1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
define stunnel::service (
$ensure = present,
$accept = false,
$capath = false,
$cafile = false,
$cert = false,
$chroot = false,
$ciphers = false,
$client = false,
$compress = false,
$connect = false,
$crlpath = false,
$crlfile = false,
$debuglevel = false,
$delay = false,
$egd = false,
$engine = false,
$engineCtrl = false,
$enginenum = false,
$exec = false,
$execargs = false,
$failover = false,
$ident = false,
$key = false,
$local = false,
$oscp = false,
$ocspflag = false,
$options = false,
$output = false,
$pid = false,
$protocol = false,
$protocolauthentication = false,
$protocolhost = false,
$protocolpassword = false,
$protocolusername = false,
$pty = false,
$retry = false,
$rndbytes = false,
$rndfile = false,
$rndoverwrite = false,
$service = false,
$session = false,
$setuid = "stunnel4",
$setgid = "stunnel4",
$socket = [ "l:TCP_NODELAY=1", "r:TCP_NODELAY=1"],
$sslversion = "SSLv3",
$stack = false,
$syslog = false,
$timeoutbusy = false,
$timeoutclose = false,
$timeoutconnect = false,
$timeoutidle = false,
$transparent = false,
$verify = false
) {
$real_client = $client ? { default => "yes" }
$real_pid = $pid ? { false => "/${name}.pid", default => $pid }
file { "/etc/stunnel/${name}.conf":
ensure => $ensure,
content => template('stunnel/service.conf.erb'),
require => File["/etc/stunnel"],
notify => Service[stunnel],
owner => root, group => 0, mode => 0600;
}
}
|
