configurations # TODO: warn on cert/key issues, fail on false accept? class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra = '', $cluster = '' ) { case $::operatingsystem { debian: { class { 'stunnel::debian': } } centos: { class { 'stunnel::centos': } } default: { class { 'stunnel::default': } } } $stunnel_staging = "${::puppet_vardir}/stunnel4" $stunnel_compdir = "${stunnel_staging}/configs" file { [ $stunnel_staging, "${stunnel_staging}/bin" ]: ensure => directory, owner => 0, group => 0, mode => '0750'; "${stunnel_staging}/configs": ensure => directory, owner => 0, group => 0, mode => '0750', recurse => true, purge => true, force => true, source => undef, notify => Exec['refresh_stunnel']; "${stunnel_staging}/bin/refresh_stunnel.sh": owner => 0, group => 0, mode => '0755', content => template('stunnel/refresh_stunnel.sh.erb'); } exec { 'refresh_stunnel': command => "${stunnel_staging}/bin/refresh_stunnel.sh", require => [ Package['stunnel4'], File['/etc/default/stunnel4'] ] } }