From 5fd1d15a8fd0517218878b269964b8286ef360c5 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 2 Oct 2009 15:41:30 -0400 Subject: initial check-in of stunnel module, based on stunnel4 --- templates/Debian/default | 11 ++++++++++ templates/client.conf.erb | 55 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 templates/Debian/default create mode 100644 templates/client.conf.erb (limited to 'templates') diff --git a/templates/Debian/default b/templates/Debian/default new file mode 100644 index 0000000..e8b42c1 --- /dev/null +++ b/templates/Debian/default @@ -0,0 +1,11 @@ +# /etc/default/stunnel +# Julien LEMOINE +# September 2003 + +# Change to one to enable stunnel automatic startup +ENABLED=<%= stunnel_startboot -%> +FILES="/etc/stunnel/*.conf" +OPTIONS="" + +# Change to one to enable ppp restart scripts +PPP_RESTART=0 diff --git a/templates/client.conf.erb b/templates/client.conf.erb new file mode 100644 index 0000000..38fe6ef --- /dev/null +++ b/templates/client.conf.erb @@ -0,0 +1,55 @@ +; templated stunnel configuration file to be used by puppet stunnel module +; NOTE: any changes you make to this file will be overwritten the next time +; puppet runs, please make configuration changes to this service in puppet + +; Global configuration options +<%= 'pid = ' + real_pid %> +<%- %w{chroot setuid setgid service compression}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +; Some performance tunings +<% if socket.is_a? String -%> +<%= 'socket = ' + socket %> +<% elsif socket.is_a? Array -%> +<%= socket.map { |i| "socket = #{i}" }. join("\n") %> +<% end -%> + +<%- %w{debug output syslog}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +<%= 'EGD = ' + EGD if EGD %> +<%= 'engine = ' + engine if engine %> +<%= 'engineCtrl = ' + engineCtrl if engineCtrl %> + +<%= 'RNDbytes = ' + RNDbytes if RNDbytes %> +<%= 'RNDfile = ' + RNDfile if RNDfile %> +<%= 'RNDoverwrite = ' + RNDoverwrite if RNDoverwrite %> + +<%- %w{EGD engine engineCtrl RNDbytes RNDfile RNDoverwrite}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + " = " + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +; Service-level configuration +<%= '[' + name + ']' %> +<%- %w{accept CApath CAfile cert ciphers connect CRLpath CRLfile delay engineNum exec + execargs failover ident key local OSCP OCSPflag options protocol protocolAuthentication + protocolHost protocolPassword protocolUsername pty retry session sslVersion stack + TIMEOUTbusy TIMEOUTclose TIMEOUTconnect TIMEOUTidle transparent verify}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> +<%= 'client = ' + client ? 'yes' : 'no' %> + -- cgit v1.2.3