default => 'unknown'
}
- rsync::site { 'syncproxy':
- content => template('roles/syncproxy/rsyncd.conf.erb'),
- bind => $bind,
- bind6 => $bind6,
- }
-
file { '/etc/rsyncd':
ensure => 'directory'
}
if $::apache2 and $syncproxy_name != 'unknown' {
include apache2::ssl
- ssl::service { "$syncproxy_name": notify => Service['apache2'], key => true, }
+ ssl::service { "$syncproxy_name":
+ notify => Service['apache2'],
+ key => true,
+ }
apache2::site { '010-syncproxy.debian.org':
site => 'syncproxy.debian.org',
content => template('roles/syncproxy/syncproxy.debian.org-apache.erb')
content => template('roles/syncproxy/syncproxy.debian.org-index.html.erb')
}
- file { '/etc/rsyncd-syncproxy-stunnel.conf':
- content => template('roles/syncproxy/rsyncd-syncproxy-stunnel.conf.erb')
- }
- xinetd::service { "rsync-syncproxy-ssl":
- bind => $bind,
- id => "syncproxy-rsync-ssl",
- server => '/usr/bin/stunnel4',
- service => 'rsync-ssl',
- type => 'UNLISTED',
- port => '1873',
- server_args => "/etc/rsyncd-syncproxy-stunnel.conf",
- ferm => false,
- instances => 50,
- require => File["/etc/rsyncd-syncproxy-stunnel.conf"],
+ rsync::site { 'syncproxy':
+ content => template('roles/syncproxy/rsyncd.conf.erb'),
+ bind => $bind,
+ bind6 => $bind6,
+ sslname => "$syncproxy_name",
}
-
- if $bind6 != '' {
- xinetd::service { "rsync-syncproxy-ssl6":
- bind => $bind6,
- id => "syncproxy-rsync-ssl",
- server => '/usr/bin/stunnel4',
- service => 'rsync-ssl',
- type => 'UNLISTED',
- port => '1873',
- server_args => "/etc/rsyncd-syncproxy-stunnel.conf",
- ferm => false,
- instances => 50,
- require => File["/etc/rsyncd-syncproxy-stunnel.conf"],
- }
- }
-
- @ferm::rule { "dsa-rsync-ssl":
- domain => '(ip ip6)',
- description => "Allow traffic to rsync ssl",
- rule => "&SERVICE(tcp, 1873)"
+ } else {
+ rsync::site { 'syncproxy':
+ content => template('roles/syncproxy/rsyncd.conf.erb'),
+ bind => $bind,
+ bind6 => $bind6,
}
}
}
projects / mirror / dsa-puppet.git / blobdiff