projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
eximconf: more RBLs for the default set
[mirror/dsa-puppet.git]
/
modules
/
stunnel4
/
templates
/
stunnel.conf.erb
diff --git
a/modules/stunnel4/templates/stunnel.conf.erb
b/modules/stunnel4/templates/stunnel.conf.erb
index
b4d5448
..
7cf1a6f
100644
(file)
--- a/
modules/stunnel4/templates/stunnel.conf.erb
+++ b/
modules/stunnel4/templates/stunnel.conf.erb
@@
-3,9
+3,9
@@
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
-<%- if client -%>
+<%- if
@
client -%>
cert = /etc/ssl/debian/certs/thishost.crt
cert = /etc/ssl/debian/certs/thishost.crt
-key = /etc/ssl/
debian/keys
/thishost.key
+key = /etc/ssl/
private
/thishost.key
<%- else -%>
cert = /etc/exim4/ssl/thishost.crt
key = /etc/exim4/ssl/thishost.key
<%- else -%>
cert = /etc/exim4/ssl/thishost.crt
key = /etc/exim4/ssl/thishost.key
@@
-16,11
+16,11
@@
chroot = /var/run/stunnel4
setuid = stunnel4
setgid = stunnel4
; PID is created inside chroot jail
setuid = stunnel4
setgid = stunnel4
; PID is created inside chroot jail
-pid = /stunnel-<%= name %>.pid
+pid = /stunnel-<%=
@
name %>.pid
-verify = <%= verify %>
-CAfile = <%= cafile %>
-<%- if crlfile -%>
+verify = <%=
@
verify %>
+CAfile = <%=
@
cafile %>
+<%- if
@
crlfile -%>
CRLfile = /etc/exim4/ssl/ca.crl
<%- end -%>
CRLfile = /etc/exim4/ssl/ca.crl
<%- end -%>
@@
-29,13
+29,16
@@
debug = notice
; don't use a file, use syslog
; output = /var/log/stunnel4/stunnel.log
; don't use a file, use syslog
; output = /var/log/stunnel4/stunnel.log
-client = <%= client ? "yes" : "no" %>
+client = <%=
@
client ? "yes" : "no" %>
-[<%= name %>-server]
-accept = <%= accept =~ /:/ ? accept : ":::#{accept}" %>
-connect = <%= connect %>
-<%- if local -%>
-local = <%= local %>
+socket = a:SO_LINGER=1:60
+socket = a:SO_KEEPALIVE=1
+
+[<%= @name %>-server]
+accept = <%= @accept =~ /:/ ? @accept : ":::#{@accept}" %>
+connect = <%= @connect %>
+<%- if @local -%>
+local = <%= @local %>
<%- end -%>
; vim:ft=dosini
<%- end -%>
; vim:ft=dosini