define stunnel::service (
  $ensure = present,
  $accept = false,
  $capath = false,
  $cafile = false,
  $cert = false,
  $chroot = false,
  $ciphers = false,
  $client = false,
  $compress = false,
  $connect = false,
  $crlpath = false,
  $crlfile = false,
  $debuglevel = false,
  $delay = false,
  $egd = false,
  $engine = false,
  $engineCtrl = false,
  $enginenum = false,
  $exec = false,
  $execargs = false,
  $failover = false,
  $ident = false,
  $key = false,
  $local = false,
  $oscp = false,
  $ocspflag = false,
  $options = false,
  $output = false,
  $pid = false,
  $protocol = false,
  $protocolauthentication = false,
  $protocolhost = false,
  $protocolpassword = false,
  $protocolusername = false,
  $pty = false,
  $retry = false,
  $rndbytes = false,
  $rndfile = false,
  $rndoverwrite = false,
  $service = false,
  $session = false,
  $setuid = "stunnel4",
  $setgid = "stunnel4",
  $socket = [ "l:TCP_NODELAY=1", "r:TCP_NODELAY=1"],
  $sslversion = "SSLv3",
  $stack = false,
  $syslog = false,
  $timeoutbusy = false,
  $timeoutclose = false,
  $timeoutconnect = false,
  $timeoutidle = false,
  $transparent = false,
  $verify = false
) {

  $real_client = $client ? { default => "yes" }
  $real_pid = $pid ? { false => "/${name}.pid", default => $pid }
                    
  file { "/etc/stunnel/${name}.conf":
    ensure => $ensure,
    content => template('stunnel/service.conf.erb'), 
    require => File["/etc/stunnel"],
    notify => Service[stunnel],
    owner => root, group => 0, mode => 0600;
  }
}