From 0bec75e40e5aa4458c960242298ab455fcffc88e Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 13:18:26 -0400 Subject: switch to parameterized classes, changing the variable names as appropriate to remove the redundant stunnel_ prefix --- manifests/debian.pp | 12 ++++++------ manifests/init.pp | 15 +++++---------- manifests/linux.pp | 4 ++-- templates/Debian/default | 4 ++-- 4 files changed, 15 insertions(+), 20 deletions(-) diff --git a/manifests/debian.pp b/manifests/debian.pp index a480a2c..156ef75 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -11,16 +11,16 @@ class stunnel::debian inherits stunnel::linux { # make the /etc/default/stunnel ENABLED configurable with a variable # and default to on - case $stunnel_startboot { - '': { $stunnel_startboot = '1' } - default: { $stunnel_startboot = '1' } + case $startboot { + '': { $startboot = '1' } + default: { $startboot = '1' } } # make the /etc/default/stunnel extra configurable with a variable # and default to adding nothing to the default file - case $stunnel_default_extra { - '': { $stunnel_default_extra = '' } - default: { $stunnel_default_extra = '' } + case $default_extra { + '': { $default_extra = '' } + default: { $default_extra = '' } } file { '/etc/default/stunnel4': diff --git a/manifests/init.pp b/manifests/init.pp index b1437d2..270540d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,17 +17,12 @@ # TODO: warn on cert/key issues, fail on false accept? -class stunnel { - - case $stunnel_ensure_version { - '': { $stunnel_ensure_version = 'present' } - default: { $stunnel_ensure_version = 'present' } - } - +class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra ) +{ case $::operatingsystem { - debian: { include stunnel::debian } - centos: { include stunnel::centos } - default: { include stunnel::default } + debian: { class { 'stunnel::debian': } } + centos: { class { 'stunnel::centos': } } + default: { class { 'stunnel::default': } } } if $use_nagios { diff --git a/manifests/linux.pp b/manifests/linux.pp index b4b99c6..eb1b10a 100644 --- a/manifests/linux.pp +++ b/manifests/linux.pp @@ -1,7 +1,7 @@ class stunnel::linux inherits stunnel::base { - if $stunnel_ensure_version == '' { $stunnel_ensure_version = 'installed' } + if $ensure_version == '' { $ensure_version = 'installed' } package { 'stunnel': - ensure => $stunnel_ensure_version + ensure => $ensure_version } } diff --git a/templates/Debian/default b/templates/Debian/default index 85c4754..ccfefa5 100644 --- a/templates/Debian/default +++ b/templates/Debian/default @@ -3,11 +3,11 @@ # September 2003 # Change to one to enable stunnel automatic startup -ENABLED=<%= stunnel_startboot %> +ENABLED=<%= startboot %> FILES="/etc/stunnel/*.conf" OPTIONS="" # Change to one to enable ppp restart scripts PPP_RESTART=0 -<%= stunnel_default_extra %> +<%= default_extra %> -- cgit v1.2.3 From 724bc04aa9ece40fe2c54979afffdf53c5564758 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 13:19:05 -0400 Subject: move the $use_nagios check into the stunnel::service define, where it is more useful for creating accurate nagios-statd-proc checks for the correct stunnel names --- manifests/init.pp | 11 ----------- manifests/service.pp | 7 +++++++ 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 270540d..1204909 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -24,15 +24,4 @@ class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra ) centos: { class { 'stunnel::centos': } } default: { class { 'stunnel::default': } } } - - if $use_nagios { - case $nagios_stunnel_procs { - false: { info("We aren't doing nagios checks for stunnel on ${::fqdn}" ) } - default: { nagios::service - { 'stunnel': - check_command => 'nagios-stat-proc!/usr/bin/stunnel4!6!5!proc'; - } - } - } - } } diff --git a/manifests/service.pp b/manifests/service.pp index b925d00..fd64f9b 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -51,6 +51,7 @@ define stunnel::service ( $timeoutconnect = false, $timeoutidle = false, $transparent = false, + $use_nagios = false, $verify = false ) { @@ -66,4 +67,10 @@ define stunnel::service ( group => 0, mode => '0600'; } + + if $use_nagios { + nagios::service { "stunnel_${name}": + check_command => "nagios-stat-proc!