file { '/srv/www/syncproxy.debian.org/htdocs/index.html':
content => template('roles/syncproxy/syncproxy.debian.org-index.html.erb')
}
+
+ file { '/etc/rsyncd-syncproxy-stunnel.conf':
+ content => template('roles/syncproxy/rsyncd-syncproxy-stunnel.conf.erb')
+ }
+ xinetd::service { "rsync-syncproxy-ssl":
+ bind => $bind,
+ id => "syncproxy-rsync-ssl",
+ server => '/usr/bin/stunnel4',
+ service => 'rsync-ssl',
+ type => 'UNLISTED',
+ port => '1873',
+ server_args => "/etc/rsyncd-syncproxy-stunnel.conf",
+ ferm => false,
+ instances => 50,
+ require => File["/etc/rsyncd-syncproxy-stunnel.conf"],
+ }
+
+ if $bind6 != '' {
+ xinetd::service { "rsync-syncproxy-ssl6":
+ bind => $bind6,
+ id => "syncproxy-rsync-ssl",
+ server => '/usr/bin/stunnel4',
+ service => 'rsync-ssl',
+ type => 'UNLISTED',
+ port => '1873',
+ server_args => "/etc/rsyncd-syncproxy-stunnel.conf",
+ ferm => false,
+ instances => 50,
+ require => File["/etc/rsyncd-syncproxy-stunnel.conf"],
+ }
+ }
+
+ @ferm::rule { "dsa-rsync-ssl":
+ domain => '(ip ip6)',
+ description => "Allow traffic to rsync ssl",
+ rule => "&SERVICE(tcp, 1873)"
+ }
}
}
projects / mirror / dsa-puppet.git / blobdiff