14 $fname_real = "/etc/rsyncd-${name}.conf"
17 default: { fail ( "Invald ensure `${ensure}' for ${name}" ) }
20 if ($source and $content) {
21 fail ( "Can't define both source and content for ${name}" )
35 fail ( "Can't find config for ${name}" )
38 xinetd::service { "rsync-${name}":
40 id => "${name}-rsync",
41 server => '/usr/bin/rsync',
43 server_args => "--daemon --config=${fname_real}",
45 instances => $max_clients,
46 require => File[$fname_real]
51 fail("Cannot listen on * and a specific ipv6 address")
53 xinetd::service { "rsync-${name}6":
55 id => "${name}-rsync6",
56 server => '/usr/bin/rsync',
58 server_args => "--daemon --config=${fname_real}",
60 instances => $max_clients,
61 require => File[$fname_real]
66 file { "/etc/rsyncd-${name}-stunnel.conf":
67 content => template('rsync/rsyncd-stunnel.conf.erb'),
68 require => File["/etc/ssl/debian/certs/${sslname}.crt-chained"],
70 @ferm::rule { "rsync-${name}-ssl":
72 description => 'Allow rsync access',
73 rule => "&SERVICE(tcp, $sslport)",
75 xinetd::service { "rsync-${name}-ssl":
77 id => "rsync-${name}-ssl",
78 server => '/usr/bin/stunnel4',
79 server_args => "/etc/rsyncd-${name}-stunnel.conf",
80 service => "rsync-ssl",
84 instances => $max_clients,
85 require => File["/etc/rsyncd-${name}-stunnel.conf"],
88 xinetd::service { "rsync-${name}-ssl6":
90 id => "rsync-${name}-ssl6",
91 server => '/usr/bin/stunnel4',
92 server_args => "/etc/rsyncd-${name}-stunnel.conf",
93 service => "rsync-ssl",
97 instances => $max_clients,
98 require => File["/etc/rsyncd-${name}-stunnel.conf"],
102 dnsextras::tlsa_record{ "tlsa-${sslname}-${sslport}":
103 zone => 'debian.org',
104 certfile => [ "/etc/puppet/modules/ssl/files/servicecerts/${sslname}.crt", "/etc/puppet/modules/ssl/files/from-letsencrypt/${sslname}.crt" ],
106 hostname => "$sslname",
110 Service['rsync']->Service['xinetd']