path: root/templates/client.conf.erb

; templated stunnel configuration file to be used by puppet stunnel module
; NOTE: any changes you make to this file will be overwritten the next time 
; puppet runs, please make configuration changes to this service in puppet

; Global configuration options
<%= 'pid = ' + real_pid %>
<%- %w{chroot setuid setgid service compression}.each do |v|
    if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%>
<%= v + " = " + instance_variable_get("@#{v}").to_s %>
<%-
	end
end -%>

; Some performance tunings
<% if socket.is_a? String -%>
<%= 'socket = ' + socket %>
<% elsif socket.is_a? Array -%>
<%= socket.map { |i| "socket = #{i}" }. join("\n") %>
<% end -%>

<%- %w{debug output syslog}.each do |v|
    if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%>
<%= v + " = " + instance_variable_get("@#{v}").to_s %>
<%-
	end
end -%>

<%= 'EGD = ' + EGD if EGD %>
<%= 'engine = ' + engine if engine %>
<%= 'engineCtrl = ' + engineCtrl if engineCtrl %>

<%= 'RNDbytes = ' + RNDbytes if RNDbytes %>
<%= 'RNDfile = ' + RNDfile if RNDfile %>
<%= 'RNDoverwrite = ' + RNDoverwrite if RNDoverwrite %>

<%- %w{EGD engine engineCtrl RNDbytes RNDfile RNDoverwrite}.each do |v|
    if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%>
<%= v + " = " + instance_variable_get("@#{v}").to_s %>
<%-
	end
end -%>

; Service-level configuration
<%= '[' + name + ']' %>
<%- %w{accept CApath CAfile cert ciphers connect CRLpath CRLfile delay engineNum exec 
       execargs failover ident key local OSCP OCSPflag options protocol protocolAuthentication
       protocolHost protocolPassword protocolUsername pty retry session sslVersion stack 
       TIMEOUTbusy TIMEOUTclose TIMEOUTconnect TIMEOUTidle transparent verify}.each do |v|
    if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%>
<%= v + ' = ' + instance_variable_get("@#{v}").to_s %>
<%-
    end
end -%>
<%= 'client = ' + client ? 'yes' : 'no' %>