1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
define stunnel::service (
$ensure = present,
$accept = false,
$capath = false,
$cafile = false,
$cert = false,
$chroot = false,
$ciphers = false,
$client = false,
$compress = false,
$connect = false,
$crlpath = false,
$crlfile = false,
$debuglevel = false,
$delay = false,
$egd = false,
$engine = false,
$engineCtrl = false,
$enginenum = false,
$exec = false,
$execargs = false,
$failover = false,
$ident = false,
$key = false,
$local = false,
$oscp = false,
$ocspflag = false,
$options = false,
$output = false,
$pid = false,
$protocol = false,
$protocolauthentication = false,
$protocolhost = false,
$protocolpassword = false,
$protocolusername = false,
$pty = false,
$retry = false,
$rndbytes = false,
$rndfile = false,
$rndoverwrite = false,
$service = false,
$session = false,
$setuid = 'stunnel4',
$setgid = 'stunnel4',
$socket = [ 'l:TCP_NODELAY=1', 'r:TCP_NODELAY=1'],
$sslversion = 'SSLv3',
$stack = false,
$syslog = false,
$timeoutbusy = false,
$timeoutclose = false,
$timeoutconnect = false,
$timeoutidle = false,
$transparent = false,
$manage_nagios = false,
$verify = false
) {
include stunnel
$real_client = $client ? { default => 'yes' }
$real_pid = $pid ? { false => "/${name}.pid", default => $pid }
$stunnel_compdir = "${::puppet_vardir}/stunnel4/configs"
file {
"${stunnel_compdir}/${name}.conf":
ensure => $ensure,
content => template('stunnel/service.conf.erb'),
require => Package['stunnel'],
notify => Exec['refresh_stunnel'],
owner => 'root',
group => 0,
mode => '0600';
}
if $manage_nagios {
stunnel::service::nagios { $name: }
}
}
|