/usr/bin/stunnel4 /etc/stunnel/${name}.conf!6!5!proc"; + } + } } -- cgit v1.2.3 From 8bc54c4b23e35ecf95aefcd652a616fb00e7789b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 13:32:52 -0400 Subject: add README --- README | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 README diff --git a/README b/README new file mode 100644 index 0000000..32698b3 --- /dev/null +++ b/README @@ -0,0 +1,62 @@ +Overview +======== + +This module manages stunnel4. It installs and configures the software, makes +sure it is running, and enables you to create different stunnels. + + +! Upgrade Notice ! +================== + +Previous versions of this module were not using parameterized classes. If you +were using a previous version, you may need to change how you are using the +module to accomodate for that. If you were previously setting some stunnel +variables before including the class, you will now need to pass those variables +to the class as parameters. If you were just simply doing 'include stunnel', +then you will not need to change anything. + +Classes +======= + +stunnel +------- + +This is the main class which brings you stunnel support. You will need to +instantiate it by doing the following: + +class { 'stunnel': } + +Class parameters: + +* ensure_version - If this parameter is passed, you can force a particular + version of stunnel to be installed, if it is available with your packaging + system, for example: + + class { 'stunnel': ensure_version = '3:4.53-1' } + + If you do not pass this parameter, it will default to just be 'present'. + +* startboot (Debian) - This parameter controls if stunnel should be started at + boot or not, if you do not pass this paramter, by default it will be started + +* default_extra (Debian) - This parameter lets you add arbitrary extra text to + the bottom of /etc/default/stunnel4, this can be useful to set ulimit for + example + + +Defines +======= + +stunnel::service +---------------- + +This define lets you setup any number of stunnels, it allows you to pass every +stunnel configuration variable (see manifests/server.pp) which will be used to +create the /etc/stunnel/${name}.conf file, and then notify the stunnel service +so it will restart. + +If you pass $use_nagios to this define, it will create a nagios::service entry +for stunnel_${name} which will watch for the appropriate number processes with +that configuration name + + \ No newline at end of file -- cgit v1.2.3 From fb9fcfaa8bb27cb8ceeaa2090ee28c737c540e40 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 13:53:05 -0400 Subject: qualify variables --- manifests/debian.pp | 12 ++++++------ manifests/linux.pp | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/debian.pp b/manifests/debian.pp index 156ef75..ee2a2f1 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -11,16 +11,16 @@ class stunnel::debian inherits stunnel::linux { # make the /etc/default/stunnel ENABLED configurable with a variable # and default to on - case $startboot { - '': { $startboot = '1' } - default: { $startboot = '1' } + case $stunnel::startboot { + '': { $stunnel::startboot = '1' } + default: { $stunnel::startboot = '1' } } # make the /etc/default/stunnel extra configurable with a variable # and default to adding nothing to the default file - case $default_extra { - '': { $default_extra = '' } - default: { $default_extra = '' } + case $stunnel::default_extra { + '': { $stunnel::default_extra = '' } + default: { $stunnel::default_extra = '' } } file { '/etc/default/stunnel4': diff --git a/manifests/linux.pp b/manifests/linux.pp index eb1b10a..972f21c 100644 --- a/manifests/linux.pp +++ b/manifests/linux.pp @@ -1,7 +1,7 @@ class stunnel::linux inherits stunnel::base { - if $ensure_version == '' { $ensure_version = 'installed' } + if $stunnel::ensure_version == '' { $stunnel::ensure_version = 'installed' } package { 'stunnel': - ensure => $ensure_version + ensure => $stunnel::ensure_version } } -- cgit v1.2.3 From b53d574250598178af298c59be957693eaaddb22 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 13:59:31 -0400 Subject: remove variable defaults, they are handled by the paramterization of the class make sure template variables are properly looked up. --- manifests/debian.pp | 14 -------------- manifests/init.pp | 1 + manifests/linux.pp | 1 - templates/Debian/default | 4 ++-- 4 files changed, 3 insertions(+), 17 deletions(-) diff --git a/manifests/debian.pp