diff options
-rw-r--r-- | manifests/base.pp | 13 | ||||
-rw-r--r-- | manifests/debian.pp | 24 | ||||
-rw-r--r-- | manifests/init.pp | 90 | ||||
-rw-r--r-- | manifests/linux.pp | 7 | ||||
-rw-r--r-- | manifests/service.pp | 68 |
5 files changed, 116 insertions, 86 deletions
diff --git a/manifests/base.pp b/manifests/base.pp new file mode 100644 index 0000000..3061902 --- /dev/null +++ b/manifests/base.pp @@ -0,0 +1,13 @@ +class stunnel::base { + + file { "/etc/stunnel": + ensure => directory; + } + + service { 'stunnel': + name => 'stunnel', + enable => true, + ensure => running, + hasstatus => false; + } +} diff --git a/manifests/debian.pp b/manifests/debian.pp new file mode 100644 index 0000000..57307dd --- /dev/null +++ b/manifests/debian.pp @@ -0,0 +1,24 @@ +class stunnel::debian inherits stunnel::linux { + + Package[stunnel] { + name => 'stunnel4', + } + + Service[stunnel] { + name => 'stunnel4', + pattern => '/usr/bin/stunnel4', + } + + # make the /etc/default/stunnel configurable with a variable + case $stunnel_startboot { + '': { $stunnel_startboot = '1' } + } + + file { '/etc/default/stunnel4': + content => template("stunnel/Debian/default"), + require => Package['stunnel4'], + notify => Service['stunnel4'], + owner => root, group => 0, mode => 0644; + } +} + diff --git a/manifests/init.pp b/manifests/init.pp index f3fa0d2..3c3cbe4 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -19,63 +19,15 @@ class stunnel { + case $stunnel_ensure_version { + '': { $stunnel_ensure_version = "present" } + } + case $operatingsystem { debian: { include stunnel::debian } default: { include stunnel::default } } - define service ( $ensure = present, $accept = false, $capath = false, - $cafile = false, $cert = false, $chroot = false, - $ciphers = false, $client = false, $compress = - false, $connect = false, $crlpath = false, $crlfile - = false, $debuglevel = false, $delay = false, $egd = - false, $engine = false, $engineCtrl = false, - $enginenum = false, $exec = false, $execargs = - false, $failover = false, $ident = false, $key = - false, $local = false, $oscp = false, $ocspflag = - false, $options = false, $output = false, $pid = - false, $protocol = false, $protocolauthentication = - false, $protocolhost = false, $protocolpassword = - false, $protocolusername = false, $pty = false, - $retry = false, $rndbytes = false, $rndfile = false, - $rndoverwrite = false, $service = false, $session = - false, $setuid = "stunnel4", $setgid = "stunnel4", - $socket = [ "l:TCP_NODELAY=1", "r:TCP_NODELAY=1"], - $sslversion = "SSLv3", $stack = false, $syslog = - false, $timeoutbusy = false, $timeoutclose = false, - $timeoutconnect = false, $timeoutidle = false, - $transparent = false, $verify = false ) { - - $real_client = $client ? { default => "yes" } - $real_pid = $pid ? { false => "/${name}.pid", default => $pid } - - file { "/etc/stunnel/${name}.conf": - ensure => $ensure, - content => template('stunnel/service.conf.erb'), - owner => root, group => 0, mode => 0600, - require => File["/etc/stunnel"], - notify => Service[stunnel]; - } - } -} - -class stunnel::base { - - case $stunnel_ensure_version { - '': { $stunnel_ensure_version = "present" } - } - - file { "/etc/stunnel": - ensure => directory; - } - - service { 'stunnel': - name => 'stunnel', - enable => true, - ensure => running, - hasstatus => false; - } - if $use_nagios { case $nagios_stunnel_procs { 'false': { info("We aren't doing nagios checks for stunnel on ${fqdn}" ) } @@ -83,37 +35,3 @@ class stunnel::base { } } } - -class stunnel::linux inherits stunnel::base { - - if $stunnel_ensure_version == '' { $stunnel_ensure_version = 'installed' } - package { 'stunnel': - ensure => $stunnel_ensure_version - } -} - - -class stunnel::debian inherits stunnel::linux { - - Package[stunnel] { - name => 'stunnel4', - } - - Service[stunnel] { - name => 'stunnel4', - pattern => '/usr/bin/stunnel4', - } - - # make the /etc/default/stunnel configurable with a variable - case $stunnel_startboot { - '': { $stunnel_startboot = '1' } - } - - file { '/etc/default/stunnel4': - content => template("stunnel/Debian/default"), - require => Package['stunnel4'], - notify => Service['stunnel4'], - owner => root, group => 0, mode => 0644; - } -} - diff --git a/manifests/linux.pp b/manifests/linux.pp new file mode 100644 index 0000000..800df37 --- /dev/null +++ b/manifests/linux.pp @@ -0,0 +1,7 @@ +class stunnel::linux inherits stunnel::base { + + if $stunnel_ensure_version == '' { $stunnel_ensure_version = 'installed' } + package { 'stunnel': + ensure => $stunnel_ensure_version + } +} diff --git a/manifests/service.pp b/manifests/service.pp new file mode 100644 index 0000000..f797972 --- /dev/null +++ b/manifests/service.pp @@ -0,0 +1,68 @@ +define stunell::service ( + $ensure = present, + $accept = false, + $capath = false, + $cafile = false, + $cert = false, + $chroot = false, + $ciphers = false, + $client = false, + $compress = false, + $connect = false, + $crlpath = false, + $crlfile = false, + $debuglevel = false, + $delay = false, + $egd = false, + $engine = false, + $engineCtrl = false, + $enginenum = false, + $exec = false, + $execargs = false, + $failover = false, + $ident = false, + $key = false, + $local = false, + $oscp = false, + $ocspflag = false, + $options = false, + $output = false, + $pid = false, + $protocol = false, + $protocolauthentication = false, + $protocolhost = false, + $protocolpassword = false, + $protocolusername = false, + $pty = false, + $retry = false, + $rndbytes = false, + $rndfile = false, + $rndoverwrite = false, + $service = false, + $session = false, + $setuid = "stunnel4", + $setgid = "stunnel4", + $socket = [ "l:TCP_NODELAY=1", "r:TCP_NODELAY=1"], + $sslversion = "SSLv3", + $stack = false, + $syslog = false, + $timeoutbusy = false, + $timeoutclose = false, + $timeoutconnect = false, + $timeoutidle = false, + $transparent = false, + $verify = false +) { + + $real_client = $client ? { default => "yes" } + $real_pid = $pid ? { false => "/${name}.pid", default => $pid } + + file { "/etc/stunnel/${name}.conf": + ensure => $ensure, + content => template('stunnel/service.conf.erb'), + require => File["/etc/stunnel"], + notify => Service[stunnel], + owner => root, group => 0, mode => 0600; + } +} + |