# our CRL expires after a while (2 or 4 weeks?), so we have
# to restart stunnel so it loads the new CRL.
file { '/etc/cron.weekly/stunnel-ekey-restart':
- content => '#!/bin/sh\n# This file is under puppet control\nenv -i /etc/init.d/stunnel4 restart puppet-ekeyd > /dev/null\n',
+ content => @("EOF"),
+ #!/bin/sh
+ # This file is under puppet control
+ # weekly restart of stunnel so it learns about the new CRL
+ env -i chronic /etc/init.d/stunnel4 restart puppet-ekeyd
+ | EOF
mode => '0555',
}
service { 'ekeyd':
ensure => running,
- require => File['/etc/entropykey/ekeyd.conf'],
+ require => [
+ File['/etc/entropykey/ekeyd.conf'],
+ Package['ekeyd']
+ ]
}
- stunnel4::stunnel_server { 'ekeyd':
+ stunnel4::server { 'ekeyd':
accept => 18888,
connect => '127.0.0.1:8888',
}