add dependency on the stunnel service so refresh_stunnel is not run until the service...
[puppet_stunnel.git] / manifests / init.pp
1 #
2 # stunnel puppet module
3 #
4 # Copyright 2009, Riseup Networks <micah@riseup.net>
5 #
6 #
7 # This program is free software; you can redistribute
8 # it and/or modify it under the terms of the GNU
9 # General Public License version 3 as published by
10 # the Free Software Foundation.
11 #
12 # 1. include stunnel: this will automatically include stunnel::debian,
13 #    which automatically includes stunnel::linux, which automatically
14 #    includes stunnel::base
15 # 2. stunnel::client allows you to configure different /etc/stunnel/*.conf files
16 #    to provide various stunnel configurations
17
18 # TODO: warn on cert/key issues, fail on false accept?
19
20 class stunnel (
21   $ensure_version = 'present',
22   $startboot      = '1',
23   $default_extra  = '',
24   $cluster        = '' )
25 {
26
27   case $::operatingsystem {
28     debian: { class { 'stunnel::debian': } }
29     centos: { class {  'stunnel::centos': } }
30     default: { class { 'stunnel::default': } }
31   }
32
33   $stunnel_staging = "${::puppet_vardir}/stunnel4"
34   $stunnel_compdir = "${stunnel_staging}/configs"
35
36   file {
37     [ $stunnel_staging, "${stunnel_staging}/bin" ]:
38       ensure => directory,
39       owner  => 0,
40       group  => 0,
41       mode   => '0750';
42
43     "${stunnel_staging}/configs":
44       ensure  => directory,
45       owner   => 0,
46       group   => 0,
47       mode    => '0750',
48       recurse => true,
49       purge   => true,
50       force   => true,
51       source  => undef;
52
53     "${stunnel_staging}/bin/refresh_stunnel.sh":
54       owner   => 0,
55       group   => 0,
56       mode    => '0755',
57       content => template('stunnel/refresh_stunnel.sh.erb');
58   }
59
60   exec { 'refresh_stunnel':
61     refreshonly => true,
62     require     => [ Service['stunnel'], Package['stunnel'], File[$stunnel_compdir] ],
63     subscribe   => File[$stunnel_compdir],
64     command     => "${stunnel_staging}/bin/refresh_stunnel.sh"
65   }
66 }