diff options
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/centos.pp | 2 | ||||
-rw-r--r-- | manifests/init.pp | 34 | ||||
-rw-r--r-- | manifests/service.pp | 19 |
3 files changed, 46 insertions, 9 deletions
diff --git a/manifests/centos.pp b/manifests/centos.pp index 19a4684..b9a326a 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -25,7 +25,7 @@ class stunnel::centos inherits stunnel::linux { source => [ "puppet:///modules/site-stunnel/${::fqdn}/stunnel.conf", "puppet:///modules/site-stunnel/${stunnel::cluster}/stunnel.conf", 'puppet:///modules/site-stunnel/stunnel.conf', - 'puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf' ], + "puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf" ], require => Package['stunnel'], notify => Service['stunnel'], owner => root, diff --git a/manifests/init.pp b/manifests/init.pp index a176bf8..89788ed 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -29,4 +29,38 @@ class stunnel ( centos: { class { 'stunnel::centos': } } default: { class { 'stunnel::default': } } } + + $stunnel_staging = "${::puppet_vardir}/stunnel4" + $stunnel_compdir = "${stunnel_staging}/configs" + + file { + [ $stunnel_staging, "${stunnel_staging}/bin" ]: + ensure => directory, + owner => 0, + group => 0, + mode => '0750'; + + "${stunnel_staging}/configs": + ensure => directory, + owner => 0, + group => 0, + mode => '0750', + recurse => true, + purge => true, + force => true, + source => undef; + + "${stunnel_staging}/bin/refresh_stunnel.sh": + owner => 0, + group => 0, + mode => '0755', + content => template('stunnel/refresh_stunnel.sh.erb'); + } + + exec { 'refresh_stunnel': + refreshonly => true, + require => File[$stunnel_compdir], + subscribe => File[$stunnel_compdir], + command => "${stunnel_staging}/bin/refresh_stunnel.sh" + } } diff --git a/manifests/service.pp b/manifests/service.pp index fd64f9b..666826d 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -58,14 +58,17 @@ define stunnel::service ( $real_client = $client ? { default => 'yes' } $real_pid = $pid ? { false => "/${name}.pid", default => $pid } - file { "/etc/stunnel/${name}.conf": - ensure => $ensure, - content => template('stunnel/service.conf.erb'), - require => File['/etc/stunnel'], - notify => Service[stunnel], - owner => root, - group => 0, - mode => '0600'; + $stunnel_compdir = "${::puppet_vardir}/stunnel4/configs" + + file { + "${stunnel_compdir}/${name}.conf": + ensure => $ensure, + content => template('stunnel/service.conf.erb'), + require => Package['stunnel'], + notify => Exec['refresh_stunnel'], + owner => root, + group => 0, + mode => '0600'; } if $use_nagios { |