16 $fname_real = "/etc/rsyncd-${name}.conf"
22 default: { fail ( "Invald ensure `${ensure}' for ${name}" ) }
25 if ($source and $content) {
26 fail ( "Can't define both source and content for ${name}" )
40 fail ( "Can't find config for ${name}" )
43 xinetd::service { "rsync-${name}":
45 id => "${name}-rsync",
46 server => '/usr/bin/rsync',
48 server_args => "--daemon --config=${fname_real}",
50 instances => $max_clients,
51 require => File[$fname_real]
56 fail("Cannot listen on * and a specific ipv6 address")
58 xinetd::service { "rsync-${name}6":
60 id => "${name}-rsync6",
61 server => '/usr/bin/rsync',
63 server_args => "--daemon --config=${fname_real}",
65 instances => $max_clients,
66 require => File[$fname_real]
71 file { "/etc/rsyncd-${name}-stunnel.conf":
72 content => template('rsync/rsyncd-stunnel.conf.erb'),
73 require => File["/etc/ssl/debian/certs/${sslname}.crt-chained"],
75 @ferm::rule { "rsync-${name}-ssl":
77 description => 'Allow rsync access',
78 rule => "&SERVICE(tcp, $sslport)",
80 xinetd::service { "rsync-${name}-ssl":
82 id => "rsync-${name}-ssl",
83 server => '/usr/bin/stunnel4',
84 server_args => "/etc/rsyncd-${name}-stunnel.conf",
85 service => "rsync-ssl",
89 instances => $max_clients,
90 require => File["/etc/rsyncd-${name}-stunnel.conf"],
93 xinetd::service { "rsync-${name}-ssl6":
95 id => "rsync-${name}-ssl6",
96 server => '/usr/bin/stunnel4',
97 server_args => "/etc/rsyncd-${name}-stunnel.conf",
98 service => "rsync-ssl",
102 instances => $max_clients,
103 require => File["/etc/rsyncd-${name}-stunnel.conf"],
107 dnsextras::tlsa_record{ "tlsa-${sslname}-${sslport}":
108 zone => 'debian.org',
109 certfile => [ "/etc/puppet/modules/ssl/files/servicecerts/${sslname}.crt", "/etc/puppet/modules/ssl/files/from-letsencrypt/${sslname}.crt" ],
111 hostname => "$sslname",
115 Service['rsync']->Service['xinetd']