diff options
| author | Micah Anderson <micah@riseup.net> | 2009-10-02 15:41:30 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2009-10-02 15:41:30 -0400 |
| commit | 5fd1d15a8fd0517218878b269964b8286ef360c5 (patch) | |
| tree | a31a711d6e8f3c693533859292d517faf961a1bc /templates | |
initial check-in of stunnel module, based on stunnel4
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/Debian/default | 11 | ||||
| -rw-r--r-- | templates/client.conf.erb | 55 |
2 files changed, 66 insertions, 0 deletions
diff --git a/templates/Debian/default b/templates/Debian/default new file mode 100644 index 0000000..e8b42c1 --- /dev/null +++ b/templates/Debian/default @@ -0,0 +1,11 @@ +# /etc/default/stunnel +# Julien LEMOINE <speedblue@debian.org> +# September 2003 + +# Change to one to enable stunnel automatic startup +ENABLED=<%= stunnel_startboot -%> +FILES="/etc/stunnel/*.conf" +OPTIONS="" + +# Change to one to enable ppp restart scripts +PPP_RESTART=0 diff --git a/templates/client.conf.erb b/templates/client.conf.erb new file mode 100644 index 0000000..38fe6ef --- /dev/null +++ b/templates/client.conf.erb @@ -0,0 +1,55 @@ +; templated stunnel configuration file to be used by puppet stunnel module +; NOTE: any changes you make to this file will be overwritten the next time +; puppet runs, please make configuration changes to this service in puppet + +; Global configuration options +<%= 'pid = ' + real_pid %> +<%- %w{chroot setuid setgid service compression}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +; Some performance tunings +<% if socket.is_a? String -%> +<%= 'socket = ' + socket %> +<% elsif socket.is_a? Array -%> +<%= socket.map { |i| "socket = #{i}" }. join("\n") %> +<% end -%> + +<%- %w{debug output syslog}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +<%= 'EGD = ' + EGD if EGD %> +<%= 'engine = ' + engine if engine %> +<%= 'engineCtrl = ' + engineCtrl if engineCtrl %> + +<%= 'RNDbytes = ' + RNDbytes if RNDbytes %> +<%= 'RNDfile = ' + RNDfile if RNDfile %> +<%= 'RNDoverwrite = ' + RNDoverwrite if RNDoverwrite %> + +<%- %w{EGD engine engineCtrl RNDbytes RNDfile RNDoverwrite}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +; Service-level configuration +<%= '[' + name + ']' %> +<%- %w{accept CApath CAfile cert ciphers connect CRLpath CRLfile delay engineNum exec + execargs failover ident key local OSCP OCSPflag options protocol protocolAuthentication + protocolHost protocolPassword protocolUsername pty retry session sslVersion stack + TIMEOUTbusy TIMEOUTclose TIMEOUTconnect TIMEOUTidle transparent verify}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> +<%= 'client = ' + client ? 'yes' : 'no' %> + |