diff options
author | Micah Anderson <micah@riseup.net> | 2009-10-02 19:25:51 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2009-10-02 19:25:51 -0400 |
commit | f642a9fc54bfa8f155cab64dd83844b64ba84a6a (patch) | |
tree | 3a71d75a0201b618786c6080bc46adddba77f433 /templates/service.conf.erb | |
parent | 5dfd23e3ef0ab469e8b8893a787f3f5bee9464bf (diff) |
rename stunnel::client to be stunnel::service to be less confusing (a
service can be a client in stunnel, and a service can act in server
mode, which would be confusing if it was called stunnel::client)
Diffstat (limited to 'templates/service.conf.erb')
-rw-r--r-- | templates/service.conf.erb | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/templates/service.conf.erb b/templates/service.conf.erb new file mode 100644 index 0000000..84b8f17 --- /dev/null +++ b/templates/service.conf.erb @@ -0,0 +1,47 @@ +; templated stunnel configuration file to be used by puppet stunnel module +; NOTE: any changes you make to this file will be overwritten the next time +; puppet runs, please make configuration changes to this service in puppet + +; Global configuration options +<%= 'pid = ' + real_pid %> +<%- %w{chroot setuid setgid service compression}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +; Some performance tunings +<% if socket.is_a? String -%> +<%= 'socket = ' + socket %> +<% elsif socket.is_a? Array -%> +<%= socket.map { |i| "socket = #{i}" }. join("\n") %> +<% end -%> + +<%- %w{debug output syslog}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +<%- %w{egd engine enginectrl rndbytes rndfile rndoverwrite}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +; Service-level configuration +<%= '[' + name + ']' %> +<%- %w{accept connect capath cafile cert ciphers crlpath crlfile delay enginenum exec + execargs failover ident key local oscp ocspflag options protocol protocolauthentication + protocolhost protocolpassword protocolusername pty retry session sslversion stack + timeoutbusy timeoutclose timeoutconnect timeoutidle transparent verify}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> +client = <%= client ? 'yes' : 'no' %> + |