diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/base.pp | 8 | ||||
| -rw-r--r-- | manifests/centos.pp | 35 | ||||
| -rw-r--r-- | manifests/debian.pp | 8 | ||||
| -rw-r--r-- | manifests/init.pp | 21 | ||||
| -rw-r--r-- | manifests/linux.pp | 1 | ||||
| -rw-r--r-- | manifests/service.pp | 32 |
6 files changed, 55 insertions, 50 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 3061902..9fed2de 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,13 +1,13 @@ class stunnel::base { - file { "/etc/stunnel": + file { '/etc/stunnel': ensure => directory; } service { 'stunnel': - name => 'stunnel', - enable => true, - ensure => running, + ensure => running, + name => 'stunnel', + enable => true, hasstatus => false; } } diff --git a/manifests/centos.pp b/manifests/centos.pp index 14aac8f..19a4684 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -1,16 +1,19 @@ class stunnel::centos inherits stunnel::linux { - file{'/etc/init.d/stunnel': - source => "puppet:///modules/stunnel/${::operatingsystem}/stunnel.init", + file { '/etc/init.d/stunnel': + source => "puppet:///modules/stunnel/${::operatingsystem}/stunnel.init", require => Package['stunnel'], - before => Service['stunnel'], - owner => root, group => 0, mode => 0755; + before => Service['stunnel'], + owner => root, + group => 0, + mode => '0755'; } - user::managed{ "stunnel": - homedir => "/var/run/stunnel", - shell => "/sbin/nologin", - uid => 105, gid => 105; + user::managed { 'stunnel': + homedir => '/var/run/stunnel', + shell => '/sbin/nologin', + uid => 105, + gid => 105; } Service['stunnel']{ @@ -18,13 +21,15 @@ class stunnel::centos inherits stunnel::linux { require => [ User['stunnel'], File['/etc/init.d/stunnel'] ] } - file{'/etc/stunnel/stunnel.conf': - source => [ "puppet:///modules/site_stunnel/${::fqdn}/stunnel.conf", - "puppet:///modules/site_stunnel/${stunnel::cluster}/stunnel.conf", - "puppet:///modules/site_stunnel/stunnel.conf", - "puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf" ], + file { '/etc/stunnel/stunnel.conf': + source => [ "puppet:///modules/site-stunnel/${::fqdn}/stunnel.conf", + "puppet:///modules/site-stunnel/${stunnel::cluster}/stunnel.conf", + 'puppet:///modules/site-stunnel/stunnel.conf', + 'puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf' ], require => Package['stunnel'], - notify => Service['stunnel'], - owner => root, group => 0, mode => 0600; + notify => Service['stunnel'], + owner => root, + group => 0, + mode => '0600'; } } diff --git a/manifests/debian.pp b/manifests/debian.pp index a64a4c9..eb4d57a 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -10,10 +10,12 @@ class stunnel::debian inherits stunnel::linux { } file { '/etc/default/stunnel4': - content => template("stunnel/Debian/default"), + content => template('stunnel/Debian/default'), require => Package['stunnel4'], - notify => Service['stunnel4'], - owner => root, group => 0, mode => 0644; + notify => Service['stunnel4'], + owner => root, + group => 0, + mode => '0644'; } } diff --git a/manifests/init.pp b/manifests/init.pp index d0d67c9..b2018a5 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,23 +17,12 @@ # TODO: warn on cert/key issues, fail on false accept? -class stunnel( - $cluster = '', - $ensure_version = 'present', - $startboot = '1', - $default_extra = '', - $nagios_stunnel_procs = false -) { +class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra, $cluster = '' ) +{ case $::operatingsystem { - debian: { include stunnel::debian } - centos: { include stunnel::centos } - default: { include stunnel::default } - } - - if $nagios_stunnel_procs { - nagios::service { "stunnel": - check_command => "nagios-stat-proc!/usr/bin/stunnel4!6!5!proc"; - } + debian: { class { 'stunnel::debian': } } + centos: { class { 'stunnel::centos': } } + default: { class { 'stunnel::default': } } } } diff --git a/manifests/linux.pp b/manifests/linux.pp index 3b03998..a4a926e 100644 --- a/manifests/linux.pp +++ b/manifests/linux.pp @@ -1,4 +1,5 @@ class stunnel::linux inherits stunnel::base { + package { 'stunnel': ensure => $stunnel::ensure_version } diff --git a/manifests/service.pp b/manifests/service.pp index fb24168..fd64f9b 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -40,10 +40,10 @@ define stunnel::service ( $rndoverwrite = false, $service = false, $session = false, - $setuid = "stunnel4", - $setgid = "stunnel4", - $socket = [ "l:TCP_NODELAY=1", "r:TCP_NODELAY=1"], - $sslversion = "SSLv3", + $setuid = 'stunnel4', + $setgid = 'stunnel4', + $socket = [ 'l:TCP_NODELAY=1', 'r:TCP_NODELAY=1'], + $sslversion = 'SSLv3', $stack = false, $syslog = false, $timeoutbusy = false, @@ -51,18 +51,26 @@ define stunnel::service ( $timeoutconnect = false, $timeoutidle = false, $transparent = false, + $use_nagios = false, $verify = false ) { - $real_client = $client ? { default => "yes" } + $real_client = $client ? { default => 'yes' } $real_pid = $pid ? { false => "/${name}.pid", default => $pid } - + file { "/etc/stunnel/${name}.conf": - ensure => $ensure, - content => template('stunnel/service.conf.erb'), - require => File["/etc/stunnel"], - notify => Service[stunnel], - owner => root, group => 0, mode => 0600; + ensure => $ensure, + content => template('stunnel/service.conf.erb'), + require => File['/etc/stunnel'], + notify => Service[stunnel], + owner => root, + group => 0, + mode => '0600'; } -} + if $use_nagios { + nagios::service { "stunnel_${name}": + check_command => "nagios-stat-proc!/usr/bin/stunnel4 /etc/stunnel/${name}.conf!6!5!proc"; + } + } +} |