3 ssl::service { 'www.debian.org':
6 ssl::service { 'sip-ws.debian.org':
9 concat { '/etc/repro/www.debian.org-chained.crt':
11 concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt':
12 target => '/etc/repro/www.debian.org-chained.crt',
13 source => 'file:///etc/ssl/debian/certs/www.debian.org.crt',
15 require => File['/etc/ssl/debian/certs/www.debian.org.crt'],
17 concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt-chain':
18 target => '/etc/repro/www.debian.org-chained.crt',
19 source => 'file:///etc/ssl/debian/certs/www.debian.org.crt-chain',
21 require => File['/etc/ssl/debian/certs/www.debian.org.crt-chain'],
24 concat { '/etc/repro/sip-ws.debian.org-chained.crt':
26 concat::fragment { '/etc/ssl/debian/certs/sip-ws.debian.org.crt':
27 target => '/etc/repro/sip-ws.debian.org-chained.crt',
28 source => 'file:///etc/ssl/debian/certs/sip-ws.debian.org.crt',
30 require => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt'],
32 concat::fragment { '/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain':
33 target => '/etc/repro/sip-ws.debian.org-chained.crt',
34 source => 'file:///etc/ssl/debian/certs/sip-ws.debian.org.crt-chain',
36 require => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain'],
39 @ferm::rule { 'dsa-sip-ws-ip4':
41 description => 'SIP connections (WebSocket; for WebRTC)',
42 rule => 'proto tcp dport (443) ACCEPT'
44 @ferm::rule { 'dsa-sip-ws-ip6':
46 description => 'SIP connections (WebSocket; for WebRTC)',
47 rule => 'proto tcp dport (443) ACCEPT'
49 @ferm::rule { 'dsa-sip-tls-ip4':
51 description => 'SIP connections (TLS)',
52 rule => 'proto tcp dport (5061) ACCEPT'
54 @ferm::rule { 'dsa-sip-tls-ip6':
56 description => 'SIP connections (TLS)',
57 rule => 'proto tcp dport (5061) ACCEPT'
59 @ferm::rule { 'dsa-turn-ip4':
61 description => 'TURN connections',
62 rule => 'proto udp dport (3478) ACCEPT'
64 @ferm::rule { 'dsa-turn-ip6':
66 description => 'TURN connections',
67 rule => 'proto udp dport (3478) ACCEPT'
69 @ferm::rule { 'dsa-turn-tls-ip4':
71 description => 'TURN connections (TLS)',
72 rule => 'proto tcp dport (5349) ACCEPT'
74 @ferm::rule { 'dsa-turn-tls-ip6':
76 description => 'TURN connections (TLS)',
77 rule => 'proto tcp dport (5349) ACCEPT'
79 @ferm::rule { 'dsa-rtp-ip4':
81 description => 'RTP streams',
82 rule => 'proto udp dport (49152:65535) ACCEPT'
84 @ferm::rule { 'dsa-rtp-ip6':
86 description => 'RTP streams',
87 rule => 'proto udp dport (49152:65535) ACCEPT'
90 file { '/etc/monit/monit.d/50rtc':
91 source => 'puppet:///modules/roles/rtc/monit',