b/manifests/debian.pp index ee2a2f1..eb4d57a 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -9,20 +9,6 @@ class stunnel::debian inherits stunnel::linux { pattern => '/usr/bin/stunnel4', } - # make the /etc/default/stunnel ENABLED configurable with a variable - # and default to on - case $stunnel::startboot { - '': { $stunnel::startboot = '1' } - default: { $stunnel::startboot = '1' } - } - - # make the /etc/default/stunnel extra configurable with a variable - # and default to adding nothing to the default file - case $stunnel::default_extra { - '': { $stunnel::default_extra = '' } - default: { $stunnel::default_extra = '' } - } - file { '/etc/default/stunnel4': content => template('stunnel/Debian/default'), require => Package['stunnel4'], diff --git a/manifests/init.pp b/manifests/init.pp index 1204909..f7f72b8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -19,6 +19,7 @@ class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra ) { + case $::operatingsystem { debian: { class { 'stunnel::debian': } } centos: { class { 'stunnel::centos': } } diff --git a/manifests/linux.pp b/manifests/linux.pp index 972f21c..a4a926e 100644 --- a/manifests/linux.pp +++ b/manifests/linux.pp @@ -1,6 +1,5 @@ class stunnel::linux inherits stunnel::base { - if $stunnel::ensure_version == '' { $stunnel::ensure_version = 'installed' } package { 'stunnel': ensure => $stunnel::ensure_version } diff --git a/templates/Debian/default b/templates/Debian/default index ccfefa5..9e2f4d3 100644 --- a/templates/Debian/default +++ b/templates/Debian/default @@ -3,11 +3,11 @@ # September 2003 # Change to one to enable stunnel automatic startup -ENABLED=<%= startboot %> +ENABLED=<%= scope.lookupvar('stunnel::startboot') %> FILES="/etc/stunnel/*.conf" OPTIONS="" # Change to one to enable ppp restart scripts PPP_RESTART=0 -<%= default_extra %> +<%= scope.lookupvar('stunnel::default_extra') %> -- cgit v1.2.3 From c3d3f81b98542b94a013440c81b0942c9c4a82cf Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 14:58:29 -0400 Subject: set an empty default for the $default_extra parameter --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index f7f72b8..a08fb0a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,7 +17,7 @@ # TODO: warn on cert/key issues, fail on false accept? -class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra ) +class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra = '' ) { case $::operatingsystem { -- cgit v1.2.3 From d7acd567ace308049848733d8f1c801b955974a8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 15:01:44 -0400 Subject: fix merge conflict error causing the $cluster parameter to go missing --- manifests/centos.pp | 2 +- manifests/init.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/centos.pp b/manifests/centos.pp index 39f18c7..19a4684 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -23,7 +23,7 @@ class stunnel::centos inherits stunnel::linux { file { '/etc/stunnel/stunnel.conf': source => [ "puppet:///modules/site-stunnel/${::fqdn}/stunnel.conf", - "puppet:///modules/site-stunnel/${stunnel_cluster}/stunnel.conf", + "puppet:///modules/site-stunnel/${stunnel::cluster}/stunnel.conf", 'puppet:///modules/site-stunnel/stunnel.conf', 'puppet:///modules/stunnel/${::operatingsystem}/stunnel.conf' ], require => Package['stunnel'], diff --git a/manifests/init.pp b/manifests/init.pp index a08fb0a..872e5f2 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,7 +17,7 @@ # TODO: warn on cert/key issues, fail on false accept? -class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra = '' ) +class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra = '', $cluster = '' ) { case $::operatingsystem { -- cgit v1.2.3 From 1e6fbdf7f1f7e381ef01170eab96727377abe3b6 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 3 Apr 2013 15:02:16 -0400 Subject: format the class variables --- manifests/init.pp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 872e5f2..a176bf8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,7 +17,11 @@ # TODO: warn on cert/key issues, fail on false accept? -class stunnel ( $ensure_version = 'present', $startboot = '1', $default_extra = '', $cluster = '' ) +class stunnel ( + $ensure_version = 'present', + $startboot = '1', + $default_extra = '', + $cluster = '' ) { case $::operatingsystem { -- cgit v1.2.3