From 8f682e8764d73633f0a5bb9b8bae55a97d0d3023 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Thu, 11 Apr 2013 23:25:03 -0400
Subject: fix alignment of the nagios::service block

---
 manifests/init.pp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index b1437d2..b398c54 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -33,8 +33,8 @@ class stunnel {
   if $use_nagios {
     case $nagios_stunnel_procs {
       false: { info("We aren't doing nagios checks for stunnel on ${::fqdn}" ) }
-      default: { nagios::service
-        { 'stunnel':
+      default: {
+        nagios::service { 'stunnel':
           check_command => 'nagios-stat-proc!/usr/bin/stunnel4!6!5!proc';
         }
       }
-- 
cgit v1.2.3


From a336f39c441b7b3706278332cc63782d2de0e299 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Tue, 11 Jun 2013 14:00:27 -0400
Subject: Previous to this commit, when a stunnel::service definition was
 removed, the /etc/stunnel/${name}.conf was left, and the stunnel remained
 running. Also, if you changed a parameter in a stunnel::service definition,
 the .conf file was changed, but the service restart may not happen properly.

This commit adds functionality to properly clean up running stunnels that are no
longer managed, and restart managed ones whose parameters have changed
---
 manifests/init.pp                | 34 ++++++++++++++++++++++++++++++++++
 manifests/service.pp             | 19 +++++++++++--------
 templates/refresh_stunnel.sh.erb | 22 ++++++++++++++++++++++
 3 files changed, 67 insertions(+), 8 deletions(-)
 create mode 100644 templates/refresh_stunnel.sh.erb

diff --git a/manifests/init.pp b/manifests/init.pp
index a176bf8..89788ed 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -29,4 +29,38 @@ class stunnel (
     centos: { class {  'stunnel::centos': } }
     default: { class { 'stunnel::default': } }
   }
+
+  $stunnel_staging = "${::puppet_vardir}/stunnel4"
+  $stunnel_compdir = "${stunnel_staging}/configs"
+
+  file {
+    [ $stunnel_staging, "${stunnel_staging}/bin" ]:
+      ensure => directory,
+      owner  => 0,
+      group  => 0,
+      mode   => '0750';
+
+    "${stunnel_staging}/configs":
+      ensure  => directory,
+      owner   => 0,
+      group   => 0,
+      mode    => '0750',
+      recurse => true,
+      purge   => true,
+      force   => true,
+      source  => undef;
+
+    "${stunnel_staging}/bin/refresh_stunnel.sh":
+      owner   => 0,
+      group   => 0,
+      mode    => '0755',
+      content => template('stunnel/refresh_stunnel.sh.erb');
+  }
+
+  exec { 'refresh_stunnel':
+    refreshonly => true,
+    require     => File[$stunnel_compdir],
+    subscribe   => File[$stunnel_compdir],
+    command     => "${stunnel_staging}/bin/refresh_stunnel.sh"
+  }
 }
diff --git a/manifests/service.pp b/manifests/service.pp
index fd64f9b..666826d 100644
--- a/manifests/service.pp
+++ b/manifests/service.pp
@@ -58,14 +58,17 @@ define stunnel::service (
   $real_client = $client ? { default => 'yes' }
   $real_pid = $pid ? { false => "/${name}.pid", default => $pid }
 
-  file { "/etc/stunnel/${name}.conf":
-    ensure  => $ensure,
-    content => template('stunnel/service.conf.erb'),
-    require => File['/etc/stunnel'],
-    notify  => Service[stunnel],
-    owner   => root,
-    group   => 0,
-    mode    => '0600';
+  $stunnel_compdir = "${::puppet_vardir}/stunnel4/configs"
+
+  file {
+    "${stunnel_compdir}/${name}.conf":
+      ensure  => $ensure,
+      content => template('stunnel/service.conf.erb'),
+      require => Package['stunnel'],
+      notify  => Exec['refresh_stunnel'],
+      owner   => root,
+      group   => 0,
+      mode    => '0600';
   }
 
   if $use_nagios {
diff --git a/templates/refresh_stunnel.sh.erb b/templates/refresh_stunnel.sh.erb
new file mode 100644
index 0000000..1af0cff
--- /dev/null
+++ b/templates/refresh_stunnel.sh.erb
@@ -0,0 +1,22 @@
+#!/bin/sh -x
+
+for difference in `diff -q /etc/stunnel <%= @stunnel_staging %>/configs | grep differ | awk '{print $2}'`
+do 
+    old_config=`basename $difference`
+    /etc/init.d/stunnel4 stop $(basename $old_config .conf)
+    rm $difference
+done
+
+for only in `diff -q /etc/stunnel <%= @stunnel_staging %>/configs | grep 'Only in /etc/stunnel:' | awk '{print $4}'`
+do
+    old_config=`basename $only`
+    /etc/init.d/stunnel4 stop $(basename $only .conf)
+    rm /etc/stunnel/${only}
+done
+
+cp <%= @stunnel_staging %>/configs/*.conf /etc/stunnel
+
+/etc/init.d/stunnel4 start
+
+
+
-- 
cgit v1.2.3


From 65dc795b3f2ec99a08b652c2b59555235dbca48b Mon Sep 17 00:00:00 2001
From: Gabriel Filion <gabster@lelutin.ca>
Date: Sat, 13 Apr 2013 00:53:00 -0400
Subject: Variable being ignored due to incorrect quoting.

---
 manifests/centos.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/centos.pp b/manifests/centos.pp
index 39f18c7..4283cb0 100644
--- a/manifests/centos.pp
+++ b/manifests/centos.pp
@@ -25,7 +25,7 @@ class stunnel::centos inherits stunnel::linux {
     source  => [ "puppet:///modules/site-stunnel/${::fqdn}/stunnel.conf",
                  "puppet:///modules/site-stunnel/${stunnel_cluster}/stunnel.conf",
                  'puppet:///modules/site-stunnel/stunnel.conf',
-                 'puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf' ],
+                 "puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf" ],
     require => Package['stunnel'],
     notify  => Service['stunnel'],
     owner   => root,
-- 
cgit v1.2.3