projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
template within template? better not
[mirror/dsa-puppet.git] / modules / entropykey / manifests / init.pp
diff --git a/modules/entropykey/manifests/init.pp b/modules/entropykey/manifests/init.pp
index 13de3e4..8f91cf5 100644 (file)
--- a/modules/entropykey/manifests/init.pp
+++ b/modules/entropykey/manifests/init.pp
@@ -8,7 +8,13 @@ class entropykey::provider {
             source => "puppet:///modules/entropykey/ekeyd.conf",
             notify  => Exec['restart_ekeyd'],
             require => [ Package['ekeyd'] ],
-        ;
+            ;
+        # our CRL expires after a while (2 or 4 weeks?), so we have
+        # to restart stunnel so it loads the new CRL.
+        "/etc/cron.weekly/stunnel-ekey-restart":
+            content =>  "#!/bin/sh\n# This file is under puppet control\nenv -i /etc/init.d/stunnel4 restart puppet-ekeyd > /dev/null\n",
+            mode => "555",
+            ;
     }
 
     exec {
Unnamed repository; edit this file 'description' to name the repository.